urlscan.io logo urlscan.io
SecurityTrails logo

www.heraldsun.com.au Open in urlscan Pro
23.202.168.183  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.knoxleader.com.au//
Effective URL: https://www.heraldsun.com.au/leader/outer-east?nk=351c958114b7447c954c1d04cd30a0ed-1719079233
Submission: On June 22 via api from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 117 IPs in 7 countries across 75 domains to perform 459 HTTP transactions. The main IP is 23.202.168.183, located in Sydney, Australia and belongs to AKAMAI-AS, US. The main domain is www.heraldsun.com.au. The Cisco Umbrella rank of the primary domain is 734431.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on December 6th 2023. Valid for: a year.
This is the only time www.heraldsun.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 165.69.249.4 16509 (AMAZON-02)
4 73 23.202.168.183 16625 (AKAMAI-AS)
1 151.101.130.217 54113 (FASTLY)
1 52.95.129.122 16509 (AMAZON-02)
3 104.18.24.111 13335 (CLOUDFLAR...)
3 23.202.170.44 16625 (AKAMAI-AS)
2 23.202.170.229 16625 (AKAMAI-AS)
6 18.67.93.53 16509 (AMAZON-02)
2 18.65.244.94 16509 (AMAZON-02)
11 18.244.214.42 16509 (AMAZON-02)
1 23.202.169.3 16625 (AKAMAI-AS)
1 6 142.250.76.102 15169 (GOOGLE)
1 4 204.79.197.237 8068 (MICROSOFT...)
2 157.240.8.23 32934 (FACEBOOK)
2 18.65.244.42 16509 (AMAZON-02)
2 34.194.73.13 14618 (AMAZON-AES)
2 151.101.65.175 54113 (FASTLY)
1 172.67.38.106 13335 (CLOUDFLAR...)
1 23.202.168.24 16625 (AKAMAI-AS)
14 172.217.167.66 15169 (GOOGLE)
3 108.158.21.125 16509 (AMAZON-02)
1 108.158.20.73 16509 (AMAZON-02)
2 172.67.69.191 13335 (CLOUDFLAR...)
2 151.101.28.157 54113 (FASTLY)
1 104.99.59.34 20940 (AKAMAI-ASN1)
1 18.65.248.189 16509 (AMAZON-02)
2 108.158.32.100 16509 (AMAZON-02)
2 23.48.96.232 20940 (AKAMAI-ASN1)
2 104.19.148.8 13335 (CLOUDFLAR...)
2 151.101.65.140 54113 (FASTLY)
3 3.25.27.9 16509 (AMAZON-02)
5 142.250.66.206 15169 (GOOGLE)
1 18.65.244.78 16509 (AMAZON-02)
1 108.158.32.72 16509 (AMAZON-02)
1 151.101.65.229 54113 (FASTLY)
4 162.19.138.119 16276 (OVH)
1 34.149.26.226 396982 (GOOGLE-CL...)
17 142.251.221.66 15169 (GOOGLE)
8 142.250.66.194 15169 (GOOGLE)
4 13.35.147.66 16509 (AMAZON-02)
2 18.155.192.52 16509 (AMAZON-02)
2 117.18.232.195 15133 (EDGECAST)
2 104.244.42.131 13414 (TWITTER)
2 13.107.246.31 8075 (MICROSOFT...)
4 157.240.8.35 32934 (FACEBOOK)
1 108.158.35.170 16509 (AMAZON-02)
1 143.244.62.6 60068 (CDN77 _)
2 23.202.169.82 16625 (AKAMAI-AS)
4 69.173.158.65 26667 (RUBICONPR...)
2 7 103.43.90.179 29990 (ASN-APPNEX)
2 34.102.253.54 396982 (GOOGLE-CL...)
1 207.65.33.78 62713 (AS-PUBMATIC)
1 172.64.151.101 13335 (CLOUDFLAR...)
1 182.161.73.145 55569 (CRITEO-AS...)
2 13.215.133.30 16509 (AMAZON-02)
1 23.202.168.6 16625 (AKAMAI-AS)
11 13.239.71.82 16509 (AMAZON-02)
1 54.169.230.26 16509 (AMAZON-02)
1 18.67.93.52 16509 (AMAZON-02)
1 23.221.20.194 16625 (AKAMAI-AS)
3 13.107.42.14 8068 (MICROSOFT...)
6 3.219.253.44 14618 (AMAZON-AES)
1 151.101.129.140 54113 (FASTLY)
1 151.101.193.140 54113 (FASTLY)
1 108.158.32.127 16509 (AMAZON-02)
3 18.214.152.138 14618 (AMAZON-AES)
1 2 52.46.128.147 16509 (AMAZON-02)
7 23.202.168.218 16625 (AKAMAI-AS)
2 108.158.14.99 16509 (AMAZON-02)
3 6 142.250.204.6 15169 (GOOGLE)
1 142.250.204.8 15169 (GOOGLE)
1 151.101.1.108 54113 (FASTLY)
1 52.76.196.116 16509 (AMAZON-02)
3 20.114.189.135 8075 (MICROSOFT...)
1 3.77.62.68 16509 (AMAZON-02)
1 54.174.127.4 14618 (AMAZON-AES)
1 63.140.39.117 14618 (AMAZON-AES)
1 1 54.169.185.174 16509 (AMAZON-02)
1 34.49.241.189 396982 (GOOGLE-CL...)
2 142.250.76.98 15169 (GOOGLE)
1 74.125.24.156 15169 (GOOGLE)
1 141.95.33.120 16276 (OVH)
2 4 35.71.131.137 16509 (AMAZON-02)
1 142.250.71.65 15169 (GOOGLE)
2 182.161.73.129 55569 (CRITEO-AS...)
1 3.105.193.112 16509 (AMAZON-02)
1 108.158.20.97 16509 (AMAZON-02)
2 18.67.175.108 16509 (AMAZON-02)
1 23.202.170.74 16625 (AKAMAI-AS)
1 172.64.149.180 13335 (CLOUDFLAR...)
1 23.202.169.80 16625 (AKAMAI-AS)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 3.1.236.181 16509 (AMAZON-02)
3 172.217.167.100 15169 (GOOGLE)
2 142.250.71.67 15169 (GOOGLE)
2 51.75.92.250 16276 (OVH)
2 51.75.92.37 16276 (OVH)
3 51.75.95.152 16276 (OVH)
3 51.75.92.187 16276 (OVH)
2 51.75.89.127 16276 (OVH)
1 51.75.88.190 16276 (OVH)
1 51.75.93.98 16276 (OVH)
1 51.75.89.188 16276 (OVH)
1 51.75.88.178 16276 (OVH)
15 142.250.204.1 15169 (GOOGLE)
1 3.105.186.250 16509 (AMAZON-02)
2 142.250.66.226 15169 (GOOGLE)
1 63.140.39.130 14618 (AMAZON-AES)
18 108.158.32.28 16509 (AMAZON-02)
34 108.158.32.26 16509 (AMAZON-02)
6 18.67.93.29 16509 (AMAZON-02)
33 3.94.71.247 14618 (AMAZON-AES)
1 142.251.221.70 15169 (GOOGLE)
1 63.140.39.248 14618 (AMAZON-AES)
9 23.202.170.204 16625 (AKAMAI-AS)
7 18.67.93.116 16509 (AMAZON-02)
1 2 52.231.230.148 8075 (MICROSOFT...)
1 182.161.73.136 55569 (CRITEO-AS...)
1 35.241.45.82 15169 (GOOGLE)
459 117
1    165.69.249.4 (Australia)

ASN16509 (AMAZON-02, US)
PTR: ip-165.69.249.4.news.com.au
www.knoxleader.com.au
73    23.202.168.183 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-202-168-183.deploy.static.akamaitechnologies.com
www.heraldsun.com.au
tags.news.com.au
resourcesssl.newscdn.com.au
content.api.news
mhr.talk.news.com.au
client.api.news
1    151.101.130.217 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.speedcurve.com
1    52.95.129.122 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-southeast-2.amazonaws.com
news-networkeditorial.s3-ap-southeast-2.amazonaws.com
3    104.18.24.111 (None, )

ASN13335 (CLOUDFLARENET, US)
bedsberry.com
3    23.202.170.44 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-202-170-44.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
2    23.202.170.229 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-202-170-229.deploy.static.akamaitechnologies.com
login.newscorpaustralia.com
subscriptions.heraldsun.com.au
6    18.67.93.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-53.syd62.r.cloudfront.net
tags.tiqcdn.com
2    18.65.244.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-244-94.syd3.r.cloudfront.net
assets.vidora.com
11    18.244.214.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-214-42.sfo53.r.cloudfront.net
static.adsafeprotected.com
1    23.202.169.3 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-202-169-3.deploy.static.akamaitechnologies.com
cdn.optimizely.com
6    142.250.76.102 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f6.1e100.net
ad.doubleclick.net
4    204.79.197.237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
2    157.240.8.23 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-syd2.fbcdn.net
connect.facebook.net
2    18.65.244.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-244-42.syd3.r.cloudfront.net
au.tags.newscgp.com
ncg.tags.news.com.au
2    34.194.73.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-73-13.compute-1.amazonaws.com
pixel.zprk.io
2    151.101.65.175 (San Francisco, United States)

ASN54113 (FASTLY, US)
nebula-cdn.kampyle.com
1    172.67.38.106 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    23.202.168.24 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-202-168-24.deploy.static.akamaitechnologies.com
cdn1.adoberesources.net
14    172.217.167.66 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f2.1e100.net
securepubads.g.doubleclick.net
3    108.158.21.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-21-125.syd62.r.cloudfront.net
c.amazon-adsystem.com
1    108.158.20.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-20-73.syd62.r.cloudfront.net
ats-wrapper.privacymanager.io
2    172.67.69.191 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.brandmetrics.com
2    151.101.28.157 (San Francisco, United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    104.99.59.34 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-99-59-34.deploy.static.akamaitechnologies.com
snap.licdn.com
1    18.65.248.189 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-248-189.syd3.r.cloudfront.net
static.chartbeat.com
2    108.158.32.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-100.syd3.r.cloudfront.net
cdn-gl.imrworldwide.com
2    23.48.96.232 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-96-232.deploy.static.akamaitechnologies.com
secure-ds.serving-sys.com
2    104.19.148.8 (None, )

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
2    151.101.65.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
3    3.25.27.9 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-25-27-9.ap-southeast-2.compute.amazonaws.com
au.pixel.newscgp.com
5    142.250.66.206 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f14.1e100.net
news.google.com
1    18.65.244.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-244-78.syd3.r.cloudfront.net
cdn.adsafeprotected.com
1    108.158.32.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-72.syd3.r.cloudfront.net
config.aps.amazon-adsystem.com
1    151.101.65.229 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
4    162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
id5-sync.com
1    34.149.26.226 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 226.26.149.34.bc.googleusercontent.com
api.rlcdn.com
17    142.251.221.66 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f2.1e100.net
pagead2.googlesyndication.com
8    142.250.66.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f2.1e100.net
googleads4.g.doubleclick.net
www.googleadservices.com
4    13.35.147.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-66.syd1.r.cloudfront.net
au-script.dotmetrics.net
2    18.155.192.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-192-52.sfo53.r.cloudfront.net
geo.privacymanager.io
2    117.18.232.195 (Australia)

ASN15133 (EDGECAST, US)
t.co
2    104.244.42.131 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
2    13.107.246.31 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
4    157.240.8.35 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-syd2.facebook.com
www.facebook.com
1    108.158.35.170 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-35-170.syd3.r.cloudfront.net
aax.amazon-adsystem.com
1    143.244.62.6 (Sydney, Australia)

ASN60068 (CDN77 _, GB)
PTR: 109632633.syd.cdn77.com
topics.authorizedvault.com
2    23.202.169.82 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-202-169-82.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
7    103.43.90.179 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
secure.adnxs.com
2    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    207.65.33.78 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    172.64.151.101 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
2    13.215.133.30 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-215-133-30.ap-southeast-1.compute.amazonaws.com
g2.gumgum.com
1    23.202.168.6 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-202-168-6.deploy.static.akamaitechnologies.com
a.teads.tv
11    13.239.71.82 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-239-71-82.ap-southeast-2.compute.amazonaws.com
pixel.adsafeprotected.com
1    54.169.230.26 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-169-230-26.ap-southeast-1.compute.amazonaws.com
bs.serving-sys.com
1    18.67.93.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-52.syd62.r.cloudfront.net
rm-script.dotmetrics.net
1    23.221.20.194 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-221-20-194.deploy.static.akamaitechnologies.com
a20352597942.cdn.optimizely.com
3    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
6    3.219.253.44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-253-44.compute-1.amazonaws.com
ping.chartbeat.net
1    151.101.129.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
pixel-config.reddit.com
1    151.101.193.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
alb.reddit.com
1    108.158.32.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-127.syd3.r.cloudfront.net
cdn-gl.imrworldwide.com
3    18.214.152.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-152-138.compute-1.amazonaws.com
dpm.demdex.net
2    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
7    23.202.168.218 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-202-168-218.deploy.static.akamaitechnologies.com
s.pinimg.com
ct.pinterest.com
2    108.158.14.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-14-99.syd62.r.cloudfront.net
js.adsrvr.org
6    142.250.204.6 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f6.1e100.net
8228261.fls.doubleclick.net
1    142.250.204.8 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f8.1e100.net
www.googletagmanager.com
1    151.101.1.108 (San Francisco, United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    52.76.196.116 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-196-116.ap-southeast-1.compute.amazonaws.com
pixel.mediaiqdigital.com
3    20.114.189.135 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
v.clarity.ms
1    3.77.62.68 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-77-62-68.eu-central-1.compute.amazonaws.com
lm.serving-sys.com
1    54.174.127.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-127-4.compute-1.amazonaws.com
newscorpau.demdex.net
1    63.140.39.117 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-39-117.data.adobedc.net
newscorpau.sc.omtrdc.net
1    54.169.185.174 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-169-185-174.ap-southeast-1.compute.amazonaws.com
cm.everesttech.net
1    34.49.241.189 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 189.241.49.34.bc.googleusercontent.com
logx.optimizely.com
2    142.250.76.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f2.1e100.net
googleads.g.doubleclick.net
1    74.125.24.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f156.1e100.net
bid.g.doubleclick.net
1    141.95.33.120 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203256.ip-141-95-33.eu
lb.eu-1-id5-sync.com
4    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
insight.adsrvr.org
match.adsrvr.org
1    142.250.71.65 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f1.1e100.net
8c4bca762e9251116806171d7fbf4fe1.safeframe.googlesyndication.com
2    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
1    3.105.193.112 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-105-193-112.ap-southeast-2.compute.amazonaws.com
secure-sdk.imrworldwide.com
1    108.158.20.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-20-97.syd62.r.cloudfront.net
check.analytics.rlcdn.com
2    18.67.175.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-175-108.cgk51.r.cloudfront.net
au.audience.newscgp.com
1    23.202.170.74 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-202-170-74.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    172.64.149.180 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
1    23.202.169.80 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-202-169-80.deploy.static.akamaitechnologies.com
acdn.adnxs.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, CY)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    3.1.236.181 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-1-236-181.ap-southeast-1.compute.amazonaws.com
usersync.gumgum.com
3    172.217.167.100 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f4.1e100.net
www.google.com
2    142.250.71.67 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f3.1e100.net
www.google.com.au
2    51.75.92.250 (Germany)

ASN16276 (OVH, FR)
c0.eu-3-id5-sync.com
c2.eu-3-id5-sync.com
2    51.75.92.37 (Germany)

ASN16276 (OVH, FR)
c1.eu-3-id5-sync.com
c5.eu-3-id5-sync.com
3    51.75.95.152 (Germany)

ASN16276 (OVH, FR)
c3.eu-3-id5-sync.com
c3.eu-4-id5-sync.com
c6.eu-4-id5-sync.com
3    51.75.92.187 (Germany)

ASN16276 (OVH, FR)
c4.eu-3-id5-sync.com
c7.eu-3-id5-sync.com
c0.eu-4-id5-sync.com
2    51.75.89.127 (Germany)

ASN16276 (OVH, FR)
c6.eu-3-id5-sync.com
c4.eu-4-id5-sync.com
1    51.75.88.190 (Germany)

ASN16276 (OVH, FR)
c1.eu-4-id5-sync.com
1    51.75.93.98 (Germany)

ASN16276 (OVH, FR)
c2.eu-4-id5-sync.com
1    51.75.89.188 (Germany)

ASN16276 (OVH, FR)
c5.eu-4-id5-sync.com
1    51.75.88.178 (Germany)

ASN16276 (OVH, FR)
c7.eu-4-id5-sync.com
15    142.250.204.1 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f1.1e100.net
tpc.googlesyndication.com
1    3.105.186.250 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-105-186-250.ap-southeast-2.compute.amazonaws.com
invoke.bonzai.co
2    142.250.66.226 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f2.1e100.net
www.googletagservices.com
1    63.140.39.130 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-39-130.data.adobedc.net
metrics.heraldsun.com.au
18    108.158.32.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-28.syd3.r.cloudfront.net
massets.bonzai.co
34    108.158.32.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-26.syd3.r.cloudfront.net
collector.bonzai.co
6    18.67.93.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-29.syd62.r.cloudfront.net
dcollector.bonzai.co
33    3.94.71.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-71-247.compute-1.amazonaws.com
dt.adsafeprotected.com
1    142.251.221.70 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f6.1e100.net
s0.2mdn.net
1    63.140.39.248 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-39-248.data.adobedc.net
edge.adobedc.net
9    23.202.170.204 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-202-170-204.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
7    18.67.93.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-116.syd62.r.cloudfront.net
s.bzcdn.co
2    52.231.230.148 (Busan, Korea, Republic Of)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
1    35.241.45.82 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com
udc-neb.kampyle.com
Apex Domain
Subdomains		 Transfer
59 bonzai.co
invoke.bonzai.co — Cisco Umbrella Rank: 381646
massets.bonzai.co — Cisco Umbrella Rank: 361223
collector.bonzai.co — Cisco Umbrella Rank: 364162
dcollector.bonzai.co — Cisco Umbrella Rank: 365265
1 MB
56 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 758
cdn.adsafeprotected.com — Cisco Umbrella Rank: 4944
pixel.adsafeprotected.com — Cisco Umbrella Rank: 748
dt.adsafeprotected.com — Cisco Umbrella Rank: 667
181 KB
33 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 137
8c4bca762e9251116806171d7fbf4fe1.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 177
235 KB
30 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 164
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 795
8228261.fls.doubleclick.net — Cisco Umbrella Rank: 250745
googleads.g.doubleclick.net — Cisco Umbrella Rank: 70
bid.g.doubleclick.net — Cisco Umbrella Rank: 1079
267 KB
25 api.news
content.api.news — Cisco Umbrella Rank: 93794
client.api.news — Cisco Umbrella Rank: 394239
287 KB
22 heraldsun.com.au
www.heraldsun.com.au — Cisco Umbrella Rank: 734431
subscriptions.heraldsun.com.au — Cisco Umbrella Rank: 921668
metrics.heraldsun.com.au
420 KB
15 newscdn.com.au
resourcesssl.newscdn.com.au — Cisco Umbrella Rank: 139509
89 KB
14 news.com.au
tags.news.com.au — Cisco Umbrella Rank: 107518
mhr.talk.news.com.au — Cisco Umbrella Rank: 939770
ncg.tags.news.com.au — Cisco Umbrella Rank: 231605
256 KB
9 moatads.com
z.moatads.com — Cisco Umbrella Rank: 882
px.moatads.com — Cisco Umbrella Rank: 669
111 KB
9 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 279
secure.adnxs.com — Cisco Umbrella Rank: 527
acdn.adnxs.com — Cisco Umbrella Rank: 632
15 KB
8 eu-4-id5-sync.com
c0.eu-4-id5-sync.com — Cisco Umbrella Rank: 411023
c1.eu-4-id5-sync.com — Cisco Umbrella Rank: 419875
c2.eu-4-id5-sync.com — Cisco Umbrella Rank: 418345
c3.eu-4-id5-sync.com — Cisco Umbrella Rank: 401026
c4.eu-4-id5-sync.com — Cisco Umbrella Rank: 416872
c5.eu-4-id5-sync.com — Cisco Umbrella Rank: 409532
c6.eu-4-id5-sync.com — Cisco Umbrella Rank: 406724
c7.eu-4-id5-sync.com — Cisco Umbrella Rank: 401027
2 KB
8 eu-3-id5-sync.com
c0.eu-3-id5-sync.com — Cisco Umbrella Rank: 423025
c1.eu-3-id5-sync.com — Cisco Umbrella Rank: 439517
c2.eu-3-id5-sync.com — Cisco Umbrella Rank: 427807
c3.eu-3-id5-sync.com — Cisco Umbrella Rank: 427808
c4.eu-3-id5-sync.com — Cisco Umbrella Rank: 426206
c5.eu-3-id5-sync.com — Cisco Umbrella Rank: 431171
c6.eu-3-id5-sync.com — Cisco Umbrella Rank: 431172
c7.eu-3-id5-sync.com — Cisco Umbrella Rank: 434488
2 KB
8 google.com
news.google.com — Cisco Umbrella Rank: 6227
www.google.com — Cisco Umbrella Rank: 5
68 KB
7 bzcdn.co
s.bzcdn.co — Cisco Umbrella Rank: 891443
139 KB
7 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 133
21 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 743
v.clarity.ms — Cisco Umbrella Rank: 7632
c.clarity.ms — Cisco Umbrella Rank: 1434
29 KB
7 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 357
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 746
aax.amazon-adsystem.com — Cisco Umbrella Rank: 494
s.amazon-adsystem.com — Cisco Umbrella Rank: 349
83 KB
6 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1585
insight.adsrvr.org — Cisco Umbrella Rank: 1062
match.adsrvr.org — Cisco Umbrella Rank: 405
6 KB
6 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1451
1 KB
6 newscgp.com
au.tags.newscgp.com — Cisco Umbrella Rank: 184522
au.pixel.newscgp.com — Cisco Umbrella Rank: 190275
au.audience.newscgp.com — Cisco Umbrella Rank: 168140
50 KB
6 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1313
32 KB
5 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 913
4 KB
5 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 579
eus.rubiconproject.com — Cisco Umbrella Rank: 648
4 KB
5 dotmetrics.net
au-script.dotmetrics.net — Cisco Umbrella Rank: 58735
rm-script.dotmetrics.net — Cisco Umbrella Rank: 6615
35 KB
5 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1098
id5-sync.com — Cisco Umbrella Rank: 570
31 KB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 242
newscorpau.demdex.net — Cisco Umbrella Rank: 172065
5 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
5 KB
4 serving-sys.com
secure-ds.serving-sys.com — Cisco Umbrella Rank: 3626
bs.serving-sys.com — Cisco Umbrella Rank: 2044
lm.serving-sys.com — Cisco Umbrella Rank: 3611
43 KB
4 imrworldwide.com
cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 4233
secure-sdk.imrworldwide.com — Cisco Umbrella Rank: 8396
63 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 361
c.bing.com — Cisco Umbrella Rank: 224
16 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 360
1 KB
3 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1854
usersync.gumgum.com — Cisco Umbrella Rank: 1840
3 KB
3 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 621
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 522
224 B
3 privacymanager.io
ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 2253
geo.privacymanager.io — Cisco Umbrella Rank: 2209
63 KB
3 kampyle.com
nebula-cdn.kampyle.com — Cisco Umbrella Rank: 5715
udc-neb.kampyle.com — Cisco Umbrella Rank: 2523
87 KB
3 optimizely.com
cdn.optimizely.com — Cisco Umbrella Rank: 805
a20352597942.cdn.optimizely.com — Cisco Umbrella Rank: 208860
logx.optimizely.com — Cisco Umbrella Rank: 1655
128 KB
3 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 2101
widget-pixels.outbrain.com — Cisco Umbrella Rank: 5115
90 KB
3 bedsberry.com
bedsberry.com — Cisco Umbrella Rank: 292151
25 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 324
32 KB
2 google.com.au
www.google.com.au — Cisco Umbrella Rank: 22611
128 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 585
921 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 757
30 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 1130
22 KB
2 reddit.com
pixel-config.reddit.com — Cisco Umbrella Rank: 2076
alb.reddit.com — Cisco Umbrella Rank: 1406
761 B
2 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 674
gum.criteo.com — Cisco Umbrella Rank: 493
227 B
2 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 20933
637 B
2 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 986
837 B
2 t.co
t.co — Cisco Umbrella Rank: 726
537 B
2 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 1168
check.analytics.rlcdn.com — Cisco Umbrella Rank: 4086
668 B
2 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1200
13 KB
2 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 3098
4 KB
2 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 905
15 KB
2 brandmetrics.com
cdn.brandmetrics.com — Cisco Umbrella Rank: 3201
23 KB
2 zprk.io
pixel.zprk.io — Cisco Umbrella Rank: 11750
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 204
73 KB
2 vidora.com
assets.vidora.com — Cisco Umbrella Rank: 121089
6 KB
1 adobedc.net
edge.adobedc.net — Cisco Umbrella Rank: 3447
816 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 356
92 KB
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 760
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1336
517 B
1 omtrdc.net
newscorpau.sc.omtrdc.net — Cisco Umbrella Rank: 189909
271 B
1 mediaiqdigital.com
pixel.mediaiqdigital.com — Cisco Umbrella Rank: 14693
58 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
82 KB
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 937 Failed
290 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1797
639 B
1 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 535
3 KB
1 authorizedvault.com
topics.authorizedvault.com — Cisco Umbrella Rank: 6953
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 381
1 KB
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1688
24 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 902
14 KB
1 adoberesources.net
cdn1.adoberesources.net — Cisco Umbrella Rank: 13581
20 KB
1 newscorpaustralia.com
login.newscorpaustralia.com — Cisco Umbrella Rank: 162227
1 amazonaws.com
news-networkeditorial.s3-ap-southeast-2.amazonaws.com
28 KB
1 speedcurve.com
cdn.speedcurve.com — Cisco Umbrella Rank: 7641
9 KB
1 knoxleader.com.au
www.knoxleader.com.au
273 B
459 75
Domain Requested by
34 collector.bonzai.co www.heraldsun.com.au
33 dt.adsafeprotected.com www.heraldsun.com.au
24 content.api.news www.heraldsun.com.au
20 www.heraldsun.com.au 3 redirects www.heraldsun.com.au
18 massets.bonzai.co invoke.bonzai.co
massets.bonzai.co
www.heraldsun.com.au
17 pagead2.googlesyndication.com ad.doubleclick.net
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
15 tpc.googlesyndication.com securepubads.g.doubleclick.net
ad.doubleclick.net
tpc.googlesyndication.com
15 resourcesssl.newscdn.com.au www.heraldsun.com.au
resourcesssl.newscdn.com.au
14 securepubads.g.doubleclick.net tags.tiqcdn.com
securepubads.g.doubleclick.net
www.heraldsun.com.au
pagead2.googlesyndication.com
12 tags.news.com.au 1 redirects www.heraldsun.com.au
tags.tiqcdn.com
au.tags.newscgp.com
11 pixel.adsafeprotected.com cdn.adsafeprotected.com
www.heraldsun.com.au
11 static.adsafeprotected.com www.heraldsun.com.au
pixel.adsafeprotected.com
8 px.moatads.com www.heraldsun.com.au
7 s.bzcdn.co www.heraldsun.com.au
massets.bonzai.co
s.bzcdn.co
7 www.googleadservices.com secure-ds.serving-sys.com
pagead2.googlesyndication.com
6 dcollector.bonzai.co www.heraldsun.com.au
6 8228261.fls.doubleclick.net 3 redirects www.heraldsun.com.au
6 ping.chartbeat.net www.heraldsun.com.au
6 ad.doubleclick.net 1 redirects tags.tiqcdn.com
www.heraldsun.com.au
www.googletagservices.com
ad.doubleclick.net
6 tags.tiqcdn.com www.heraldsun.com.au
tags.tiqcdn.com
5 ct.pinterest.com s.pinimg.com
5 news.google.com subscriptions.heraldsun.com.au
news.google.com
4 ib.adnxs.com 1 redirects tags.news.com.au
acdn.adnxs.com
www.heraldsun.com.au
4 fastlane.rubiconproject.com tags.news.com.au
4 www.facebook.com www.heraldsun.com.au
4 au-script.dotmetrics.net tags.news.com.au
www.heraldsun.com.au
au-script.dotmetrics.net
4 id5-sync.com tags.news.com.au
cdn.id5-sync.com
www.heraldsun.com.au
3 www.google.com www.heraldsun.com.au
securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 v.clarity.ms www.clarity.ms
3 secure.adnxs.com 1 redirects secure-ds.serving-sys.com
www.heraldsun.com.au
3 dpm.demdex.net tags.news.com.au
www.heraldsun.com.au
3 px.ads.linkedin.com snap.licdn.com
www.heraldsun.com.au
3 au.pixel.newscgp.com au.tags.newscgp.com
3 cdn-gl.imrworldwide.com tags.news.com.au
cdn-gl.imrworldwide.com
3 c.amazon-adsystem.com tags.tiqcdn.com
c.amazon-adsystem.com
3 bat.bing.com tags.tiqcdn.com
bat.bing.com
www.heraldsun.com.au
3 bedsberry.com www.heraldsun.com.au
bedsberry.com
2 c.clarity.ms 1 redirects
2 www.googletagservices.com securepubads.g.doubleclick.net
www.googletagservices.com
2 www.google.com.au www.heraldsun.com.au
2 creativecdn.com 2 redirects
2 au.audience.newscgp.com tags.tiqcdn.com
au.tags.newscgp.com
2 static.criteo.net tags.news.com.au
static.criteo.net
2 match.adsrvr.org js.adsrvr.org
2 insight.adsrvr.org 2 redirects
2 googleads.g.doubleclick.net www.googleadservices.com
www.googletagmanager.com
2 acdn.adnxs.com www.heraldsun.com.au
tags.news.com.au
2 js.adsrvr.org secure-ds.serving-sys.com
2 s.pinimg.com www.heraldsun.com.au
s.pinimg.com
2 s.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
2 g2.gumgum.com tags.news.com.au
2 ads.playground.xyz tags.news.com.au
www.heraldsun.com.au
2 ads.pubmatic.com tags.news.com.au
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 analytics.twitter.com www.heraldsun.com.au
2 t.co www.heraldsun.com.au
2 geo.privacymanager.io ats-wrapper.privacymanager.io
2 www.redditstatic.com tags.tiqcdn.com
www.redditstatic.com
2 script.crazyegg.com tags.tiqcdn.com
script.crazyegg.com
2 secure-ds.serving-sys.com tags.tiqcdn.com
secure-ds.serving-sys.com
2 static.ads-twitter.com tags.tiqcdn.com
www.heraldsun.com.au
2 cdn.brandmetrics.com tags.tiqcdn.com
cdn.brandmetrics.com
2 nebula-cdn.kampyle.com tags.tiqcdn.com
nebula-cdn.kampyle.com
2 pixel.zprk.io tags.tiqcdn.com
www.heraldsun.com.au
2 connect.facebook.net tags.tiqcdn.com
connect.facebook.net
2 assets.vidora.com www.heraldsun.com.au
assets.vidora.com
2 widgets.outbrain.com www.heraldsun.com.au
widgets.outbrain.com
1 udc-neb.kampyle.com
1 gum.criteo.com static.criteo.net
1 c.bing.com 1 redirects
1 z.moatads.com massets.bonzai.co
1 edge.adobedc.net cdn1.adoberesources.net
1 s0.2mdn.net www.heraldsun.com.au
1 metrics.heraldsun.com.au tags.news.com.au
1 invoke.bonzai.co www.heraldsun.com.au
1 c7.eu-4-id5-sync.com cdn.id5-sync.com
1 c6.eu-4-id5-sync.com cdn.id5-sync.com
1 c5.eu-4-id5-sync.com cdn.id5-sync.com
1 c4.eu-4-id5-sync.com cdn.id5-sync.com
1 c3.eu-4-id5-sync.com cdn.id5-sync.com
1 c2.eu-4-id5-sync.com cdn.id5-sync.com
1 c1.eu-4-id5-sync.com cdn.id5-sync.com
1 c0.eu-4-id5-sync.com cdn.id5-sync.com
1 c7.eu-3-id5-sync.com cdn.id5-sync.com
1 c6.eu-3-id5-sync.com cdn.id5-sync.com
1 c5.eu-3-id5-sync.com cdn.id5-sync.com
1 c4.eu-3-id5-sync.com cdn.id5-sync.com
1 c3.eu-3-id5-sync.com cdn.id5-sync.com
1 c2.eu-3-id5-sync.com cdn.id5-sync.com
1 c1.eu-3-id5-sync.com cdn.id5-sync.com
1 c0.eu-3-id5-sync.com cdn.id5-sync.com
1 usersync.gumgum.com tags.news.com.au
1 js-sec.indexww.com tags.news.com.au
1 eus.rubiconproject.com tags.news.com.au
1 check.analytics.rlcdn.com tags.news.com.au
1 secure-sdk.imrworldwide.com www.heraldsun.com.au
1 8c4bca762e9251116806171d7fbf4fe1.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 bid.g.doubleclick.net www.googleadservices.com
1 logx.optimizely.com cdn.optimizely.com
1 cm.everesttech.net 1 redirects
1 newscorpau.sc.omtrdc.net tags.news.com.au
1 newscorpau.demdex.net tags.news.com.au
1 lm.serving-sys.com secure-ds.serving-sys.com
1 pixel.mediaiqdigital.com www.heraldsun.com.au
1 www.googletagmanager.com secure-ds.serving-sys.com
1 lb.eu-1-id5-sync.com tags.news.com.au
cdn.id5-sync.com
1 alb.reddit.com www.heraldsun.com.au
1 pixel-config.reddit.com www.redditstatic.com
1 a20352597942.cdn.optimizely.com cdn.optimizely.com
1 rm-script.dotmetrics.net www.heraldsun.com.au
1 bs.serving-sys.com secure-ds.serving-sys.com
1 a.teads.tv tags.news.com.au
1 bidder.criteo.com tags.news.com.au
1 htlb.casalemedia.com tags.news.com.au
1 hbopenbid.pubmatic.com tags.news.com.au
1 topics.authorizedvault.com tags.news.com.au
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 googleads4.g.doubleclick.net ad.doubleclick.net
1 api.rlcdn.com tags.news.com.au
1 cdn.jsdelivr.net tags.news.com.au
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 cdn.adsafeprotected.com tags.news.com.au
1 ncg.tags.news.com.au au.tags.newscgp.com
1 static.chartbeat.com tags.tiqcdn.com
1 snap.licdn.com tags.tiqcdn.com
1 ats-wrapper.privacymanager.io tags.tiqcdn.com
1 cdn1.adoberesources.net tags.tiqcdn.com
1 cdn.id5-sync.com tags.tiqcdn.com
1 au.tags.newscgp.com tags.tiqcdn.com
1 cdn.optimizely.com tags.tiqcdn.com
1 subscriptions.heraldsun.com.au www.heraldsun.com.au
1 client.api.news resourcesssl.newscdn.com.au
1 login.newscorpaustralia.com www.heraldsun.com.au
1 mhr.talk.news.com.au www.heraldsun.com.au
1 widget-pixels.outbrain.com www.heraldsun.com.au
1 news-networkeditorial.s3-ap-southeast-2.amazonaws.com www.heraldsun.com.au
1 cdn.speedcurve.com www.heraldsun.com.au
1 www.knoxleader.com.au 1 redirects
459 138
Subject Issuer Validity Valid
news.com.au
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-06 -
2024-12-05		 a year crt.sh
*.speedcurve.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-01-21 -
2025-02-21		 a year crt.sh
*.s3-ap-southeast-2.amazonaws.com
Amazon RSA 2048 M01		 2024-05-10 -
2025-05-01		 a year crt.sh
bedsberry.com
E1		 2024-05-09 -
2024-08-07		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-14 -
2024-12-14		 a year crt.sh
tags.tiqcdn.com
Amazon RSA 2048 M02		 2024-03-19 -
2025-04-17		 a year crt.sh
*.vidora.com
Amazon RSA 2048 M03		 2023-12-12 -
2025-01-08		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2024-04-25 -
2025-05-24		 a year crt.sh
cdn.optimizely.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-01 -
2024-09-04		 a year crt.sh
*.doubleclick.net
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-06-19 -
2024-12-16		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-03-31 -
2024-06-29		 3 months crt.sh
au.tags.newscgp.com
Amazon RSA 2048 M02		 2024-01-23 -
2025-02-19		 a year crt.sh
*.zprk.io
Amazon RSA 2048 M03		 2023-09-19 -
2024-10-17		 a year crt.sh
*.kampyle.com
SSL.com RSA SSL subCA		 2023-11-07 -
2024-12-07		 a year crt.sh
id5-sync.com
E1		 2024-06-04 -
2024-09-02		 3 months crt.sh
assets.adobedtm.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-11 -
2024-08-10		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-12-30 -
2024-12-04		 a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M01		 2023-07-27 -
2024-08-24		 a year crt.sh
brandmetrics.com
GTS CA 1P5		 2024-04-29 -
2024-07-28		 3 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-19		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2024-05-15 -
2025-06-06		 a year crt.sh
*.imrworldwide.com
GlobalSign RSA OV SSL CA 2018		 2024-05-16 -
2025-02-02		 9 months crt.sh
secure-ds.serving-sys.com
R3		 2024-04-16 -
2024-07-15		 3 months crt.sh
script.crazyegg.com
E1		 2024-06-03 -
2024-09-01		 3 months crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-23 -
2024-11-18		 6 months crt.sh
www.newsconnect.com.au
Amazon RSA 2048 M02		 2024-02-08 -
2025-03-08		 a year crt.sh
*.news.google.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
*.adsafeprotected.com
Amazon RSA 2048 M03		 2024-04-21 -
2025-05-19		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-01-21 -
2025-02-19		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
*.id5-sync.com
R3		 2024-05-01 -
2024-07-30		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2024-02-06 -
2025-03-05		 a year crt.sh
*.dotmetrics.net
Amazon RSA 2048 M02		 2023-08-23 -
2024-09-20		 a year crt.sh
t.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-08 -
2025-05-07		 a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-08 -
2024-10-08		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
alt1-3ps.amazon-adsystem.com
Amazon RSA 2048 M03		 2024-03-29 -
2025-04-28		 a year crt.sh
1657490710.rsc.cdn77.org
E5		 2024-06-11 -
2024-09-09		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-03-04 -
2025-04-03		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2024-02-14 -
2025-03-16		 a year crt.sh
ads.playground.xyz
WR3		 2024-05-29 -
2024-08-27		 3 months crt.sh
casalemedia.com
E5		 2024-06-17 -
2024-09-15		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-18 -
2024-09-17		 3 months crt.sh
sp-ad-exch-prd-two-eks.prd.eks.sp.adexchange.gumgum.com
Amazon RSA 2048 M02		 2024-04-05 -
2025-05-04		 a year crt.sh
teads.tv
R10		 2024-06-11 -
2024-09-09		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M03		 2024-02-28 -
2025-03-29		 a year crt.sh
bs.serving-sys.com
Amazon RSA 2048 M02		 2024-02-24 -
2025-03-24		 a year crt.sh
*.cdn.optimizely.com
GeoTrust RSA CA 2018		 2024-01-25 -
2025-01-27		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2024-01-30 -
2024-07-30		 6 months crt.sh
*.chartbeat.net
Thawte TLS RSA CA G1		 2023-11-20 -
2024-12-20		 a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-05-30 -
2024-11-26		 6 months crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2024-10-26		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-04-24 -
2025-04-17		 a year crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-07 -
2024-08-07		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2024-04-23 -
2025-05-25		 a year crt.sh
*.google-analytics.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2024-04-08 -
2025-05-09		 a year crt.sh
*.googleadservices.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 01		 2024-01-14 -
2024-06-27		 5 months crt.sh
lm.serving-sys.com
Amazon RSA 2048 M02		 2023-12-18 -
2025-01-16		 a year crt.sh
*.sc.omtrdc.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-07 -
2025-03-09		 a year crt.sh
logx.optimizely.com
WR3		 2024-05-23 -
2024-08-21		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2024-05-01 -
2024-07-30		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-04-25 -
2024-07-19		 3 months crt.sh
analytics.rlcdn.com
Amazon RSA 2048 M02		 2024-05-26 -
2025-06-24		 a year crt.sh
au.audience.newscgp.com
Amazon RSA 2048 M02		 2024-02-27 -
2025-03-26		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.ad-server.k8s.sp.ggops.com
Amazon RSA 2048 M02		 2024-05-07 -
2025-06-05		 a year crt.sh
*.google.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
*.google.com.au
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
*.eu-3-id5-sync.com
R3		 2024-05-01 -
2024-07-30		 3 months crt.sh
*.eu-4-id5-sync.com
R3		 2024-05-01 -
2024-07-30		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
bonzai.co
Amazon RSA 2048 M02		 2023-10-03 -
2024-10-31		 a year crt.sh
metrics.heraldsun.com.au
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-20 -
2025-07-21		 a year crt.sh
*.bonzai.co
Amazon RSA 2048 M03		 2023-11-26 -
2024-12-24		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M03		 2024-04-25 -
2025-05-23		 a year crt.sh
edge.adobedc.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-21 -
2024-11-20		 a year crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-25 -
2024-10-24		 a year crt.sh
*.bzcdn.co
Amazon RSA 2048 M03		 2023-11-13 -
2024-12-10		 a year crt.sh

This page contains 59 frames:

Primary Page: https://www.heraldsun.com.au/leader/outer-east?nk=351c958114b7447c954c1d04cd30a0ed-1719079233
Frame ID: 2B5E87B261C6103D7A13D2B2711DCAEA
Requests: 288 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/topics/topics.html?r=https%3A%2F%2Fwww.heraldsun.com.au
Frame ID: 0EA554DDC0469FA2348D612724F39E67
Requests: 1 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=N1kGmolKu9c.X_cFCs4arXLRDYIMfMOd&nonce=wwTmDHj9nBv96aXP64SYlqr9HhCUKQ6b&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4yNC4xIn0%3D
Frame ID: AC4C8C0E9DB3002C4D49CAA9FD8903D6
Requests: 1 HTTP requests in this frame

Frame: https://ncg.tags.news.com.au/prod/ncg/cookie.html
Frame ID: 37D20142144FA00C83DF6016F635B894
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: F57627749A40C15C11C1CDF7E552B50C
Requests: 1 HTTP requests in this frame

Frame: https://topics.authorizedvault.com/topicsapi.html?bidder=rtbhouse
Frame ID: ED3DDEE2F793FCD4A5D1FC09F52DC308
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Frame ID: ED4F6237229B9281FD9669B6700D0A3E
Requests: 1 HTTP requests in this frame

Frame: https://a20352597942.cdn.optimizely.com/client_storage/a20352597942.html
Frame ID: 26BD971F0CE9DAE0F11BFCF76B2F05F4
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 2720182E6A4165B6E00F1531B869FD36
Requests: 1 HTTP requests in this frame

Frame: https://news.google.com/swg/ui/v1/serviceiframe?_=1719079235353&publicationId=heraldsun.com.au
Frame ID: C52CC11E1741CEA969DEBF2CC80601BD
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_kg&dcc=t
Frame ID: D0957073EFCCC169ED9099A174637E33
Requests: 1 HTTP requests in this frame

Frame: https://s.pinimg.com/ct/core.js
Frame ID: 2264038317EE6E19CF96500E324F1CCD
Requests: 6 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: C2CB8271F3B93DD13C8A762A0441C96B
Requests: 1 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CPyc1pnl74YDFeAtgwMdO4cEUw;src=8228261;type=invmedia;cat=newsc02j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8682775706807.926
Frame ID: 378665BA388855F883A9024395CFDEA5
Requests: 1 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CPCh1pnl74YDFa4FgwMdUi8F_Q;src=8228261;type=invmedia;cat=newsc02-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2842877810363.178
Frame ID: 3FD930747678DCA429D6B84FE7B53D12
Requests: 1 HTTP requests in this frame

Frame: https://secure.adnxs.com/px?id=1274268&seg=22404526&t=1
Frame ID: CB42E1AFB86C2727286FEC2BD9022F62
Requests: 1 HTTP requests in this frame

Frame: https://static.ads-twitter.com/uwt.js
Frame ID: 1C202D8B3598099E632E906A8D7A78FA
Requests: 3 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Frame ID: 23CDB60BF89370E970EF9DDA25D29D10
Requests: 4 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: C761F3FCBF0239875A3F34F145772293
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/up/pixie.js
Frame ID: D5A3D5EA7F4B588AA6E9411FA8E76B37
Requests: 3 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CNig1pnl74YDFagBgwMdIgEKoA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4633713475760.905
Frame ID: 7F952BD4C57DAA2D8E816DC55FB6A5FF
Requests: 1 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/conversion.js
Frame ID: CA71AC59BCC9D97AA94043C7A7284569
Requests: 4 HTTP requests in this frame

Frame: https://pixel.mediaiqdigital.com/pixel?u1=%pu1=!;&pixel_id=1297269&uid=5067895556725147321
Frame ID: D904EF69E03AE247738CC0C4F8B7784D
Requests: 1 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: 63F9A8D489312EFE9FDFA7C1B88E7D04
Requests: 1 HTTP requests in this frame

Frame: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: D85EF28B2F278C89A48BD242B6212E6F
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&upid=trk7f24&upv=1.1.0
Frame ID: 520694F4C12EEBDFD3B1D97E013FFA0E
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&upid=ekg5qxt&upv=1.1.0
Frame ID: 81C340210ADADB3E91BA47F66CE27E66
Requests: 1 HTTP requests in this frame

Frame: https://8c4bca762e9251116806171d7fbf4fe1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 60B962024DEF070C9210EA2BE295BBCA
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 4C8B0AEA6E827694B474DB458001FA93
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 93E257285311153578208044885AB79D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E623B2146FE499A91C7AD369F86EE2CD
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=DZE4CCclNht9BV4-xUF5qMgXgdtWJeeH5jSDmhh12SM&pi=gumgum&tc=1
Frame ID: DF14032C44D14DA0BF7C38669901294F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Frame ID: 22627E1ABF54B3A35447755C6B796C9B
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: F20D0508E28A817AA1A2E73B457AFE13
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvJHITlJO4bXuWj9JWtbjT5Vp-GROaB-OVH8bSytHvzrbFxidrVfwdgPQbzYJx-764DyQ2goOofScmwRhSPDYQnY8nxKth9YSZEX2As2sOt99CEM6u4fIwBtGu5q1KKF-pdXbPdQkIq4f_EI3j6Buzu52DCvqGQRxGPAj5GNS9S604rHkEDJJb9OAuGx7x_uALn24siQ-BWxnBZnv-k3wjACbiVXUofWX-owZOPo2J4H8NBCPs7vxTPwWSc9YSM1qsAw2M8IpuDSRWJI71vnTTIytpqQAd70JDd8D430WmJhYuvEnCevuTcXlaVFpJwBvg4s_MjoQNlboxsNMIqj2PHSuwbS8VPL5QUc9h_6XWF_wEffoYtHk-OtHzTI2UnBRiN1I0iPry51T8&sai=AMfl-YQHBMWnCwZWo5eaFFGY2B77BW2ERO00NU7TDQ03hNr5DQObH-Kho6FWOXd0G9mykupkdWDZvlRyCpZMjPDsmJlBBhvPqShIzz9lyQyOPb4sEHBee4q1FyCl-BwY3cU&sig=Cg0ArKJSzN2ubVE-xCupEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 474BC556EC9E4961618413A6132F7E76
Requests: 59 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstrKtgT_nLQYEV_-IFL42j9H-yT7_F-jCAzDqXJWiVtgeZFhoADhc9SpE32qlg49kpaKSJmqJRKCO-Zu8NbKtnnpZSwkB6rxJ647OsuJ5izkZU6wERkaaeucNSyvufdvfaEiDqD5Ccgs6O00jvlHZvcsT1k18bQknDxpGyhYd6-TZE21W4ghQjqBGwNxEhsx46AjMje9N8CzvaJ0kJ8Xg9YWMtpWnGO1P3VEDOs7gLVO6P1SmjyV7HqO7QsQqZzjsGvk9SXjHwUoheyi_t5q8rOPloOAbysRpKsm0bHc_IvVlhTVmyYeB7lSWoUiRCTukg2LJ0FdF-NaRYsodOlRbmZ2fGUjv_EN57_n-qDZkonPsKOOhhk2Mn2D_kLSoHQMDvLqMvacAJj0Ld87oNq&sai=AMfl-YQoYhHGrQgC_juZgM2ut4uN9jiT6G58eGqZ8FZ3NetnpESuM5xKt8DTh9KDTyBAyupOR_oKmQk6BrOG19gz8PUunI3t0KOuQCB4l9WWE5OlO0hhrUFVVxciaw2Z0zk&sig=Cg0ArKJSzAQCFuy76ND1EAE&uach_m=%5BUACH%5D&adurl=
Frame ID: D3C25CBF934C707B410FA2C054CC72DB
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuI40WJTjX6fT5tQb1s6zCMnWHUF1_G1TrSCk8xGxQ9lYQPvLkGbdj78Cqi23naSCWZLiFim1h6he1JwHQZrWUWW0ky4pf69oF4zUa_-g1x34zm48WmhSLnFh5Un0zfC74oaDPQQDfMEl3xaPsNCLBYXxCfygD8v_fYIXpZ3m9x_6ES9KWZiECo7bpK3MCCYanmjoyO3LStCvx1yx3A9cV3TzYvYRbH-MpBpVhMjr7tW270JzBqZ-T9DixU-QhxYrYbQOz7TW04qVPTqPLc2ntLWuiHmVsiogKYukM4oAZiXoN43Dyu6zPInNJEm86bTBGzKqmFTbtPUevqyOJHa480xQ2MpbqVGtcvQfh0WQZ-K7qiGUB7jGEmGFHlWgLMcdYKJqiPvnHFRVQ&sai=AMfl-YRKMnQzuSsO_cMDOEWHyS75L2ml8gR0wGrdIqaLbogTqMShDFEdhdGnu6cFOUPXCzcvZWJHWu8k0rxibXBT4g15a0ypgCt7hXkIb0j3YCQGdxxbFBQVcC4sWIN-eYs&sig=Cg0ArKJSzCl3LbXPAG4JEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 8293E9C46C40595A412B03B996C61950
Requests: 18 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu-E1Gdhak2VY_7cF2_Y66FudTV4u3ToiEHSIClXzTuDJHFrRPIgMCH2mt8YQvt06w00BVPI8rM7PpSsMfdfzWzvLgVm69KkRsO1DObUf3tEMPoO6WozcS3cUmNuTHh8_pwvEwEo9-5Nm93lU_MbDk_4pXwM_enLC-1B2sIjHTYlQlJWAq9m3XArVGyQVidGsUgWY-ZGVYFQkL-XYHJPZkc6Dt4mGDSETAcXyv8EIt2KvsdbStLIk_X1CkMdakEiW189mkBqMY6R5dbMFSMFpKNj9CAaNnyAycvCYkNoYxN49ymJ_Dw_xB09eraykOOpdwJ-AmKvVU2rcSdrn9qKtHmupP_ZmhX1NEi3Tq6fCJ4qUq9gHk3Xh0K_VcNhkkUGxP6Qww1poz-pOEdJWwK&sai=AMfl-YTGooyoS_Ca1P5BVPXJ2SnU_YyWYxjpRW7ylwvY-uXcGA7eWE6Bx7UhNfsL7hRou7dweBcz8xjS0gA_G9Rox4WgNuvYtJ8kqVMp3ZlikCTpXd4V52ngmM7NoYf8RiY&sig=Cg0ArKJSzNQmhllkX5dREAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 0CBBB45002D3A3DF31314C702C712E7C
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv96Jib3dSFV4wAGpgw9hZ0WWr9hyRVKNubx6X0-7TGsNGjHgo3M6O7bL-b0abTGfucakQkmqaRZaXoTgG8hdWTx3LvuDbVb1h4jpqSbXrCLlXvD5bThythsfKXCcZJdUSpdyLVB2KQMlvL14-ah3pjOGRVqN14oCtlR7Fa_zN7t_22yisqcwgE1aw_4r9kGu4QlSTjZEEay-x_mAtsowU4XtkkHrHBvlWLEj7lolqfKaw9FuO9npnfaFxXCRHj8JRg7ykIcywklwXQ87Xj3tkJhGd85K2TIs9df59_VWIx7n7KG11lmaEyFgJ0yqnv8CFAHx4Nr00H8a9ehoS5HW5aa6YQzc88oCdPtKInx2fg3XusKysZG97DYaZedlUObjAd8-HM-uGdKnU&sai=AMfl-YTChRhPBfntvIxSGvI8FNQbscZ0otV-Uddd-GVvHYlS-8xAj2mve5_RKrCJVrb8-oQPnNV9pO9uUR_N3Wp_FQasXA9k7uvmaSZmHkm25tQm0OBDwLQ0bEZs3LtiOiI&sig=Cg0ArKJSzEOyESwvzbUeEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 7D2134CBF9AB9181483DEDA8A353363B
Requests: 9 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=970x250|1&pubId=54134231&chanId=168752591&placementId=6517084259&pubCreative=138480168262&pubOrder=3358436615&cb=1398649605&custom=index&custom3=168403511&adsafe_par&impId=53040be2-30c1-11ef-827a-023157083963
Frame ID: 42D422676974071057AD591962772D04
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=728x90|2&pubId=36557831&chanId=168752591&placementId=5275743052&pubCreative=138445902045&pubOrder=2553375348&cb=1203773968&custom=index&custom3=168403511&adsafe_par&impId=53040be3-30c1-11ef-827a-023157083963
Frame ID: 0D9566D5C25E51702F55D1C3F6AD8BC1
Requests: 2 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/managed/js/activeview/current/reach_worklet.html
Frame ID: 8D5A0AD197703DEEFAAC4039AB46F9FD
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|2&pubId=36557831&chanId=168752591&placementId=5276126762&pubCreative=138445939754&pubOrder=2553375348&cb=1664677471&custom=index&custom3=168403511&adsafe_par&impId=53040be5-30c1-11ef-827a-023157083963
Frame ID: AA830A99569C034B7D36335E67F30EC2
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=54134231&chanId=168752591&placementId=6517084259&pubCreative=138479474022&pubOrder=3358436615&cb=1371463703&custom=index&custom3=168403511&adsafe_par&impId=53040be6-30c1-11ef-827a-023157083963
Frame ID: F91C0266D763A8AD753E4FC498636ACA
Requests: 2 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/managed/js/activeview/current/reach_worklet.html
Frame ID: 7D69436CC6065894793A9EC896EE324F
Requests: 1 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/managed/js/activeview/current/reach_worklet.html
Frame ID: 22710ED6DA9F6F66BB93F398534BDDB5
Requests: 1 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/managed/js/activeview/current/reach_worklet.html
Frame ID: 87632F15053819C49995925A280A2224
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.4.js
Frame ID: 5600619346BBC7486802BA2ED4247E11
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.4.js
Frame ID: 6E4AD1BCE89B49C16087FAABF5C7C983
Requests: 1 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/managed/js/activeview/current/reach_worklet.html
Frame ID: CB04F5DCD6BFFF7307FF39929525EE4C
Requests: 1 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/managed/js/activeview/current/reach_worklet.html
Frame ID: 8E13CC0267C9E165D0A42850A15398CC
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|1&pubId=54134231&chanId=168752591&placementId=6517084259&pubCreative=138479474019&pubOrder=3358436615&cb=658376325&custom=index&custom3=168403511&adsafe_par&impId=53040be4-30c1-11ef-827a-023157083963
Frame ID: B31083A7E0793B4B5A866FDF0BC3DCBB
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.4.js
Frame ID: 3D4FDEAA4D8E5A1193AC9F2AC098BBD9
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.4.js
Frame ID: 69CEE8C478A4E882AF1CFBDE285B011F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 871D494684F5CFA9346863F126D27F9D
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.4.js
Frame ID: D2D396BE92798B334B8E938B74BC35A1
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.heraldsun.com.au
Frame ID: 550D41C25053BD5448DF9152706C2DEC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6074D85A52E1A6BA3EFE702469B540F3
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BA8D3586B76DF3B5470836ECF4DD4961
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Outer east | Leader Newspapers East Melbourne | Local Community News VIC | Knox Leader | Maroondah Leader | Lilydale & Yarra Valley Leader | Free Press Leader | Herald Sun

Page URL History Show full URLs

  1. http://www.knoxleader.com.au// HTTP 307
    https://www.knoxleader.com.au// HTTP 301
    http://www.heraldsun.com.au/leader/outer-east HTTP 307
    https://www.heraldsun.com.au/leader/outer-east HTTP 302
    https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fleader%2fo... HTTP 302
    https://www.heraldsun.com.au/leader/outer-east HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2flead... HTTP 302
    https://www.heraldsun.com.au/leader/outer-east?nk=351c958114b7447c954c1d04cd30a0ed-1719079233 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • optimizely\.com.*\.js
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • serving-sys\.com/
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

459
Requests

97 %
HTTPS

0 %
IPv6

75
Domains

138
Subdomains

117
IPs

7
Countries

4426 kB
Transfer

13731 kB
Size

212
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.knoxleader.com.au// HTTP 307
    https://www.knoxleader.com.au// HTTP 301
    http://www.heraldsun.com.au/leader/outer-east HTTP 307
    https://www.heraldsun.com.au/leader/outer-east HTTP 302
    https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fleader%2fouter-east HTTP 302
    https://www.heraldsun.com.au/leader/outer-east HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fleader%2fouter-east&17190792321137937245 HTTP 302
    https://www.heraldsun.com.au/leader/outer-east?nk=351c958114b7447c954c1d04cd30a0ed-1719079233 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 179
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_kg HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_kg&dcc=t
Request Chain 185
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc02j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8682775706807.926 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CPyc1pnl74YDFeAtgwMdO4cEUw;src=8228261;type=invmedia;cat=newsc02j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8682775706807.926
Request Chain 186
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc02-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2842877810363.178 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CPCh1pnl74YDFa4FgwMdUi8F_Q;src=8228261;type=invmedia;cat=newsc02-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2842877810363.178
Request Chain 192
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4633713475760.905 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CNig1pnl74YDFagBgwMdIgEKoA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4633713475760.905
Request Chain 194
  • https://secure.adnxs.com/px?id=1297269&seg=22449553&redir=https%3A%2F%2Fpixel.mediaiqdigital.com%2Fpixel%3Fu1%3D%pu1=!;%26pixel_id%3D1297269%26uid%3D%24%7BUID%7D&t=2 HTTP 302
  • https://pixel.mediaiqdigital.com/pixel?u1=%pu1=!;&pixel_id=1297269&uid=5067895556725147321
Request Chain 203
  • https://cm.everesttech.net/cm/dd?d_uuid=81064975311639868421758173671427053711 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZncRRwAAAFv0vQMg
Request Chain 213
  • https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&upid=trk7f24&upv=1.1.0 HTTP 302
  • https://match.adsrvr.org/track/upb/?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&upid=trk7f24&upv=1.1.0
Request Chain 214
  • https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&upid=ekg5qxt&upv=1.1.0 HTTP 302
  • https://match.adsrvr.org/track/upb/?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&upid=ekg5qxt&upv=1.1.0
Request Chain 224
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=DZE4CCclNht9BV4-xUF5qMgXgdtWJeeH5jSDmhh12SM&pi=gumgum&tc=1
Request Chain 226
  • https://ib.adnxs.com/getuidnb?https://ads.playground.xyz/usersync?partner=appnexus&uid=$UID HTTP 302
  • https://ads.playground.xyz/usersync?partner=appnexus&uid=5067895556725147321
Request Chain 287
  • https://ad.doubleclick.net/ddm/trackimp/N558804.2144923NEWSCORPAU/B32086880.396138859;dc_trk_aid=587938364;dc_trk_cid=216909243;ord=32341147;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N558804.2144923NEWSCORPAU/B32086880.396138859;dc_pre=CJb91Zvl74YDFS-9SwUdtE8Niw;dc_trk_aid=587938364;dc_trk_cid=216909243;ord=32341147;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1
Request Chain 408
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=33F227FAB674441C83701B6A5DE0DEA7&RedC=c.clarity.ms&MXFR=1EBA2973EFFA6EC329963DD5EBFA607E HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=33F227FAB674441C83701B6A5DE0DEA7&MUID=0B711CBE08FE6A912E480818096E6B90

459 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request outer-east
www.heraldsun.com.au/leader/
Redirect Chain
  • http://www.knoxleader.com.au//
  • https://www.knoxleader.com.au//
  • http://www.heraldsun.com.au/leader/outer-east
  • https://www.heraldsun.com.au/leader/outer-east
  • https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fleader%2fouter-east
  • https://www.heraldsun.com.au/leader/outer-east
  • https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fleader%2fouter-east&17190792321137937245
  • https://www.heraldsun.com.au/leader/outer-east?nk=351c958114b7447c954c1d04cd30a0ed-1719079233
263 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/leader/outer-east?nk=351c958114b7447c954c1d04cd30a0ed-1719079233
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
af1ad7576a229075bd9d98c276e7e0506ef7e7fe063771ec2c4a6e126f6b1797
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

blaizehappened
true
cache-control
max-age=0, no-cache
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
text/html; charset=UTF-8
date
Sat, 22 Jun 2024 18:00:33 GMT
expires
Sat, 22 Jun 2024 18:00:33 GMT
host-header
a9130478a60e5f9135f765b23f26593b
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000 ; includeSubDomains
vary
User-Agent Accept-Encoding
x-akamai-transformed
9 268432 0 pmb=mTOE,2
x-arrrg4
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fleader%2fouter-east%3fnk%3d351c958114b7447c954c1d04cd30a0ed-1719079233&blaizehost=v4-news-au-heraldsun.cdn.zephr.com&content_id=&session=351c958114b7447c954c1d04cd30a0ed
x-content-type-options
nosniff
x-pathqs
TRUE
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
syd3 123 242 443
x-xss-protection
1

Redirect headers

cache-control
max-age=0, no-cache
content-length
154
content-type
text/html
date
Sat, 22 Jun 2024 18:00:33 GMT
etag
"33ff9d0c67eb5d47fbc47cd4b02fa26c:1692680720.184261"
expires
Sat, 22 Jun 2024 18:00:33 GMT
location
https://www.heraldsun.com.au/leader/outer-east?nk=351c958114b7447c954c1d04cd30a0ed-1719079233
mime-version
1.0
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
pragma
no-cache
server
AkamaiGHost
charter_bold.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east?nk=351c958114b7447c954c1d04cd30a0ed-1719079233
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:34 GMT
last-modified
Thu, 09 Mar 2023 05:34:59 GMT
server
AmazonS3
x-amz-request-id
4D1GJEGT1GCV0Y5Q
etag
"c4ced7adf03d84494a6c1da275896d38"
x-amz-server-side-encryption
AES256
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=61110
accept-ranges
bytes
content-length
11472
x-amz-id-2
wh9KebbyRj+d142y6tc21p5N8dWqVI/mnkEOS3Nwey+jIgd6KJX2pmQ6oREneLwnX6WcrkmhkgQ=
expires
Sun, 23 Jun 2024 10:59:04 GMT
charter_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_italic.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east?nk=351c958114b7447c954c1d04cd30a0ed-1719079233
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5ffaa38b1eb97aa761378ac0ab66b43d92aa9a5706b465e5dc99ae2007b440ec

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:34 GMT
last-modified
Thu, 09 Mar 2023 05:35:46 GMT
server
AmazonS3
x-amz-request-id
1Q5F0NCFGRNN1BTF
etag
"ad24be3fafec705de20c00e56afe05ae"
x-amz-server-side-encryption
AES256
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=197377
accept-ranges
bytes
content-length
12052
x-amz-id-2
SDXHYbYN+u6ZH+AlsWcwU4O5dD4wD/aXkAVnJrVgnSyXTd4JQWGAbvUhccov1qyNu4GImKo+LG4=
expires
Tue, 25 Jun 2024 00:50:11 GMT
charter_bold_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold_italic.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east?nk=351c958114b7447c954c1d04cd30a0ed-1719079233
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

unused62
8096267
date
Sat, 22 Jun 2024 18:00:34 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
F7E2190ABEAFEACB
etag
"da48b0752549dabb4675d82412c9cd2d"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=102645
accept-ranges
bytes
content-length
12440
x-amz-id-2
3wulICxh/KLwsczwJ5Fw4CNIu9UOxfPR6nLjFm3iqdm1Wh/TT35AXwT7xymgYwZPwRjSC6kR16E=
expires
Sun, 23 Jun 2024 22:31:19 GMT
charter_regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_regular.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east?nk=351c958114b7447c954c1d04cd30a0ed-1719079233
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

unused62
8096267
date
Sat, 22 Jun 2024 18:00:34 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
CD6AACE1C37E02E4
etag
"29e85ea235248e0a7761df4fe6643e1a"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=462470
accept-ranges
bytes
content-length
11372
x-amz-id-2
B6yUAZV76p9iKhlDfZ6cX1MgEb+Xny7j/C6NlGNMpuXXyIkj1UOiJH9GdXPTewBvFTjuwQTSRos=
expires
Fri, 28 Jun 2024 02:28:24 GMT
lux.js
cdn.speedcurve.com/js/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.speedcurve.com/js/lux.js?id=338391603
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east?nk=351c958114b7447c954c1d04cd30a0ed-1719079233
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
22ecd1f215d5f0de2519192fc103cd507c676366ac23924cf9bd7d1252477670

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
264
date
Sat, 22 Jun 2024 18:00:33 GMT
via
1.1 vegur, 1.1 varnish
content-encoding
gzip
age
8077
x-cache
HIT
content-length
8504
x-served-by
cache-syd10171-SYD
last-modified
Sat, 22 Jun 2024 15:45:56 GMT
server
Apache
x-timer
S1719079234.777453,VS0,VE0
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 29 Jun 2024 15:45:56 GMT
ipad-interface.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ipad-interface.js?ck=Z1qXYWR4emYC/F96jcUBn9gfmUc=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east?nk=351c958114b7447c954c1d04cd30a0ed-1719079233
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
db66bcc0be3d8c0ebef24695348e506fc4e08e1da99455465f097bd34f9a7424
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/leader/outer-east?nk=351c958114b7447c954c1d04cd30a0ed-1719079233
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-rq
syd3 123 243 443
content-encoding
gzip
date
Sat, 22 Jun 2024 18:00:33 GMT
last-modified
Tue, 11 Jun 2024 04:12:17 GMT
server
nginx
strict-transport-security
max-age=31536000 ; includeSubDomains
etag
W/"6667cea1-a67"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1592270
accept-ranges
bytes
content-length
1098
expires
Thu, 11 Jul 2024 04:18:23 GMT
js-critical-desktop.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=Z1qXYWR4emYC/F96jcUBn9gfmUc=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east?nk=351c958114b7447c954c1d04cd30a0ed-1719079233
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e4d91306b7a0d556e8333a647a2069cdfaa281567fc9919b804e6678f78e4a7d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/leader/outer-east?nk=351c958114b7447c954c1d04cd30a0ed-1719079233
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-rq
syd3 123 242 443
content-encoding
gzip
date
Sat, 22 Jun 2024 18:00:33 GMT
last-modified
Tue, 11 Jun 2024 04:12:17 GMT
server
nginx
strict-transport-security
max-age=31536000 ; includeSubDomains
etag
W/"6667cea1-1c2e"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1592163
accept-ranges
bytes
content-length
2847
expires
Thu, 11 Jul 2024 04:16:36 GMT
css-metro-desktop-critical-index.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		233 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-index.css?ck=aUZomQ3V7NOLfT5KILtF0IVI62E=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east?nk=351c958114b7447c954c1d04cd30a0ed-1719079233
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e7f2e652e3bb49d2bf387a7967a031d21dbc1e1512bfbca90d0577af65292c96
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/leader/outer-east?nk=351c958114b7447c954c1d04cd30a0ed-1719079233
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-rq
syd3 123 243 443
content-encoding
gzip
date
Sat, 22 Jun 2024 18:00:33 GMT
last-modified
Thu, 20 Jun 2024 01:11:40 GMT
server
nginx
strict-transport-security
max-age=31536000 ; includeSubDomains
etag
W/"667381cc-3a504"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
text/css
cache-control
max-age=2359015
accept-ranges
bytes
content-length
32957
expires
Sat, 20 Jul 2024 01:17:28 GMT
style.css
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/indies-breaking-news/assets/ 		2 KB
926 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/indies-breaking-news/assets/style.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east?nk=351c958114b7447c954c1d04cd30a0ed-1719079233
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
2e5ae2206d0d20bab9706afc6abf0e2e8b85b5a2661d6c58bca7756accc3bd5a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
.rXqGK6GvfCBUGAaxorMdiZSU01cIwv.
content-encoding
gzip
date
Sat, 22 Jun 2024 18:00:33 GMT
x-amz-request-id
4VWWW5XAS07J6773
x-amz-server-side-encryption
AES256
content-length
548
x-amz-id-2
yRA5lfUD4T3kzTGnchz6+eEqUONpRsUxVv/5VchcCzeKftQu3YCvx+ogR+SDp8OClnqCkiJ4Glx2BFdjEADLNQ==
last-modified
Wed, 19 Jun 2024 03:00:38 GMT
server
AmazonS3
etag
"4aa1e1ee66ef2540c815dc70a3efaaff"
x-i
true
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1281
accept-ranges
bytes
expires
Sat, 22 Jun 2024 18:21:54 GMT
93e776
www.heraldsun.com.au/akam/13/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/akam/13/93e776
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east?nk=351c958114b7447c954c1d04cd30a0ed-1719079233
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
073d99e2dfc572a8f40b011f5b99d8065e5a63b28ff344f1bfbadd40223d3f21
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/leader/outer-east?nk=351c958114b7447c954c1d04cd30a0ed-1719079233
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:33 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000 ; includeSubDomains
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-pathqs
TRUE
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
x-arrrg4
https://www.heraldsun.com.au/leader/outer-east?nk=351c958114b7447c954c1d04cd30a0ed-1719079233
content-length
8763
pragma
no-cache
last-modified
Thu, 22 Feb 2024 19:48:20 GMT
blaizehappened
true
etag
"72ad7c881a1b7cdb8426232d3163ee19aee352846de8790678d3c79a23c2ff7a"
stored-attribute-sha-checksum
073d99e2dfc572a8f40b011f5b99d8065e5a63b28ff344f1bfbadd40223d3f21
vary
User-Agent
content-type
application/javascript
cache-control
max-age=21600
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fakam%2f13%2f93e776&blaizehost=v4-news-au-heraldsun.cdn.zephr.com&content_id=&session=351c958114b7447c954c1d04cd30a0ed
expires
Sat, 22 Jun 2024 18:00:33 GMT
heraldsun.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 		83 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east?nk=351c958114b7447c954c1d04cd30a0ed-1719079233
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
aeefdb59a530585244dd2afbbaec040f62d5e5de3789294c478c2d6e9bb647ea
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/leader/outer-east?nk=351c958114b7447c954c1d04cd30a0ed-1719079233
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-rq
syd3 123 242 443
content-encoding
gzip
date
Sat, 22 Jun 2024 18:00:33 GMT
last-modified
Mon, 06 May 2024 07:32:24 GMT
server
nginx
strict-transport-security
max-age=31536000 ; includeSubDomains
etag
W/"66388788-14d87"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
image/svg+xml
cache-control
max-age=1543838
accept-ranges
bytes
content-length
33871
expires
Wed, 10 Jul 2024 14:51:11 GMT
rea-logo-grey.png
news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/rea-logo-grey.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east?nk=351c958114b7447c954c1d04cd30a0ed-1719079233
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
52.95.129.122 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
5e505a4a1902bb022a5057e7b68df700a11c5f29ea579a431aa23b6e3f17f0e8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 22 Jun 2024 18:00:34 GMT
x-amz-version-id
dKOPaz9thY.HOlUhOOqUMNe1euXfQloR
Last-Modified
Thu, 09 Sep 2021 21:19:11 GMT
Server
AmazonS3
x-amz-request-id
NH61H4BT0CBTW4H9
ETag
"731035d55715734eff2f2a0f9afb31e7"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
28648
x-amz-id-2
ftr85cBIHugBvcCM2XEhczIHwf1mCmgbwROqg5M9oN6pksLxg8b1gJpHvbIFYlTBoABrG03W1Sc=
css-logos.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-logos.css?ck=aUZomQ3V7NOLfT5KILtF0IVI62E=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east?nk=351c958114b7447c954c1d04cd30a0ed-1719079233
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/leader/outer-east?nk=351c958114b7447c954c1d04cd30a0ed-1719079233
Origin
https://www.heraldsun.com.au
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-rq
syd3 123 243 443
content-encoding
gzip
date
Sat, 22 Jun 2024 18:00:33 GMT
last-modified
Wed, 19 Jun 2024 23:17:35 GMT
server
nginx
strict-transport-security
max-age=31536000 ; includeSubDomains
etag
W/"6673670f-2b9a"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
text/css
cache-control
max-age=2358869
accept-ranges
bytes
content-length
1513
expires
Sat, 20 Jul 2024 01:15:02 GMT
app.css
www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/ 		0
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/app.css?ck=aUZomQ3V7NOLfT5KILtF0IVI62E=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east?nk=351c958114b7447c954c1d04cd30a0ed-1719079233
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/leader/outer-east?nk=351c958114b7447c954c1d04cd30a0ed-1719079233
Origin
https://www.heraldsun.com.au
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-rq
syd3 123 242 443
content-encoding
gzip
date
Sat, 22 Jun 2024 18:00:33 GMT
last-modified
Thu, 20 Jun 2024 01:11:38 GMT
server
nginx
strict-transport-security
max-age=31536000 ; includeSubDomains
etag
W/"667381ca-84b3"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
text/css
cache-control
max-age=2358964
accept-ranges
bytes
content-length
6839
expires
Sat, 20 Jul 2024 01:16:37 GMT
theme.css
www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/theme.css?ck=aUZomQ3V7NOLfT5KILtF0IVI62E=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east?nk=351c958114b7447c954c1d04cd30a0ed-1719079233
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/leader/outer-east?nk=351c958114b7447c954c1d04cd30a0ed-1719079233
Origin
https://www.heraldsun.com.au
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-rq
syd3 123 243 443
content-encoding
gzip
date
Sat, 22 Jun 2024 18:00:33 GMT
last-modified
Wed, 19 Jun 2024 23:17:34 GMT
server
nginx
strict-transport-security
max-age=31536000 ; includeSubDomains
etag
W/"6673670e-c14"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
text/css
cache-control
max-age=2358958
accept-ranges
bytes
content-length
956
expires
Sat, 20 Jul 2024 01:16:31 GMT
adblock.js
tags.news.com.au/prod/adblock/ 		421 B
653 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/adblock/adblock.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east?nk=351c958114b7447c954c1d04cd30a0ed-1719079233
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ec6f6c224861139b1b2bef82a122478b9b56082eeb485d7558113bb8624a8fc6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
application/x-javascript
date
Sat, 22 Jun 2024 18:00:33 GMT
cache-control
max-age=22336
server
AkamaiNetStorage
etag
"8fad1e9ccaf71c1084bdf83ec186e1d7:1718766510.56768"
content-length
421
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
bedsberry.com/ 		67 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5826e1fb3d64cb71a6365b8083d2ed04d8f4787336c8fa4f53c07469be84a82
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:34 GMT
content-encoding
br
via
1.1 google
strict-transport-security
max-age=15724800; preload
cf-cache-status
MISS
x-buildnumber
1340724186
alt-svc
h3=":443"; ma=86400
server
cloudflare
x-datacenter
gce-asia-east1
etag
W/"1e3a1e5be4eb43f79fa934ef2e17eaf482a9af7eaf811f083cdaab24d7f0bca2"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-asia-east1-spot-mlrj
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
timing-allow-origin
*
cf-ray
897e237bca30a7f9-SYD
title-arrow.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		540 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-index.css?ck=aUZomQ3V7NOLfT5KILtF0IVI62E=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:33 GMT
content-encoding
gzip
last-modified
Wed, 16 Sep 2020 23:56:43 GMT
server
AmazonS3
x-amz-request-id
8F5B11CD8D3A4977
etag
"4d7595f832e4962b83a9428c3723233b"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=378113
accept-ranges
bytes
content-length
347
x-amz-id-2
6ddXKtEJacAvBrwemXv61pD/oScGsRkggfXFODIJUMkBKz+RudJ2yLMaT9j7ZL/h9v5DvtzjzDM=
expires
Thu, 27 Jun 2024 03:02:26 GMT
ktv-icon.jpg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ktv-icon.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-index.css?ck=aUZomQ3V7NOLfT5KILtF0IVI62E=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
fdba8926b943ef611fc6efc98f34bf6b946006bca29a6ca711c03f94e9b770ba

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:33 GMT
last-modified
Thu, 09 Nov 2023 00:18:01 GMT
server
AmazonS3
x-amz-request-id
Z4MCCJZF15R9B5PP
etag
"481ac438f263d8b4ef0b66cb4ae1364c"
x-amz-server-side-encryption
AES256
access-control-allow-methods
GET,POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=119934
accept-ranges
bytes
content-length
1051
x-amz-id-2
nCWppB/Mxflt6eA82naOaTUuThfVv8dduJjYXRjIafBhqrl+FAsfFHYC++GNS2P259Kdvkf6gOM=
expires
Mon, 24 Jun 2024 03:19:27 GMT
title-arrow-white.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		535 B
674 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow-white.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-index.css?ck=aUZomQ3V7NOLfT5KILtF0IVI62E=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:34 GMT
content-encoding
gzip
last-modified
Thu, 17 Sep 2020 00:28:25 GMT
server
AmazonS3
x-amz-request-id
FX1R9SFR5N9N9ZDW
etag
"b0f5ec7455ded53e84de4fee006a5110"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=523862
accept-ranges
bytes
content-length
342
x-amz-id-2
Rc+4Hg4S2NcN2AmaJ2UPNJf4W+eylW29KzidSVFjowTh+8vQAYCPITkaXtNd1YmuEzxcu9GTWIk=
expires
Fri, 28 Jun 2024 19:31:36 GMT
icon-chevron-default.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		586 B
614 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/icon-chevron-default.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-index.css?ck=aUZomQ3V7NOLfT5KILtF0IVI62E=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
65d0ee95aa02438b70f870b09db5d41c4ce2b7faa5e9af574cd30b552773f986

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:34 GMT
content-encoding
gzip
last-modified
Wed, 17 Nov 2021 04:48:47 GMT
server
AmazonS3
x-amz-request-id
GYK4RND10PJ15EKJ
etag
"7cebf19c244f62cfdb05f0c375f1aef7"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=68909
accept-ranges
bytes
content-length
284
x-amz-id-2
mJYT9HtMl1jNV0SyX07+ufJZB2GX6CyoULs6Q6F2dem4V+EdVKpAgR3vf6nT2iUSYuk7CHsw0pQ=
expires
Sun, 23 Jun 2024 13:09:03 GMT
source-sans-pro-regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-regular.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-index.css?ck=aUZomQ3V7NOLfT5KILtF0IVI62E=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

unused62
8096267
date
Sat, 22 Jun 2024 18:00:34 GMT
last-modified
Tue, 01 Sep 2020 04:31:33 GMT
server
AmazonS3
x-amz-request-id
DEC5E6991FC87873
etag
"899c8f78ce650d4009d42443897aa723"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=358930
accept-ranges
bytes
content-length
16112
x-amz-id-2
I4EOgf8UNxJpTpxCDvjtoRqS6y42kzE0HgxlcbTO8EEeBC/kdEaCvu4EC5897acHoSNVdzNnJDQ=
expires
Wed, 26 Jun 2024 21:42:44 GMT
source-sans-pro-600.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-600.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-index.css?ck=aUZomQ3V7NOLfT5KILtF0IVI62E=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

unused62
8096267
date
Sat, 22 Jun 2024 18:00:34 GMT
last-modified
Tue, 22 Sep 2020 06:30:09 GMT
server
AmazonS3
x-amz-request-id
BRCPFV1GAK9GFP4G
etag
"c85615b296302af51e683eecb5e371d4"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=531417
accept-ranges
bytes
content-length
15948
x-amz-id-2
KT/DETvUoWmzDhEjGrCSBnoi4kjq4UYZY3mph8qHfzI57OHA/q5I3TIVa7bjqs/H76pW8xwNE0w=
expires
Fri, 28 Jun 2024 21:37:31 GMT
f736dbcbfa1f572b23e693c83bf20ba7
content.api.news/v3/images/bin/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/f736dbcbfa1f572b23e693c83bf20ba7?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
74ee962f2cc00beb2f14ca673a94d19a5cc4982deaba4c5773d287172a488302

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:33 GMT
last-modified
Fri, 21 Jun 2024 04:55:42 GMT
server
Akamai Image Manager
etag
0ba9be281caeeb8f8ef63ae082fcb535-f736dbcbfa1f572b23e693c83bf20ba7-150
edge-cache-tag
f736dbcbfa1f572b23e693c83bf20ba7
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5050398
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
3259
expires
Tue, 20 Aug 2024 04:53:51 GMT
dcb71d39e2c9d474c501e36c298e1d98
content.api.news/v3/images/bin/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/dcb71d39e2c9d474c501e36c298e1d98?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
1a47ead49140e73c028c919046ded88bfc28ba6df562b021eab8cf78917270fd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:33 GMT
last-modified
Fri, 21 Jun 2024 00:54:26 GMT
server
Akamai Image Manager
etag
426ada929fcdd668af50790180c1e919-dcb71d39e2c9d474c501e36c298e1d98-150
edge-cache-tag
dcb71d39e2c9d474c501e36c298e1d98
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5036048
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
3321
expires
Tue, 20 Aug 2024 00:54:41 GMT
60db6a9bf674695234af44c9b7ed7189
content.api.news/v3/images/bin/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/60db6a9bf674695234af44c9b7ed7189?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
e8416f0a3c819cb3f382ba003986fbdb59f453a2e2d89c7e5215d1badaee637c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:34 GMT
last-modified
Thu, 20 Jun 2024 10:18:14 GMT
server
Akamai Image Manager
x-serial
362
etag
3f1ba7e18775c24e08718de7fe21a160-60db6a9bf674695234af44c9b7ed7189-150
edge-cache-tag
60db6a9bf674695234af44c9b7ed7189
content-type
image/webp
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=4983662
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
2530
expires
Mon, 19 Aug 2024 10:21:36 GMT
b14ee3bd5b8b6276bbbffaaee8c396d3
content.api.news/v3/images/bin/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/b14ee3bd5b8b6276bbbffaaee8c396d3?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
bc353d5f2bd23f85503b65e78790c88810351709d9e80c82559cec22ae460398

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:34 GMT
last-modified
Thu, 20 Jun 2024 03:45:27 GMT
server
Akamai Image Manager
x-serial
62
etag
d99b884d2e0fbb69247d6024e2933765-b14ee3bd5b8b6276bbbffaaee8c396d3-150
edge-cache-tag
b14ee3bd5b8b6276bbbffaaee8c396d3
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=4959899
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
3775
expires
Mon, 19 Aug 2024 03:45:33 GMT
68453fdcd0b040226f8d9a5cd3ff695e
content.api.news/v3/images/bin/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/68453fdcd0b040226f8d9a5cd3ff695e?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
9d1f5f10251473408b36b13fd07ba0785e50a37835c5f1c94ebf9b64729c3c1a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:33 GMT
last-modified
Thu, 20 Jun 2024 01:08:28 GMT
server
Akamai Image Manager
etag
78e7d406c2f245d18365d736b4747fb1-68453fdcd0b040226f8d9a5cd3ff695e-150
edge-cache-tag
68453fdcd0b040226f8d9a5cd3ff695e
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=4950498
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
2468
expires
Mon, 19 Aug 2024 01:08:51 GMT
8de84a08f0734f9adddd56850782f616
content.api.news/v3/images/bin/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/8de84a08f0734f9adddd56850782f616?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
e93a01db6e00b75aa75701b2981a4bac3aee9e166bf25ca0c3125087c4fb14c6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:33 GMT
last-modified
Wed, 19 Jun 2024 08:28:11 GMT
server
Akamai Image Manager
x-serial
270
etag
57f8e82650ef7d5bd6d683c8a2740b70-8de84a08f0734f9adddd56850782f616-150
edge-cache-tag
8de84a08f0734f9adddd56850782f616
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=4890443
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
4353
expires
Sun, 18 Aug 2024 08:27:56 GMT
594650f8a1332cfee3f56c1f7aa55bdf
content.api.news/v3/images/bin/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/594650f8a1332cfee3f56c1f7aa55bdf?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
11a0269f73c210d9f0b452d4ac2c3e5c5c2dbc643c6a1858118c5bf204e3f97e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:33 GMT
last-modified
Wed, 19 Jun 2024 23:26:31 GMT
server
Akamai Image Manager
x-serial
1767
etag
f94fe65af6e699a10726c3c8e63784e4-594650f8a1332cfee3f56c1f7aa55bdf-150
edge-cache-tag
594650f8a1332cfee3f56c1f7aa55bdf
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=4944219
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
4318
expires
Sun, 18 Aug 2024 23:24:12 GMT
8b7f2f8bf67695b3dca4babfd6be0c40
content.api.news/v3/images/bin/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/8b7f2f8bf67695b3dca4babfd6be0c40?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
4c2f5cd0422450482b4fb5d3db0e7e9e4aff59e97e1b2a2067787db9114022e3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:33 GMT
last-modified
Wed, 19 Jun 2024 01:59:25 GMT
server
Akamai Image Manager
etag
070b3d24373d6b636ff52c39b66cb59d-8b7f2f8bf67695b3dca4babfd6be0c40-150
edge-cache-tag
8b7f2f8bf67695b3dca4babfd6be0c40
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=4867158
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
4687
expires
Sun, 18 Aug 2024 01:59:51 GMT
b311b8d2f9bb1b5c17318961448a2797
content.api.news/v3/images/bin/ 		0
0
6e1a233de7e069128a82f4d6c88a1ce0
content.api.news/v3/images/bin/ 		0
0
597c3a852de87133e3b0988a1095b25b
content.api.news/v3/images/bin/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/597c3a852de87133e3b0988a1095b25b?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
57089380c612ffe4aa8f0b17c7b11166ab1b85d88806520d6dd56fc2f0cf291d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:33 GMT
last-modified
Fri, 21 Jun 2024 23:00:47 GMT
server
Akamai Image Manager
etag
0bc69a4ace0b09506ad1ae0c88af7016-597c3a852de87133e3b0988a1095b25b-150
edge-cache-tag
597c3a852de87133e3b0988a1095b25b
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5115567
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
4763
expires
Tue, 20 Aug 2024 23:00:00 GMT
c361cbf311ebf2ed2a41208fb8df833d
content.api.news/v3/images/bin/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/c361cbf311ebf2ed2a41208fb8df833d?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
49b59ff5d1d0d95a2fe715ee59642d2497d4336c89d09378f5834a31dd982b37

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:34 GMT
last-modified
Fri, 21 Jun 2024 20:06:47 GMT
server
Akamai Image Manager
x-serial
612
etag
29648144f87e92744eefc16a4f8738a3-c361cbf311ebf2ed2a41208fb8df833d-150
edge-cache-tag
c361cbf311ebf2ed2a41208fb8df833d
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5105083
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
3599
expires
Tue, 20 Aug 2024 20:05:17 GMT
24d1c984547a1c80d9c181225586f648
content.api.news/v3/images/bin/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/24d1c984547a1c80d9c181225586f648?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
a87eb841c49cd41d211959d4f39954e4f4ade1a6918c31def10c2268d86fe7b0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:34 GMT
last-modified
Fri, 21 Jun 2024 19:11:35 GMT
server
Akamai Image Manager
etag
ba2951917342681b4a26ede2facb5e1b-24d1c984547a1c80d9c181225586f648-150
edge-cache-tag
24d1c984547a1c80d9c181225586f648
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5101925
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
4862
expires
Tue, 20 Aug 2024 19:12:39 GMT
f736dbcbfa1f572b23e693c83bf20ba7
content.api.news/v3/images/bin/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/f736dbcbfa1f572b23e693c83bf20ba7?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
45b153799eb787b9caa787af34c9c908c8d35e2a7aa791df44a3471aff55a47b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:34 GMT
last-modified
Fri, 21 Jun 2024 04:55:42 GMT
server
Akamai Image Manager
etag
0ba9be281caeeb8f8ef63ae082fcb535-f736dbcbfa1f572b23e693c83bf20ba7-650
edge-cache-tag
f736dbcbfa1f572b23e693c83bf20ba7
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5050392
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
41198
expires
Tue, 20 Aug 2024 04:53:46 GMT
dcb71d39e2c9d474c501e36c298e1d98
content.api.news/v3/images/bin/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/dcb71d39e2c9d474c501e36c298e1d98?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
dae0c648fcc7058056917eea46f03a7bfc31125134a87b066797f649c2ae5dac

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:34 GMT
last-modified
Fri, 21 Jun 2024 03:04:29 GMT
server
Akamai Image Manager
etag
426ada929fcdd668af50790180c1e919-dcb71d39e2c9d474c501e36c298e1d98-320
edge-cache-tag
dcb71d39e2c9d474c501e36c298e1d98
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5043766
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
10259
expires
Tue, 20 Aug 2024 03:03:20 GMT
60db6a9bf674695234af44c9b7ed7189
content.api.news/v3/images/bin/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/60db6a9bf674695234af44c9b7ed7189?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
0391712fd65f73f0612120aace259e117e49499d59ca8249ec8aeb313f12b716

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:34 GMT
last-modified
Thu, 20 Jun 2024 10:17:30 GMT
server
Akamai Image Manager
x-serial
1822
etag
3f1ba7e18775c24e08718de7fe21a160-60db6a9bf674695234af44c9b7ed7189-320
edge-cache-tag
60db6a9bf674695234af44c9b7ed7189
content-type
image/webp
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=4983332
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
5730
expires
Mon, 19 Aug 2024 10:16:06 GMT
b14ee3bd5b8b6276bbbffaaee8c396d3
content.api.news/v3/images/bin/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/b14ee3bd5b8b6276bbbffaaee8c396d3?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
9f483078c90dbea0366d1be1fc3f69897e892b585f9ead431c07995c7f6d6ad8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:34 GMT
last-modified
Thu, 20 Jun 2024 03:49:04 GMT
server
Akamai Image Manager
etag
d99b884d2e0fbb69247d6024e2933765-b14ee3bd5b8b6276bbbffaaee8c396d3-320
edge-cache-tag
b14ee3bd5b8b6276bbbffaaee8c396d3
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=4960059
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
12560
expires
Mon, 19 Aug 2024 03:48:13 GMT
68453fdcd0b040226f8d9a5cd3ff695e
content.api.news/v3/images/bin/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/68453fdcd0b040226f8d9a5cd3ff695e?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
2a87d4a1a57b451f38f414bf07b4133c45b9f2cfaaa51a84459db56bf63bffae

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:34 GMT
last-modified
Thu, 20 Jun 2024 01:08:33 GMT
server
Akamai Image Manager
x-serial
1692
etag
78e7d406c2f245d18365d736b4747fb1-68453fdcd0b040226f8d9a5cd3ff695e-650
edge-cache-tag
68453fdcd0b040226f8d9a5cd3ff695e
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=4950561
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
17195
expires
Mon, 19 Aug 2024 01:09:55 GMT
8de84a08f0734f9adddd56850782f616
content.api.news/v3/images/bin/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/8de84a08f0734f9adddd56850782f616?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
f52d7d932f200d7684a36f57e1b6ca147cfc0f8d4bb366d8b5e60879cf35c63b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:34 GMT
last-modified
Wed, 19 Jun 2024 08:28:12 GMT
server
Akamai Image Manager
etag
57f8e82650ef7d5bd6d683c8a2740b70-8de84a08f0734f9adddd56850782f616-650
edge-cache-tag
8de84a08f0734f9adddd56850782f616
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=4890487
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
44080
expires
Sun, 18 Aug 2024 08:28:41 GMT
594650f8a1332cfee3f56c1f7aa55bdf
content.api.news/v3/images/bin/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/594650f8a1332cfee3f56c1f7aa55bdf?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
a5e7c34aec0e889999b403e3564af3fb42ccfcfd456c53188cc55f6aa4a45c39

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:34 GMT
last-modified
Wed, 19 Jun 2024 23:27:06 GMT
server
Akamai Image Manager
x-serial
1886
etag
f94fe65af6e699a10726c3c8e63784e4-594650f8a1332cfee3f56c1f7aa55bdf-320
edge-cache-tag
594650f8a1332cfee3f56c1f7aa55bdf
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=4944374
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
13800
expires
Sun, 18 Aug 2024 23:26:48 GMT
8b7f2f8bf67695b3dca4babfd6be0c40
content.api.news/v3/images/bin/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/8b7f2f8bf67695b3dca4babfd6be0c40?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
51106a0fd4a78fe6895f3b0ce981574db437e75827b5da2ef6c2e003c0fe685a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:34 GMT
last-modified
Wed, 19 Jun 2024 01:59:25 GMT
server
Akamai Image Manager
etag
070b3d24373d6b636ff52c39b66cb59d-8b7f2f8bf67695b3dca4babfd6be0c40-320
edge-cache-tag
8b7f2f8bf67695b3dca4babfd6be0c40
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=4867166
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
19023
expires
Sun, 18 Aug 2024 02:00:00 GMT
b311b8d2f9bb1b5c17318961448a2797
content.api.news/v3/images/bin/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/b311b8d2f9bb1b5c17318961448a2797?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
7c61d3cd5f1d1a0da72baa1d689daf48efcab2d735d0644e8d569bab2347233e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:34 GMT
last-modified
Mon, 17 Jun 2024 19:01:58 GMT
server
Akamai Image Manager
x-serial
858
etag
15db1a04077cd89a8bfe29b06dc45b87-b311b8d2f9bb1b5c17318961448a2797-320
edge-cache-tag
b311b8d2f9bb1b5c17318961448a2797
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=4755802
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
15989
expires
Fri, 16 Aug 2024 19:03:56 GMT
6e1a233de7e069128a82f4d6c88a1ce0
content.api.news/v3/images/bin/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/6e1a233de7e069128a82f4d6c88a1ce0?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
54643154b0dc318f58cc2b4703dec5732ede406a4573e2fcb31abb2a387dd5b4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:34 GMT
last-modified
Sat, 22 Jun 2024 05:03:29 GMT
server
Akamai Image Manager
x-serial
1694
etag
477e1b406c23823437ef29faa94665dd-6e1a233de7e069128a82f4d6c88a1ce0-320
edge-cache-tag
6e1a233de7e069128a82f4d6c88a1ce0
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5137303
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
16030
expires
Wed, 21 Aug 2024 05:02:17 GMT
597c3a852de87133e3b0988a1095b25b
content.api.news/v3/images/bin/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/597c3a852de87133e3b0988a1095b25b?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
586a0247aa4df4b84c9fd3ef7f408a0a560d42cb2276ab38a35cd49fe959801a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:34 GMT
last-modified
Fri, 21 Jun 2024 23:00:46 GMT
server
Akamai Image Manager
x-serial
1280
etag
0bc69a4ace0b09506ad1ae0c88af7016-597c3a852de87133e3b0988a1095b25b-320
edge-cache-tag
597c3a852de87133e3b0988a1095b25b
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5115475
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
17006
expires
Tue, 20 Aug 2024 22:58:29 GMT
c361cbf311ebf2ed2a41208fb8df833d
content.api.news/v3/images/bin/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/c361cbf311ebf2ed2a41208fb8df833d?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
4d5c96576576b23f4b0283ddebc1db70a08d0db936de0257589431ad81e954a2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:34 GMT
last-modified
Fri, 21 Jun 2024 20:06:53 GMT
server
Akamai Image Manager
etag
29648144f87e92744eefc16a4f8738a3-c361cbf311ebf2ed2a41208fb8df833d-320
edge-cache-tag
c361cbf311ebf2ed2a41208fb8df833d
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5105217
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
12911
expires
Tue, 20 Aug 2024 20:07:31 GMT
24d1c984547a1c80d9c181225586f648
content.api.news/v3/images/bin/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/24d1c984547a1c80d9c181225586f648?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
d3fef0dd4e13de28612152d4f378c223a3855b1e55d13013fb6db028e5ac95d8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:34 GMT
last-modified
Fri, 21 Jun 2024 19:01:02 GMT
server
Akamai Image Manager
x-serial
1038
etag
ba2951917342681b4a26ede2facb5e1b-24d1c984547a1c80d9c181225586f648-320
edge-cache-tag
24d1c984547a1c80d9c181225586f648
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5101194
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
17131
expires
Tue, 20 Aug 2024 19:00:28 GMT
css-metro-desktop-lazy.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		1 B
970 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css?ck=aUZomQ3V7NOLfT5KILtF0IVI62E=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=Z1qXYWR4emYC/F96jcUBn9gfmUc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/leader/outer-east
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-rq
syd3 123 242 443
date
Sat, 22 Jun 2024 18:00:33 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
last-modified
Wed, 19 Jun 2024 23:17:35 GMT
server
nginx
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
etag
"6673670f-1"
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
text/css
cache-control
max-age=2358984
accept-ranges
bytes
content-length
1
expires
Sat, 20 Jul 2024 01:16:57 GMT
rampart.js
www.heraldsun.com.au/remote/identity/rampart/latest/ 		297 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=Z1qXYWR4emYC/F96jcUBn9gfmUc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6c3c03076ad818221def01363b401daf30656eb7e32179843f4d8653c01f227d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/leader/outer-east
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
strict-transport-security
max-age=31536000 ; includeSubDomains
content-encoding
gzip
date
Sat, 22 Jun 2024 18:00:33 GMT
server
AkamaiNetStorage
etag
"68cb0a6e258e0315da2c328dff184676:1713604418.727393"
vary
User-Agent, Accept-Encoding
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
application/x-javascript
cache-control
max-age=712
expires
Sat, 22 Jun 2024 18:12:25 GMT
indies-loader.js
resourcesssl.newscdn.com.au/indies/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/indies-loader.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=Z1qXYWR4emYC/F96jcUBn9gfmUc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e8578396b1b92c9c86641ef39b7ee6f7c675d2f6fd2127cb3a1d7b518aa7eb6d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
._fGRqsQ9Nwtgi3Df5uJJy6E0ZEsHpC0
content-encoding
gzip
date
Sat, 22 Jun 2024 18:00:34 GMT
x-amz-request-id
ZSN3TNG74CTDFRWC
x-amz-server-side-encryption
AES256
content-length
2004
x-amz-id-2
3/VktaQWU+/sboAKjcoLOpDazOszbtUDUCsziRfx4ZKQ4gFUVkitwDU4PjzElddhZ/Uzar0tcMuFIxwjXbv9pQ==
last-modified
Wed, 24 Jan 2024 22:43:43 GMT
server
AmazonS3
etag
"2ce26f6c687180e8945961717dc388af"
x-i
true
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=303
accept-ranges
bytes
x-p
/indies/indies-loader.js
expires
Sat, 22 Jun 2024 18:05:37 GMT
js-metro-desktop-lazy.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		95 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?ck=Z1qXYWR4emYC/F96jcUBn9gfmUc=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=Z1qXYWR4emYC/F96jcUBn9gfmUc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e62d4215000c609cb37a09aee086661e70b0726223049384ea35b159970578ac
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/leader/outer-east
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-rq
syd3 123 242 443
content-encoding
gzip
date
Sat, 22 Jun 2024 18:00:33 GMT
last-modified
Mon, 03 Jun 2024 12:20:45 GMT
server
nginx
strict-transport-security
max-age=31536000 ; includeSubDomains
etag
W/"665db51d-17d85"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
application/javascript
cache-control
max-age=930319
accept-ranges
bytes
content-length
26647
expires
Wed, 03 Jul 2024 12:25:52 GMT
js-weather.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		0
979 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-weather.js?ck=Z1qXYWR4emYC/F96jcUBn9gfmUc=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=Z1qXYWR4emYC/F96jcUBn9gfmUc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/leader/outer-east
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-rq
syd3 123 243 443
date
Sat, 22 Jun 2024 18:00:33 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
last-modified
Mon, 03 Jun 2024 02:21:11 GMT
server
nginx
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
etag
"665d2897-0"
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
application/javascript
cache-control
max-age=930436
accept-ranges
bytes
content-length
0
expires
Wed, 03 Jul 2024 12:27:49 GMT
outbrain.js
widgets.outbrain.com/ 		245 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=Z1qXYWR4emYC/F96jcUBn9gfmUc=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.170.44 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-170-44.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3f8608cc5e6106316da165ef5db6c8faeb20a5275c65481d832b87ba1b6cb1ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Sat, 22 Jun 2024 18:00:33 GMT
edge-cache-tag
widget-cheetah
x-traceid
222775d16a415f0172744eda52cad024
content-length
91170
last-modified
Wed, 19 Jun 2024 06:28:54 GMT
etag
"71-Y3oMJ1f++dd1Nr1vW2dp8aF9gV0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14500
access-control-allow-credentials
false
timing-allow-origin
*, *
access-control-request-headers
X-OB-STG,X-OB-PRD
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
topics.html
widgets.outbrain.com/nanoWidget/externals/topics/ Frame 0EA5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/topics/topics.html?r=https%3A%2F%2Fwww.heraldsun.com.au
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.170.44 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-170-44.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=14400
content-encoding
gzip
content-length
364
content-type
text/html
date
Sat, 22 Jun 2024 18:00:33 GMT
etag
"a52151dbf5b2ca563e40ccca1ab8228c:1718778531.967928"
expires
Sat, 22 Jun 2024 22:00:33 GMT
last-modified
Tue, 18 Jun 2024 15:45:06 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
vary
Accept-Encoding
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.170.44 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-170-44.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Mon, 22 Jul 2024 18:00:33 GMT
date
Sat, 22 Jun 2024 18:00:33 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
access-control-request-headers
X-OB-STG,X-OB-PRD
comments-count
mhr.talk.news.com.au/api/v1/ 		601 B
672 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mhr.talk.news.com.au/api/v1/comments-count?ids=0b24ef9fb929e510b334f5968e6c45bb,5e437ae4a90a6229a4091d467cc02691,3476b920db3d0c7305b05d9752c44ebf,b9698ecd69618a508f9014327ad1bbb4,9858704013c1673109f8c38fdc216c8e,5bb333e510a9f0886e5a7fc0f1c7cfd5,799ae390d9b455869f8b4809e542b603,eee8dd689954b73e6d3745923941f787,73a0cab0c377460e0a62809c7f8042a3,b24378bdfbfdaef3e614f2bc340f24ed,ed7bf18bf5c6261a69918e64b669dd76,195c4ff41106fd56dc0016af99d67fe9,8eb4bf35a84b8c32c5ef6622b2a0f91a,7bd3567206f23993e7eec96a302ffe99,75fcec2e9c3fd686f3a06e7c93fc1837,01ca9d65eee74d9fb978a60766e8dfc0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?ck=Z1qXYWR4emYC/F96jcUBn9gfmUc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
nginx/1.20.1 /
Resource Hash
61507cdab5a0804a59e5dcd7b66ad959e74328f568cd8e04ef1986eba5a14902
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 22 Jun 2024 18:00:34 GMT
server
nginx/1.20.1
etag
W/"259-1a99CpmjgVhitV9q5d2m7f5gNAE"
x-download-options
noopen
x-dns-prefetch-control
off
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-talk-trace-id
5256b410-30c1-11ef-a956-cb9dd73b6e18
content-length
367
x-xss-protection
1; mode=block
3000
www.heraldsun.com.au/wp-json/api/weather/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-json/api/weather/3000
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?ck=Z1qXYWR4emYC/F96jcUBn9gfmUc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
64103c9e658f8e56f943e877ab995afec836bae86f75f05c986eb38f806593b3
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/leader/outer-east
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000 ; includeSubDomains
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-length
735
x-rq
syd3 123 243 443
server
nginx
allow
GET
vary
User-Agent
content-type
application/json; charset=UTF-8
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
max-age=60
accept-ranges
bytes
x-robots-tag
noindex
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
expires
Sat, 22 Jun 2024 18:01:34 GMT
authorize
login.newscorpaustralia.com/ Frame AC4C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=N1kGmolKu9c.X_cFCs4arXLRDYIMfMOd&nonce=wwTmDHj9nBv96aXP64SYlqr9HhCUKQ6b&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4yNC4xIn0%3D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.170.229 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-170-229.deploy.static.akamaitechnologies.com
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
max-age=0, no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
897e237d0f44a96e-SYD
content-encoding
gzip
content-length
928
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://login.newscorpaustralia.com/csp-reports
content-type
text/html;charset=UTF-8
date
Sat, 22 Jun 2024 18:00:34 GMT
expires
Sat, 22 Jun 2024 18:00:34 GMT
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-akamai-transformed
9 536 0 pmb=mTOE,4
x-auth0-requestid
d4bbb4e9d437234746e1
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1719079235
utag.sync.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.sync.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=Z1qXYWR4emYC/F96jcUBn9gfmUc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-53.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c7f9261566de1c9e35469441d0d5fad75180ce66a37cd7a02ac3a607b89f257b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
gDtXq80V5ZdPhT7qg8RsCcGwlwYzwfvG
content-encoding
br
via
1.1 701510d744831cda18c48da0cb099172.cloudfront.net (CloudFront)
date
Sat, 22 Jun 2024 17:57:37 GMT
last-modified
Tue, 11 Jun 2024 09:46:09 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
177
x-amz-server-side-encryption
AES256
etag
W/"a9bdeaa4e20b4eb27e890cff652b631d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
fUZEMd-cHveD3waIBrup2Lpj16D8juJyjvU23nXA0FJz8BCFWniivQ==
utag.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		103 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=Z1qXYWR4emYC/F96jcUBn9gfmUc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-53.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94f88ed2b636a66000b1a1f2480244e4641529f9e4303dd6497941d22dc525c8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
uiNgDoI7FAYbgWDYv42HFWrarrvQcrsB
content-encoding
br
via
1.1 701510d744831cda18c48da0cb099172.cloudfront.net (CloudFront)
date
Sat, 22 Jun 2024 17:56:03 GMT
last-modified
Tue, 11 Jun 2024 09:46:09 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
275
x-amz-server-side-encryption
AES256
etag
W/"6e4f3e8418bd2d44934cea935acd45cb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
AoKvDg3wxUBizPkBLRXC0nkR02FKxYhwm_rU8FG7oyfzemhtihWNHw==
js-c3po-bundle.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		252 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-c3po-bundle.js?ck=Z1qXYWR4emYC/F96jcUBn9gfmUc=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=Z1qXYWR4emYC/F96jcUBn9gfmUc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
75cfff2f889e56a283381fe76a99ce4c4266d0853d60a72a28fe73704cfa5800
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/leader/outer-east
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-rq
syd3 123 242 443
content-encoding
gzip
date
Sat, 22 Jun 2024 18:00:34 GMT
last-modified
Tue, 11 Jun 2024 04:12:17 GMT
server
nginx
strict-transport-security
max-age=31536000 ; includeSubDomains
etag
W/"6667cea1-3f0e9"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1592146
accept-ranges
bytes
content-length
65333
expires
Thu, 11 Jul 2024 04:16:20 GMT
js-vidora-client.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js?ck=Z1qXYWR4emYC/F96jcUBn9gfmUc=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=Z1qXYWR4emYC/F96jcUBn9gfmUc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
67b9635b38d68a49ad3296f4157106c75441565293192bf1bd251dac723dc72f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/leader/outer-east
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-rq
syd3 123 243 443
content-encoding
gzip
date
Sat, 22 Jun 2024 18:00:34 GMT
last-modified
Mon, 03 Jun 2024 02:21:11 GMT
server
nginx
strict-transport-security
max-age=31536000 ; includeSubDomains
etag
W/"665d2897-1fb6"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
application/javascript
cache-control
max-age=930213
accept-ranges
bytes
content-length
3257
expires
Wed, 03 Jul 2024 12:24:07 GMT
vidora-client.1.x.x.min.js
assets.vidora.com/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js?ck=Z1qXYWR4emYC/F96jcUBn9gfmUc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.244.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-244-94.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c5660f641ca8b2a795f976360ed032a7226aa4aee2ac8cad40723938f824790

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 a7a7ee092ee4b4df82064022cbdb7e94.cloudfront.net (CloudFront)
date
Sat, 22 Jun 2024 17:39:17 GMT
last-modified
Fri, 29 Apr 2022 19:16:31 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P1
age
1278
x-amz-server-side-encryption
AES256
etag
W/"5953e20bb28e3a3f613e0cb6e8fbacfb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=86400
x-amz-cf-id
wJD_rQRE3rSu1rnQMC1XksHu2ZkENL51EXL2QH1-bWhb0wZFYgbiFA==
skeleton.gif
static.adsafeprotected.com/ 		43 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?adspot_id=eprpqj_728x90_
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.214.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-42.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 15:27:04 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 594aa5e4a6030c26c04a6a841838abb2.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
age
268411
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
pFLSv_DT0faqSutk_vBbwvVXtdBuqlmlOrYj2VzIQd8v7kYrwO47qw==
main.js
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/indies-breaking-news/assets/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/indies-breaking-news/assets/main.js
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
94ccf9b12044666534ed3c190b46629b5b21e03d948f9663e9d7fe7b0b92f6ec

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
X_qcEOZahpmJ.FR8c4G.d3W9CYuAdWHs
content-encoding
gzip
date
Sat, 22 Jun 2024 18:00:34 GMT
x-amz-request-id
4VWQXE6RDJ2TVF76
x-amz-server-side-encryption
AES256
content-length
1701
x-amz-id-2
x9xy6PbNraOJC2mkaWNjxAyCp/ySsks6RpDc6xO9p0v4FN7I4atk01rwJdC5z4+V2hkKQ8s0xNjA2KBRrr56Og==
last-modified
Wed, 19 Jun 2024 03:00:38 GMT
server
AmazonS3
etag
"f8def2b04bbe0d713f7068ceddf09df0"
x-i
true
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=108
accept-ranges
bytes
expires
Sat, 22 Jun 2024 18:02:22 GMT
campaigns
resourcesssl.newscdn.com.au/indiestudio/api/public/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indiestudio/api/public/campaigns?userType=anonymous&pageType=index&site=heraldsun.com.au&section=/leader/outer-east&device=desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
authorization,content-type,x-amz-date,x-amz-security-token,x-amz-user-agent,x-amzn-trace-id,x-api-key
access-control-allow-methods
GET,OPTIONS
access-control-allow-origin
*
apigw-requestid
Zx-iYic2SwMEKjQ=
cache-control
max-age=1800
date
Sat, 22 Jun 2024 18:00:34 GMT
expires
Sat, 22 Jun 2024 18:30:34 GMT
campaigns
resourcesssl.newscdn.com.au/indiestudio/api/public/ 		2 KB
986 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indiestudio/api/public/campaigns?userType=anonymous&pageType=index&site=heraldsun.com.au&section=/leader/outer-east&device=desktop
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3ed27a757d8722de804e7d1eeb03c104d6e30d4e0e9646fbffce003866f8b94b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 22 Jun 2024 18:00:34 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache
content-length
834
apigw-requestid
Zx-iYjiaSwMEJ0g=
expires
Sat, 22 Jun 2024 18:00:34 GMT
csp-reports
login.newscorpaustralia.com/ 		0
0
e9b6c63a76a83fa09a2f488f1f9218b4
client.api.news/collections/ 		337 B
633 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://client.api.news/collections/e9b6c63a76a83fa09a2f488f1f9218b4
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/indies-breaking-news/assets/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f7f52a081c58a6959f3097f6d22dd94771cf7d1addc6291b5a190f162c16b3b4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:34 GMT
content-encoding
gzip
x-origin
CAPI
x-amz-cf-pop
SYD3-P1
x-amz-server-side-encryption
AES256
x-amz-storage-class
INTELLIGENT_TIERING
content-length
253
last-modified
Fri, 21 Jun 2024 03:53:05 GMT
server
AmazonS3
etag
"2b5b3951df4c4022a570ab46418f330d"
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=203
accept-ranges
bytes
x-amz-cf-id
fnljC0KmmDfdsjqBL-kB9orfY6g_h3Z8kVLsPkk4cJhqsm1iKx_OsA==
expires
Sat, 22 Jun 2024 18:03:57 GMT
extended-access.js
subscriptions.heraldsun.com.au/google-loader/ 		295 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscriptions.heraldsun.com.au/google-loader/extended-access.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=Z1qXYWR4emYC/F96jcUBn9gfmUc=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.170.229 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-170-229.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c34a591607f8416f5c97bfafc5f18d15868de7b201bc575f28a8aa483210132b
Security Headers
Name Value
Strict-Transport-Security max-age=600

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:34 GMT
content-encoding
gzip
strict-transport-security
max-age=600
last-modified
Mon, 04 Mar 2024 04:51:28 GMT
x-amz-cf-pop
SYD62-P1
etag
"95baef25fd509464688925fb76473143"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=1
accept-ranges
bytes
x-amz-cf-id
F8iZ8m-zx_joRTCVGjKGRI4hdGgo3Qnh2twhbKqB_JEwa81FTxYHsw==
content-length
82222
20352597942.js
cdn.optimizely.com/js/ 		426 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/js/20352597942.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.sync.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.169.3 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-169-3.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
37aecf271104d82b08a37f728d1fa944186e171022182474646e138a9f497816
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
zP7ST3DjzUP3bayieIiitMPMSypMJdNA
content-encoding
gzip
date
Sat, 22 Jun 2024 18:00:34 GMT
strict-transport-security
max-age=15768000
x-amz-request-id
Y0HAGHYNWBFTEKVH
x-amz-server-side-encryption
AES256
x-amz-meta-revision
4678
x-amz-replication-status
PENDING
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=10, origin; dur=266, cdn;desc="AkamaiION";dur=0,rtt;desc="1";dur=0,cdnip;desc="23.202.169.3";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="1719079234696_387974588_1203666_27031_1496_2_19_146";dur=1
content-length
129945
x-amz-id-2
PTfumrebKPTGT0m5hCR5BND8XDUsCru8q4e+ArAAfbouONzWy53CtBio2DKC9SsN6tP+VMnv/1o=
last-modified
Thu, 20 Jun 2024 14:02:21 GMT
server
AmazonS3
etag
"4d4c786757167446e3529a778c1cc7f5"
vary
Accept-Encoding
access-control-max-age
86400
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=0
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
utrack.js
tags.news.com.au/prod/utrack/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/utrack/utrack.js?cb=17190792343790.2754663498754548
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
364e39d99dfeb63e27a5361e117d335031b5c50ac54e8298f42f6cfde929552a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:34 GMT
content-encoding
gzip
server
Apache
etag
"ab4f3fe7c5c43b61d4377ef72d3952fa:1558613430"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=0, no-cache, no-store
content-length
833
expires
Sat, 22 Jun 2024 18:00:34 GMT
mitas.js
tags.news.com.au/prod/mitas/ 		666 B
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/mitas/mitas.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

unused62
8096267
date
Sat, 22 Jun 2024 18:00:34 GMT
server
Apache
etag
"83a2bbd4d3829f1d4278f4ff0988804c:1490850995"
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=72334
content-length
666
pixel_93e776
www.heraldsun.com.au/akam/13/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/akam/13/pixel_93e776
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/akam/13/93e776
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/leader/outer-east
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
strict-transport-security
max-age=31536000 ; includeSubDomains
date
Sat, 22 Jun 2024 18:00:34 GMT
blaizehappened
true
x-pathqs
TRUE
vary
User-Agent
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
text/html
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fakam%2f13%2fpixel_93e776&blaizehost=v4-news-au-heraldsun.cdn.zephr.com&content_id=&session=351c958114b7447c954c1d04cd30a0ed
x-arrrg4
https://www.heraldsun.com.au/leader/outer-east
content-length
0
B7670439;dcadv=4149947;sz=1x2;ord=511134399154.9879
ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=511134399154.9879?
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.102 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f6.1e100.net
Software
cafe /
Resource Hash
31a99710be2b5535462523388150dd1b6c0a9fb21dc918e09f7047942efa7d40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15077
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Sat, 22 Jun 2024 18:00:34 GMT
last-modified
Thu, 29 Feb 2024 19:58:06 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7662585AFB5A4BABBCA96843B82D99CB Ref B: SYD03EDGE1009 Ref C: 2024-06-22T18:00:34Z
etag
"01b4e9c496bda1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13261
metrics.vendors.bundle.js
tags.news.com.au/prod/metrics/ 		155 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/metrics/metrics.vendors.bundle.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
695427dd1c627f38f177c2c15c74185f2130a6cb8390d86560714a6e31fa07bc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:34 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"8b9277f08e9a60d51169cd97923df3ed:1716945526.485363"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=22236
nielsen.js
tags.news.com.au/prod/nielsen/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/nielsen/nielsen.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
875e2dbb46ed3ac5de6ffb948be3670674574c75bf0c963ad68edb8832f06d44

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:34 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"fb68340e5f23d55e9dd6f9e882195c13:1695883768.293004"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=23595
content-length
9944
fbevents.js
connect.facebook.net/en_US/ 		219 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 22 Jun 2024 18:00:34 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58024
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=1, c=14, mss=1317, tbw=2805, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
tJevXfvGYv0j07EODYmafBNBxTqwztqRR9T30D+c+tvP0jDCuYQ3PX07zFNjld9keqOvL4Mbql3rrnWlTYSM/g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
x-fb-optimizer
0
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
ncg.js
au.tags.newscgp.com/prod/ncg/ 		155 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.65.244.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-244-42.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0d2958bf681f9132b5e41b0e2e09408c043e8c135240bb94ddddf699e8b539cd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 22 Jun 2024 17:27:26 GMT
Content-Encoding
gzip
Via
1.1 782fcf79958c13c01bfababc6fc4b8ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
SYD3-P1
Age
1989
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Tue, 16 May 2023 02:16:02 GMT
Server
AmazonS3
ETag
W/"d9de38d1900dec018a46f90cc70a48b7"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=3600
X-Amz-Cf-Id
hBV270fKN4a4xL1tqR1G-MhQ3fMTLE6_8Y09A_PKVKgp4xWbIeygPg==
3zcdIyo2Tk.js
pixel.zprk.io/v5/pixeljs/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.zprk.io/v5/pixeljs/3zcdIyo2Tk.js?timewithTz=2024-06-22T18%3A00%3A34.493Z&country=au&newsconnectId=&fpid=351c958114b7447c954c1d04cd30a0ed
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.73.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-73-13.compute-1.amazonaws.com
Software
/
Resource Hash
44e414287a54d03da7c4799f09955eabad87654d2392974a7f396d0d65325c08

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:35 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-max-age
3600
access-control-allow-methods
POST, GET, DELETE, PUT
content-type
text/plain;charset=UTF-8
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
2862
embed.js
nebula-cdn.kampyle.com/au/wau/132224/onsite/ 		1 KB
967 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/au/wau/132224/onsite/embed.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.175 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dadc6ca0e3869997ce4d2f4f0870391b922900baad7ad28398e6b7eae5131f33
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
lF2BR1RdUHUe8DZh5WEH9SV8aYc623.y
content-encoding
gzip
via
1.1 varnish
date
Sat, 22 Jun 2024 18:00:34 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
W4Q8EA6RWEES7HF6
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
520
x-amz-id-2
DmmB3NEPgUAWMO+qq1Q9l183YxypB7pb502sPA9sVtglfoGgohQ9KqHCz8QV8BUAJnEk0KUwy3g=
x-served-by
cache-syd10162-SYD
last-modified
Wed, 15 May 2024 10:31:50 GMT
server
AmazonS3
x-timer
S1719079235.553208,VS0,VE0
etag
"173f0a39d2a91c5e1c89814ccd9db617"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0,must-revalidate
accept-ranges
bytes
x-cache-hits
891102
id5-api.js
cdn.id5-sync.com/api/1.0/ 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cccaedb13f2aa38970538b043bfd16b0fa24e6a6a386833059595fd0a408e105
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:34 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 19 Jun 2024 08:15:00 GMT
server
cloudflare
x-amz-request-id
9J2GQNY54GB1BMR3
age
2658
etag
W/"7549ecdacdd2ca9502744f648799d58a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
897e2381ef725509-SYD
x-amz-id-2
5NOYepns9rZFF1/75HJMajSY3KO39GMRpIP9HZpqNL0cQ2fAQTaGbk7sCJfi6u4WmtOxKcsw7hw=
alloy.min.js
cdn1.adoberesources.net/alloy/2.9.0/ 		71 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.adoberesources.net/alloy/2.9.0/alloy.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.168.24 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-24.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
f1e0a4f3d202b8b9b6404c93af0b9d2bb0ff769a8dcac6f15cfe8c4ae7495461
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:34 GMT
content-encoding
br
strict-transport-security
max-age=86400 ; includeSubDomains
last-modified
Tue, 18 Jul 2023 07:46:45 GMT
server
Akamai Resource Optimizer
etag
"9de0c970a450653866276eaad3325344:1646937469.390599"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
20617
expires
Sat, 22 Jun 2024 19:00:34 GMT
nca_aep.js
tags.news.com.au/prod/aep/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/aep/nca_aep.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7b152261e1c57453fc67ef715778608859c6c09a2a50affc25d99e0bb0742380

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:34 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"f16222a57827e8a1a574ceb84af25834:1710904545.308704"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=12481
content-length
2291
tad.js
tags.news.com.au/prod/tad/ 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/tad/tad.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
8bf092972215c021e0646f00b32e7dc936d42bd9d4513d460c7c122fc6924284

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:34 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"f65bce99677ec10e4429074964016c38:1718323413.389646"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=23103
content-length
37642
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		98 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
cafe /
Resource Hash
3382e9b566f20f8fd9bb2848ddc7fa62d1a84f0acc82ae1c1d8ba545083269ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31592
x-xss-protection
0
server
cafe
etag
768 / 19896 / m202406170101 / config-hash: 994685364493883849
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 22 Jun 2024 18:00:34 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		308 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.21.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-21-125.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89417b7e7e602e0e469946d8971f4a48d69e6511d2755b5933d95260f9771529

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 17:37:46 GMT
content-encoding
gzip
via
1.1 2a6cd2383f2f70d74f5acfbb719135b8.cloudfront.net (CloudFront), 1.1 0f7044eb4e8b35c09d88dd64a3263794.cloudfront.net (CloudFront)
last-modified
Tue, 11 Jun 2024 21:55:28 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2, SYD62-P3
age
1369
x-amz-server-side-encryption
AES256
etag
W/"e80b397feb40163ad02c947203471e29"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
Zs5tJHL_UiVj6eba8bEcdX02cy6ti61dFpzVTDYopTDA3lGMZgG7AQ==
prebid.js
tags.news.com.au/prod/prebid/ 		351 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/prebid/prebid.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7edf60ffc2c899e99085f8a6d1f1734e7b039f63cbc45db115177a4d79b63a61

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:34 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"694d351502feebd5707434de2f02b157:1718597988.519249"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=22300
ats.js
ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ 		190 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ats.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.20.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-20-73.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c4317b85ce58155bd79c593334b5d1b79f6b23664a529820db132d5e695497fb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
tANxjlqzRHN.S2KFqQ55PqbFW8lNfW0h
content-encoding
gzip
via
1.1 7b00ea054b97b0dfdfa184981c492f10.cloudfront.net (CloudFront)
date
Sat, 22 Jun 2024 17:15:44 GMT
last-modified
Thu, 06 Jun 2024 07:19:43 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P3
age
2690
x-amz-server-side-encryption
AES256
etag
W/"dd180473e029c57a6d6ba60b2c8d234a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
8_DVDmUaKXfb7xvkCcIlSjOrVdJe_CGa1pH4OvaQk6XJTDzpU2hUgg==
nca_ipsos.js
tags.news.com.au/prod/ipsos/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
78e48c662aca86e80ff17fe9783e2efd6806a47419ade2e80469ebe7f32cf7f5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:34 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"13628d5d0643bb69455d04f62af3d14e:1718677818.944016"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=76009
content-length
6478
heraldsun.js
cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/heraldsun.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
035675399800e3ae1f674fa492c731a97d18c40358fd47ccee65ffe31d5b3455

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:35 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Sat, 22 Jun 2024 17:08:50 GMT
server
cloudflare
age
3105
cf-polished
origSize=6321
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vAHsBUZ7q6dbCiXcMHW7swVlaPnd9MVX9YxrI5qXr8K4cO0srKieM9Juw5fou3TMZJGkK6pKqOR2RnZjWo%2BvZCVYyfl7H2ZlXqi5yuracEp2AGC259FfUK10aKmJTXZAB1%2BBaubz"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
897e23834831a974-SYD
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.28.157 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:34 GMT
content-encoding
gzip
last-modified
Fri, 15 Mar 2024 03:07:08 GMT
x-amz-server-side-encryption
AES256
etag
"bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15412
x-served-by
cache-iad-kiad7000023-IAD, cache-syd10149-SYD
insight.min.js
snap.licdn.com/li.lms-analytics/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.99.59.34 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-99-59-34.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
942a9ba1fe78b402e8b52b83058dbbabde8db6b4d1debf960d6d5afe5192db52
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 18 Jun 2024 16:47:26 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=12157
accept-ranges
bytes
content-length
14004
chartbeat_video.js
static.chartbeat.com/js/ 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.248.189 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-248-189.syd3.r.cloudfront.net
Software
nginx /
Resource Hash
88c21e8752f97350e83ffe0610ab69e7d9aeb87b2507db99cc9ecb8419ee6ddf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 18:06:52 GMT
content-encoding
gzip
via
1.1 30d965dd3bd4ca28c3aa1ccfc6be7c36.cloudfront.net (CloudFront)
last-modified
Wed, 05 Jun 2024 00:07:44 GMT
server
nginx
x-amz-cf-pop
SYD3-P1
age
86023
etag
W/"665fac50-11d74"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
Z2mvCzWVi1N0wA7qc_yAqV0-uc0EvF5LNKy7rDoQQdcljxI1US9zdA==
expires
Sat, 22 Jun 2024 18:06:52 GMT
utag.985.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.985.js?utv=ut4.46.202309110217
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-53.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
18adb42d8090a13c0c22990962d0e5a2b4166c8d58550abf3e7130ac85205c7d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Nz2K2fGrSmfSRjjYcqhahi95v93ZzK5M
content-encoding
br
via
1.1 701510d744831cda18c48da0cb099172.cloudfront.net (CloudFront)
date
Sat, 22 Jun 2024 17:55:41 GMT
last-modified
Tue, 11 Jun 2024 09:46:06 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
295
x-amz-server-side-encryption
AES256
etag
W/"f586e05e96e4032a9a887510657a5097"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
aP7yQB6b6bPLsZ7jCDiDAGBfS1MvA4a69ONbXJBB8-sp8aF7AsYo9w==
utag.1205.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.1205.js?utv=ut4.46.202309110217
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-53.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8f92f9cb1a5ec54c42398b05555be2920e647a348da21b20f453df8f650a5a67

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
1hdmmQCz5ncfpfea1T4uPue8YB2EmpL0
content-encoding
br
via
1.1 701510d744831cda18c48da0cb099172.cloudfront.net (CloudFront)
date
Sat, 22 Jun 2024 17:58:47 GMT
last-modified
Tue, 11 Jun 2024 09:46:07 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
137
x-amz-server-side-encryption
AES256
etag
W/"31e7ed91175dde576575ba7eb6e151f1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
vPNnAx2kc-kCztTWTKAdPAneIXpnsSlx01dVJV_4_57jdB74LOzCBw==
utag.1211.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		608 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.1211.js?utv=ut4.46.202311301301
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-53.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
adfb5ae2c0f62d3a5b035d61ab7bfc8213a8a2da65d0cb8505be548957195458

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
n.SyvhhDEIvo5Km.ihbExlbTV5.cNfc9
date
Sat, 22 Jun 2024 17:55:41 GMT
via
1.1 701510d744831cda18c48da0cb099172.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
age
297
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
608
last-modified
Tue, 11 Jun 2024 09:46:08 GMT
server
AmazonS3
etag
"2a51865f3078d207761001e98b6836e9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1296000
accept-ranges
bytes
x-amz-cf-id
8gvtjGoC4R35Sy8-krMrz5FbN4tC_uOZEXPf4tsxoqRG1K0uCKNlIg==
PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
cdn-gl.imrworldwide.com/conf/ 		31 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-100.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee82d6ed020210bbdfd5f7b56201bc3e8e07e42cc5bc357a06b3fc37a35945e3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
YUVH2kyc37HJX8NjGBw9r79ZuqDHZng_
content-encoding
gzip
via
1.1 435dfd2ccb739fd32ab23d873305cce2.cloudfront.net (CloudFront)
date
Sat, 22 Jun 2024 17:10:24 GMT
last-modified
Sat, 22 Jun 2024 01:19:40 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P2
age
3059
x-amz-server-side-encryption
AES256
etag
W/"5406ff33db16d4bbf829213ee06934e2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400,s-maxage=86400
x-amz-cf-id
5DRBlx5Cc2nCBJJ5gql1k5ryq9h4mXASuQbjwYVH3CArFniMcWeUAg==
ebOneTag.js
secure-ds.serving-sys.com/SemiCachedScripts/ 		74 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.96.232 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-96-232.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
4c2e03d0e2d3f21d25a50ac39491f5124a03d778da219ccb65801c522201a370

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:34 GMT
content-encoding
gzip
x-amz-request-id
XKGND0NZ509CX06F
x-amz-cf-pop
ATL56-P2
x-amz-server-side-encryption
AES256
content-length
21820
x-amz-id-2
vaHbI0o5FSMYgdPdaFYbOMSEAv6uHVsMSKgAyNtzcRFgrLIzvgo67PGjaYRJfk9obKt+U8vCrDU=
last-modified
Wed, 06 Sep 2023 14:35:36 GMT
server
AmazonS3
etag
"220840acac0b72605c541d1c968febe3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=703
accept-ranges
bytes
x-amz-cf-id
hca-17inFhrDhEHESrmINPGBV7ufa5XP4ONnOzH01FCtESc_rbD2yw==
metrics.main.bundle.js
tags.news.com.au/prod/metrics/ 		96 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/metrics/metrics.main.bundle.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5e75e655fc9163baefbb62bd90fbdf915510d7b3329d692b362d39c2b19b6093

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:34 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"278108e210b0329c4040336f87eb8f35:1716945525.387672"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=22539
content-length
25265
2988.js
script.crazyegg.com/pages/scripts/0018/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0018/2988.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.1211.js?utv=ut4.46.202311301301
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
789cef1d152ee1d8dc3c3234738490db2fac14775dda9d5bea9988f93b891878

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:35 GMT
content-encoding
gzip
cf-cache-status
HIT
age
287
cf-polished
origSize=7376
ce-version
11.5.221
cf-bgj
minify
last-modified
Sat, 22 Jun 2024 17:55:48 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
897e23841e80555d-SYD
pixel.js
www.redditstatic.com/ads/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:35 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Thu, 20 Jun 2024 19:23:03 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"71b328aff914ada8b774bfa8fff542c4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
12116
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
431 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsltd/hwt/202406110945&cb=1719079234527
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-53.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date
Sat, 22 Jun 2024 17:51:12 GMT
via
1.1 701510d744831cda18c48da0cb099172.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
age
563
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2
last-modified
Sat, 11 Mar 2023 06:57:46 GMT
server
AmazonS3
etag
"7bc0ee636b3b83484fc3b9348863bd22"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
dCgxXYUN-l76Z28pboTj6IY3r_whx_oQ1UiOwA15_v0THLGbhmCbDA==
gdpr_user_check.esi
tags.news.com.au/prod/data-esi/top/ 		65 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi?
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.168.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-183.deploy.static.akamaitechnologies.com
Software
AkamaiGHost /
Resource Hash
0061754f19243844ed8ede72b4150a852ddd8accbf33f905662ece0d4f4f168c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:34 GMT
server
AkamaiGHost
etag
"519053bf13ef3980b8829a5ec0f4dbc4:1712019818.804653"
vary
Origin, Origin, Origin
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
text/plain
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
max-age=0, no-cache
content-length
65
mime-version
1.0
expires
Sat, 22 Jun 2024 18:00:34 GMT
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.25.27.9 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-25-27-9.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Max-Age
600
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Date
Sat, 22 Jun 2024 18:00:34 GMT
Server
nginx
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ 		2 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.25.27.9 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-25-27-9.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Sat, 22 Jun 2024 18:00:34 GMT
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Content-Type
text/plain; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
cookie.html
ncg.tags.news.com.au/prod/ncg/ Frame 37D2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ncg.tags.news.com.au/prod/ncg/cookie.html
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.65.244.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-244-42.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Age
1315
Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sat, 22 Jun 2024 17:38:40 GMT
ETag
W/"fbee957879301d939e1c5ea8e01d09a8"
Last-Modified
Tue, 16 May 2023 02:16:02 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 dff94781894736c12dbb6eb4e456a898.cloudfront.net (CloudFront)
X-Amz-Cf-Id
cYXrYWzugdXuKjobxTBShAhHxe604WQpXo0nPGYf5H547qnTaTdtsg==
X-Amz-Cf-Pop
SYD3-P1
X-Cache
Hit from cloudfront
x-amz-server-side-encryption
AES256
swg.js
news.google.com/swg/js/v1/ 		209 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: subscriptions.heraldsun.com.au
URL: https://subscriptions.heraldsun.com.au/google-loader/extended-access.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f14.1e100.net
Software
sffe /
Resource Hash
9eaf90e659bcc9d1601ec7efab451b80efb2ba9c7d80d13f31ee63bbdf63bcf4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 17:18:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2507
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61423
x-xss-protection
0
last-modified
Thu, 20 Jun 2024 20:17:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Sat, 22 Jun 2024 18:08:48 GMT
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ 		2 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.25.27.9 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-25-27-9.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Sat, 22 Jun 2024 18:00:34 GMT
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Content-Type
text/plain; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/tad/tad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.65.244.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-244-78.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 17 Jun 2024 11:48:50 GMT
Content-Encoding
gzip
Via
1.1 612d6e38ca8a5e65776b064d65f27d36.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SYD3-P1
Age
454305
ETag
W/"51636de3ce868a2172f9e6996c2934e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=604800
Connection
keep-alive
X-Amz-Cf-Id
cyXfIt44q5NSf_F7cVEyTJJhjs8WKGxp2QgYVzohmJdq9v1JJxwLgA==
97081477.js
bat.bing.com/p/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/97081477.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d9f5945e80f23ab8addc1908230c8aa3ffabffd8aaa4827fa91afa5785a64169
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Sat, 22 Jun 2024 18:00:34 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: DD3B7B6F749D48F6B5E26AE289E82E53 Ref B: SYD03EDGE1009 Ref C: 2024-06-22T18:00:34Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=60
0
bat.bing.com/action/ 		0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=97081477&Ver=2&mid=fb04c3fa-a9e1-4067-a815-e7818da0babd&sid=52be8bc030c111ef93af07fcbccf257e&vid=52bf6f8030c111ef9cde25ae3d1c729d&vids=1&msclkid=N&pi=918639831&lg=en-AU&sw=1600&sh=1200&sc=24&tl=Outer%20east%20%7C%20Leader%20Newspapers%20East%20Melbourne%20%7C%20Local%20Community%20News%20VIC%20%7C%20Knox%20Leader%20%7C%20Maroondah%20Leader%20%7C%20Lilydale%20%26%20Yarra%20Valley%20Leader%20%7C%20Free%20Press%20Leader%20%7C%20Herald%20Sun&p=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&r=&lt=1873&evt=pageLoad&sv=1&rn=654748
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 22 Jun 2024 18:00:34 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: DBDEB405146B4350B0BEC5B2C2478C8D Ref B: SYD03EDGE1009 Ref C: 2024-06-22T18:00:34Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
5119
config.aps.amazon-adsystem.com/configs/ 		531 B
797 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/5119
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-72.syd3.r.cloudfront.net
Software
CloudFront /
Resource Hash
b8464dcb7e2e01bf45bea28cd900120b54874408b41a83ccd573931cae12fac8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 17:13:11 GMT
via
1.1 35e7be28d84a15b9277bceb653af4b4c.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SYD3-P2
age
2843
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
531
x-amz-cf-id
53M6uc1Bd7b98x5HXsVSXkmBsxuy0tSQZGkgoqNftompVtxNOQIMjg==
config
c.amazon-adsystem.com/cdn/prod/ 		636 B
987 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=5119&u=https%3A%2F%2Fwww.heraldsun.com.au
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.21.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-21-125.syd62.r.cloudfront.net
Software
Server /
Resource Hash
0e53454a6a3599c9e3c46ed4eb2132a19bd03b72d6be5282a2d4fb093249751f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 15:15:41 GMT
via
1.1 0f7044eb4e8b35c09d88dd64a3263794.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SYD62-P3
age
9892
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
636
x-amz-cf-id
9b1FvirIBAI2O_TItDFNuA1RtmEzDT1ysiel-nieyNx7RrS19TcIkw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.21.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-21-125.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding
gzip
via
1.1 8ccca629f0b1ca48e2e69a056f61f9a6.cloudfront.net (CloudFront)
date
Sat, 22 Jun 2024 15:25:02 GMT
x-amz-cf-pop
SYD62-P3
age
9340
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
z9Ov7x2FsNhv28oOX1rG7SuXZugrFwn8_KwlzAw2z_yY2gbQ5Jvu_Q==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240623
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
81a00b1621a7d0e8d61753424a0d60b13bd66c5e43c5fdabe9e41912097abf43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 22 Jun 2024 18:00:35 GMT
x-content-type-options
nosniff
content-encoding
br
age
7185
x-jsd-version
1.0.2095
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
837
x-served-by
cache-fra-eddf8230103-FRA, cache-syd10174-SYD
x-jsd-version-type
version
etag
W/"63a-SRvuE7sdx4L+iLSciQlrwJ1eZ9w"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
prebid
id5-sync.com/api/config/ 		167 B
453 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
b693ff17985bc54be8d357b5ac2ddc78e06c64df046d38aadad3d9bee7ec2439
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Sat, 22 Jun 2024 18:00:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
283 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=13726
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.26.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.26.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 22 Jun 2024 18:00:34 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240620/r20110914/elements/html/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240620/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=511134399154.9879?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
ce13d5d11a2c8a21612d2eae7a1732f20ca5a38daf0be8af6aaeef64e07d75e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 16:49:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
4293
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4395
x-xss-protection
0
server
cafe
etag
4271344721252203484
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Jul 2024 16:49:02 GMT
view
googleads4.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvvU0gMA_FX46fXmlKC5Ig3PPX1Vy_NAhaO_jPiTrMHqtWmjKdgeDdb42YeFXCJ2f8lnRCEV8YbhuF00yQEQD9wNvBJocRcwrSi0AE9owzQ4ouFtgcUfuh_K0H6gWqB88igJ3wbVczIWtc5XOAd0_TXGnInIUpeC6At7bj_jb1SRcaL7m9f9j0&sai=AMfl-YQV7Nx9I8z9o7vYcT09NTcrI8H5LRSkzF0OlAwvBBJJpolGmkNLEaa7Z0eNfe8R_ZZAdoE_rFuXjk7KAf0&sig=Cg0ArKJSzKoT4KspUqHJEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20240620.89718&arae=1&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=511134399154.9879?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 22 Jun 2024 18:00:35 GMT
door.js
au-script.dotmetrics.net/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/door.js?id=13214
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-66.syd1.r.cloudfront.net
Software
Kestrel /
Resource Hash
d34690509ba18bff561f4b93e18d84fe930c5aba8cfea8cb53cf5311b07923fd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:35 GMT
content-encoding
br
via
1.1 a07d834fd91c0b45a6cd6b94cf97a64a.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SYD1-C1
etag
"13214...285.2024062218"
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
private
x-amz-cf-id
FkfT99gJNGa5bZiWz1qfCNO4ib9trE7dLgYUXUBfWUtDJhqi8qxBTg==
/
geo.privacymanager.io/ 		31 B
627 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.192.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-192-52.sfo53.r.cloudfront.net
Software
/
Resource Hash
9c68b2aacc269439681b9a0d2624d2473595c07e5a2500f191b9517f6a2aac24

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 15:51:59 GMT
via
1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 e254430e2f05073f8b60d988c9070962.cloudfront.net (CloudFront)
x-amz-cf-pop
HIO50-C1, SFO53-P1
age
7716
x-amzn-requestid
d5071e2c-9f65-4692-9cbb-22001278fea4
x-amzn-trace-id
Root=1-6676f31f-39477c223486bf397607c746;Parent=46324bd2a766baf0;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
Zxrs8HAVjoEEXrA=
content-length
31
x-amz-cf-id
kxz3Uoqu39JHsaP8z-MXwz7V-SsS2vHFFBNWKPJ11VB592U73LUzWA==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
adsct
t.co/1/i/ 		43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=5530db3d-e4b3-4e04-80cc-58ffec02f061&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=22a3d499-c9df-4903-bd4c-c351f06de011&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&tw_iframe_status=0&txn_id=olqt8&type=javascript&version=2.3.30
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
117.18.232.195 , Australia, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_r /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
144
date
Sat, 22 Jun 2024 18:00:34 GMT
strict-transport-security
max-age=0
server
tsa_r
content-type
image/gif;charset=utf-8
x-transaction-id
4f08b54c9ceb3a42
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
c3b09e483d9cb080eff0d872514e561de7773a3c4aa460100f260e67126d340b
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
725 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=5530db3d-e4b3-4e04-80cc-58ffec02f061&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=22a3d499-c9df-4903-bd4c-c351f06de011&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&tw_iframe_status=0&txn_id=olqt8&type=javascript&version=2.3.30
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_r /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
145
date
Sat, 22 Jun 2024 18:00:34 GMT
strict-transport-security
max-age=631138519
server
tsa_r
content-type
image/gif;charset=utf-8
x-transaction-id
9460e92c21446868
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
fcfbb7e54649c4ecd4bce75d8c39490f268f2f1b600fdb5d6f047b13f25a8e1b
content-length
43
97081477
www.clarity.ms/tag/uet/ 		991 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/97081477
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/97081477.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7599c46da6981cb8cdc36a0eceae82661ac3bfeb55c1cccb2445eabeff8b9e53

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
-1
date
Sat, 22 Jun 2024 18:00:35 GMT
x-azure-ref
20240622T180035Z-17b8d4f8bc7nt5pvs5dyxckhk400000002eg000000001tp1
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
991
request-context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
384959879014125
connect.facebook.net/signals/config/ 		66 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/384959879014125?v=2.9.158&r=stable&domain=www.heraldsun.com.au&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
cde7739645c43a15add992b842ad5f092005d0f8b5d2272e4de839114aedc894
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 22 Jun 2024 18:00:34 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13993
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=2, rtx=1, c=64, mss=1317, tbw=63557, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
cIeyAcDy+8/hwC0GnGq9xeEIekHnqHmI4zCvVWoHZn+Au5rVf1MTjht7cO7fQIlFovjJ6MYjiDmKVyX7/dTAFw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/ 		463 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
cafe /
Resource Hash
89b0b3f3ff210a3f74e23c972eb9e702fe969dd53ef3082e39af55000d7f964f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:16:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
17066
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
147664
x-xss-protection
0
server
cafe
etag
1926151935331161023
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 22 Jun 2025 13:16:08 GMT
/
www.facebook.com/tr/ 		0
32 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=384959879014125&ev=ViewContent&dl=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&rl=&if=false&ts=1719079234930&sw=1600&sh=1200&v=2.9.158&r=stable&ec=1&o=4126&fbp=fb.2.1719079234926.276806625240280607&cs_est=true&est_source=2353117768323382&ler=empty&cdl=API_unavailable&it=1719079234882&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
UNKNOWN; q=-1, rtt=-1, rtx=0, c=10, mss=1317, tbw=2858, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 22 Jun 2024 18:00:35 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=384959879014125&ev=ViewContent&dl=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&rl=&if=false&ts=1719079234930&sw=1600&sh=1200&v=2.9.158&r=stable&ec=1&o=4126&fbp=fb.2.1719079234926.276806625240280607&cs_est=true&est_source=2353117768323382&ler=empty&cdl=API_unavailable&it=1719079234882&coo=false&es=automatic&tm=3&rqm=FGET
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xb134b76a56b9d4fe","source_keys":["1","2"]},{"key_piece":"0x8c64509bbef6a95c","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Sat, 22 Jun 2024 18:00:35 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7383389093565296416", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
UNKNOWN; q=-1, rtt=-1, rtx=0, c=10, mss=1317, tbw=3205, tp=-1, tpl=-1, uplat=242, ullat=0
pragma
no-cache
x-fb-debug
69HQb7d+P3tF7xjv9SxHvMWXjqmT8A/I0bi5HI53jCRfBM6qII4Tm2/lZTeA99r2qCzl+0Aau/MJYswyjPmbNA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7383389093565296416"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=384959879014125&ev=PageView&dl=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&rl=&if=false&ts=1719079234931&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.2.1719079234926.276806625240280607&cs_est=true&ler=empty&cdl=API_unavailable&it=1719079234882&coo=false&rqm=GET
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
UNKNOWN; q=-1, rtt=-1, rtx=0, c=10, mss=1317, tbw=2858, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 22 Jun 2024 18:00:35 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=384959879014125&ev=PageView&dl=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&rl=&if=false&ts=1719079234931&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.2.1719079234926.276806625240280607&cs_est=true&ler=empty&cdl=API_unavailable&it=1719079234882&coo=false&rqm=FGET
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x27f50080b680d49c","source_keys":["1","2"]},{"key_piece":"0x071bab48f337e952","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Sat, 22 Jun 2024 18:00:35 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7383389095572402353", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1317, tbw=6915, tp=-1, tpl=-1, uplat=243, ullat=0
pragma
no-cache
x-fb-debug
2r9AOK6I4P2Py2kyCtk2GGm8eV3vf/hT6fzLx5/zXzFbPlRI7nwZwFUJ/LlUkf/xg3Q5pvWI+pZ9g4fsfIcNvw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7383389095572402353"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		593 B
931 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=5119&u=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&pid=L5tyQPrVY4nJX&cb=0&ws=1600x1200&v=24.610.1703&t=2000&slots=%5B%7B%22sd%22%3A%22ad-block-728x90-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.leader%2Flocal%2Foutereast-ad-block-728x90-1%22%7D%2C%7B%22sd%22%3A%22ad-block-300x250-1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.leader%2Flocal%2Foutereast-ad-block-300x250-1%22%7D%2C%7B%22sd%22%3A%22ad-block-300x250-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.leader%2Flocal%2Foutereast-ad-block-300x250-2%22%7D%2C%7B%22sd%22%3A%22ad-block-728x90-2%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.leader%2Flocal%2Foutereast-ad-block-728x90-2%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22Win32%22%2C%22version%22%3A%5B%2210%22%2C%220%22%2C%220%22%5D%7D%2C%22browsers%22%3A%5B%7B%22brand%22%3A%22Not%2FA%29Brand%22%2C%22version%22%3A%5B%228%22%2C%220%22%2C%220%22%2C%220%22%5D%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%5B%22126%22%2C%220%22%2C%226478%22%2C%22114%22%5D%7D%2C%7B%22brand%22%3A%22Google+Chrome%22%2C%22version%22%3A%5B%22126%22%2C%220%22%2C%226478%22%2C%22114%22%5D%7D%5D%7D%7D%7D&sm=c1cc9ebb-8735-4610-a302-8a53d8181354&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&_c=1
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.35.170 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-35-170.syd3.r.cloudfront.net
Software
Server /
Resource Hash
7811b1a9863b6c85b3aecb0bed54bd852ea6455e72cbd7db1b5435fcd1dc460b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:35 GMT
via
1.1 a082000327c728caebeae45146987f26.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SYD3-P2
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
timing-allow-origin
*
content-length
593
x-amz-cf-id
G_vwyfJO7i-xSGpkFOcXZ5jR6NmjOH92_XCJKBx-TdFZ0dazOtxb2Q==
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame F576 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
1824
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
28560
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 22 Jun 2024 17:30:11 GMT
expires
Sat, 22 Jun 2024 18:20:11 GMT
last-modified
Mon, 17 Jun 2024 19:47:23 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
6630
secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/ 		18 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/6630
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.96.232 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-96-232.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f5647c47fb1b581202f34328775140b59a860d678f541caf98adf2e3d48900f2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
W4i5LqlLTAjryJ_8jp.1iw2w09RrC_Q5
date
Sat, 22 Jun 2024 18:00:35 GMT
last-modified
Tue, 30 Jan 2024 22:36:45 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
x-amz-server-side-encryption
AES256
etag
"1cace6cc49d6432004661d16654e37f7"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=538
accept-ranges
bytes
content-length
18049
x-amz-cf-id
NroDf4zy3j3WXSsRX-55XkmUCT7KQRBQ4IoQEP34Tk7L4vcADyKLoQ==
topicsapi.html
topics.authorizedvault.com/ Frame ED3D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://topics.authorizedvault.com/topicsapi.html?bidder=rtbhouse
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.244.62.6 Sydney, Australia, ASN60068 (CDN77 _, GB),
Reverse DNS
109632633.syd.cdn77.com
Software
CDN77-Turbo /
Resource Hash

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=604800
content-encoding
gzip
content-type
text/html
date
Sat, 22 Jun 2024 18:00:35 GMT
etag
W/"b1da2234a554ee8bc6519a75d88402d9"
expires
Tue, 11 Jul 2023 17:48:38 GMT
last-modified
Mon, 26 Jun 2023 15:39:25 GMT
server
CDN77-Turbo
vary
Accept-Encoding
via
1.1 google
x-77-age
505786
x-77-cache
HIT
x-77-nzt
EQwBj/Q+BAH3urcHAA
x-77-nzt-ray
79dc88069eba747b43117766c423b724
x-77-pop
sydneyAU
x-accel-date
1718573449
x-accel-date-max
1689094118
x-accel-expires
@1719178249
x-age
505786
x-cache
HIT
x-goog-generation
1687793965818864
x-goog-hash
crc32c=LvKeBQ== md5=sdoiNKVU7ovGUZp12IQC2Q==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1404
x-guploader-uploadid
ADPycdued6PJ1Ep6vC99ldIvPcD5Q2n4Vg8uR6Rg6Yvlhb0rOni3e-zPqu0tM_qE0XDXhy3ZRyO_fFEoqU_Ehpk5Zagd
topics_frame.html
ads.pubmatic.com/AdServer/js/topics/ Frame ED4F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.169.82 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-169-82.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
cache-control
max-age=65144
content-encoding
gzip
content-length
859
content-type
text/html
date
Sat, 22 Jun 2024 18:00:35 GMT
expires
Sun, 23 Jun 2024 12:06:19 GMT
last-modified
Tue, 21 Mar 2023 05:02:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
fastlane.json
fastlane.rubiconproject.com/a/api/ 		553 B
894 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914736&size_id=2&alt_size_ids=55%2C57%2C68&p_pos=atf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&tg_v.adl=false&tg_i.domain=heraldsun.com.au&tg_i.page=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&tg_i.pagetype=index&tg_i.sec1=local&tg_i.sec2=outer-east&tg_i.adl=false&tg_i.pos=1%2C1&tg_i.ad_unit=%2F5129%2Fndm.leader&tg_i.pbadslot=%2F5129%2Fndm.leader%2Flocal%2Foutereast%23ad-block-728x90-1&tg_i.refreshed=false&tk_flint=pbjs_lite_v8.23.0&l_pb_bid_id=2287dc2ba4bf76&p_screen_res=1600x1200&o_ae=1&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.leader%2Flocal%2Foutereast%23ad-block-728x90-1&slots=1&rand=0.7231459544318968
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
13b551721642a807ddde89b108759c65f676cb22c95d3e07e79e9f853c004f34

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:36 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
553
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		553 B
894 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914736&size_id=15&alt_size_ids=9%2C8%2C10&p_pos=atf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&tg_v.adl=false&tg_i.domain=heraldsun.com.au&tg_i.page=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&tg_i.pagetype=index&tg_i.sec1=local&tg_i.sec2=outer-east&tg_i.adl=false&tg_i.pos=1%2C1&tg_i.ad_unit=%2F5129%2Fndm.leader&tg_i.pbadslot=%2F5129%2Fndm.leader%2Flocal%2Foutereast%23ad-block-300x250-1&tg_i.refreshed=false&tk_flint=pbjs_lite_v8.23.0&l_pb_bid_id=3a0f8d64e19dc5&p_screen_res=1600x1200&o_ae=1&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.leader%2Flocal%2Foutereast%23ad-block-300x250-1&slots=1&rand=0.03528720995138235
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
90261fd791d03b4ded9cdaca7a48e1e47df8ba6fd2145299070e6c03f61f55f4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:36 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
553
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		533 B
875 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914758&size_id=15&p_pos=btf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&tg_v.adl=false&tg_i.domain=heraldsun.com.au&tg_i.page=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&tg_i.pagetype=index&tg_i.sec1=local&tg_i.sec2=outer-east&tg_i.adl=false&tg_i.pos=2%2C2&tg_i.ad_unit=%2F5129%2Fndm.leader&tg_i.pbadslot=%2F5129%2Fndm.leader%2Flocal%2Foutereast%23ad-block-300x250-2&tg_i.refreshed=false&tk_flint=pbjs_lite_v8.23.0&l_pb_bid_id=45b20eb55e3cf9&p_screen_res=1600x1200&o_ae=1&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.leader%2Flocal%2Foutereast%23ad-block-300x250-2&slots=1&rand=0.25529968061081254
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
331eea02700a60142c405b554de57beda94ef4055cda42f09b6d72c16720c4f2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:36 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
533
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		531 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914758&size_id=2&p_pos=btf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&tg_v.adl=false&tg_i.domain=heraldsun.com.au&tg_i.page=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&tg_i.pagetype=index&tg_i.sec1=local&tg_i.sec2=outer-east&tg_i.adl=false&tg_i.pos=2%2C2&tg_i.ad_unit=%2F5129%2Fndm.leader&tg_i.pbadslot=%2F5129%2Fndm.leader%2Flocal%2Foutereast%23ad-block-728x90-2&tg_i.refreshed=false&tk_flint=pbjs_lite_v8.23.0&l_pb_bid_id=5eeea6c2a64599&p_screen_res=1600x1200&o_ae=1&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.leader%2Flocal%2Foutereast%23ad-block-728x90-2&slots=1&rand=0.08329145470900023
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
61394c221efbec7de2cb8f578511ae888b85c92b4de6ef650e0a994e858edf20

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:36 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
531
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		493 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.179 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
1f8f56e666725ca5b77858cecf753aaa846da7ed8cd76435dc4010bcbf8b5d65
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:35 GMT
an-x-request-uuid
d6c3c901-176d-45c3-be5b-22d843ef8c84
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
66.203.112.162; 66.203.112.162; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
493
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ads.playground.xyz/host-config/ 		0
347 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.playground.xyz/host-config/prebid?v=2
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.253.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.253.102.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 22 Jun 2024 18:00:35 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
ad5da2e8-9fbd-4feb-bef0-501df1dcc1f7
translator
hbopenbid.pubmatic.com/ 		0
224 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.78 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Sat, 22 Jun 2024 18:00:35 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ 		3 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=277566
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce9ed20b25b23b0b635f8ec6a6745662a5fddd444ce19886e4762c26a3a3aea9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 22 Jun 2024 18:00:35 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
observe-browsing-topics
?1
alt-svc
h3=":443"; ma=86400
content-length
1985
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a%2Fm5gZx1MWD6nOE255wYJ4bsi2c4r0YvgZyLc%2B%2B6n4ygWHBDjxXl%2BNHaolD6M2YXiaQyrYmUHL1E2KYkMU2sqePBYgkunO0TB0%2FdGlj7%2FJ%2Bvobto96CiQttXvZcZS%2BPiW0RUkfWT"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
897e23836bada7ea-SYD
expires
0
cdb
bidder.criteo.com/ 		0
227 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.23.0&cb=566605733&lsavail=1
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 22 Jun 2024 18:00:35 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
observe-browsing-topics
?1
vary
Origin
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
imp
g2.gumgum.com/hbid/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1719079235099&to=-480&aun=ad-block-728x90-1&gpid=%2F5129%2Fndm.leader%2Flocal%2Foutereast%23ad-block-728x90-1&t=jlltldhf&pi=3&maxw=1800&maxh=1000&si=985711&bf=970x250%2C1800x1000%2C970x90%2C728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.23.0%22%7D&ogu=https%3A%2F%2Fwww.heraldsun.com.au&ns=10240
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.215.133.30 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-215-133-30.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
24f376aa0e71af1f39162dbcbe514f7327b57f0fa2f49dcab7a7a570a4ba60bf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:35 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1719079235100&to=-480&aun=ad-block-300x250-1&gpid=%2F5129%2Fndm.leader%2Flocal%2Foutereast%23ad-block-300x250-1&t=jlltldhf&pi=3&maxw=300&maxh=600&si=985713&bf=300x250%2C300x600%2C160x600%2C120x600&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.23.0%22%7D&ogu=https%3A%2F%2Fwww.heraldsun.com.au&ns=10240
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.215.133.30 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-215-133-30.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
93fc7be37b0e024c26ba8c6a61c53775013e93d85b384a2356115146b6a37f67

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:35 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
bid-request
a.teads.tv/hb/ 		16 B
639 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.168.6 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-6.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:35 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
observe-browsing-topics
?1
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sat, 22 Jun 2024 18:00:35 GMT
pub
pixel.adsafeprotected.com/services/ 		790 B
591 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10507&slot=%7Bid:ad-block-728x90-1,ss:%5B728.90,970.250,970.90%5D,p:/5129/ndm.leader/local/outereast,t:display%7D&slot=%7Bid:ad-block-728x90-2,ss:%5B728.90%5D,p:/5129/ndm.leader/local/outereast,t:display%7D&slot=%7Bid:ad-block-300x250-1,ss:%5B300.250,300.600,160.600,120.600%5D,p:/5129/ndm.leader/local/outereast,t:display%7D&slot=%7Bid:ad-block-300x250-2,ss:%5B300.250%5D,p:/5129/ndm.leader/local/outereast,t:display%7D&slot=%7Bid:ad-block-1000x50-1,ss:%5B1000.50,728.1%5D,p:/5129/ndm.leader/local/outereast,t:display%7D&slot=%7Bid:ad-block-300x90-1,ss:%5B300.90,315.90%5D,p:/5129/ndm.leader/local/outereast,t:display%7D&slot=%7Bid:ad-out-of-page,ss:%5B1.1%5D,p:/5129/ndm.leader/local/outereast,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=8c6299eb-2349-29ed-400b-cef6fcb95db1&url=https%253A%252F%252Fwww.heraldsun.com.au%252Fleader%252Fouter-east
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.239.71.82 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-239-71-82.ap-southeast-2.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
021b7fd0e5a9e5eedd0b4ba14bb5888fcc74c32282456676a31d80b2bd0b8b22

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:35 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
4da497c403dba37cca0de840b1ff3265ae0e3
bedsberry.com/create/019ae299d9c8003/ 		299 B
717 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bedsberry.com/create/019ae299d9c8003/4da497c403dba37cca0de840b1ff3265ae0e3
Requested by
Host: bedsberry.com
URL: https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d5e34467a6d401ae3532c2d2ab29a44ca4deb174d59d0fdf9ae91541f80567f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 22 Jun 2024 18:00:35 GMT
strict-transport-security
max-age=15724800; preload
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
br
x-buildnumber
1340724186
alt-svc
h3=":443"; ma=86400
server
cloudflare
x-datacenter
gce-asia-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
x-hostname
fen-hoothoot-asia-east1-spot-mlrj
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
cf-ray
897e23838de5574e-SYD
expires
Sat, 22 Jun 2024 18:00:34 GMT
Serving
bs.serving-sys.com/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving?cn=ot&onetagid=6630&dispType=js&sync=0&sessionid=1733379935828767352&pageurl=$$https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east$$&activityValues=$$Session%3D3163593001341416524$$&ns=0&rnd=3240796721&uinadv=%7B%7D&ccpastatus=1
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.230.26 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-230-26.ap-southeast-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0f3d3de29efe7b0bdefe3544c804f55226718d227256bfb31f8c052d62c0b9bf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:35 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
no-cache, no-store
content-length
2603
expires
Sun, 05-Jun-2005 22:00:00 GMT
hit.gif
au-script.dotmetrics.net/ 		43 B
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://au-script.dotmetrics.net/hit.gif?id=13214&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&dom=www.heraldsun.com.au&r=1719079235124&pvs=1&ecid=965dfe5b-a19a-4cd8-9163-4a75d214771d&c=true&tzOffset=-480&doorUrl=http%3a%2f%2fau-script.dotmetrics.net%2fdoor.js%3fid%3d13214&dfph=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-66.syd1.r.cloudfront.net
Software
Kestrel /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:35 GMT
dotmetrics-hit-status
01 OK
via
1.1 a07d834fd91c0b45a6cd6b94cf97a64a.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
image/gif
cache-control
no-cache
x-amz-cf-id
KUq7619ATcdnXKDt99xZnrd50Jdz_PD8gfoubBjEiyilmkshUVX6JQ==
hit.gif
rm-script.dotmetrics.net/ 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rm-script.dotmetrics.net/hit.gif?id=13214&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&dom=www.heraldsun.com.au&r=1719079235124&pvs=1&pvid=965dfe5b-a19a-4cd8-9163-4a75d214771d&c=true&tzOffset=-480
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-52.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 17:33:05 GMT
via
1.1 0c5c9092233f69156c68308fd823bd58.cloudfront.net (CloudFront)
last-modified
Tue, 18 Apr 2023 12:25:02 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
1698
x-amz-server-side-encryption
AES256
etag
"e4f758e6322c8f8abfa1f6eba71ee873"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
content-length
807
x-amz-cf-id
dWIKlJ1Dg_PDiZaKvl9zOMZTVHveWnKr7MVFUs7cnIW6tfkUXfa0aA==
a20352597942.html
a20352597942.cdn.optimizely.com/client_storage/ Frame 26BD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a20352597942.cdn.optimizely.com/client_storage/a20352597942.html
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/20352597942.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.221.20.194 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-20-194.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
cache-control
max-age=120
content-encoding
gzip
content-length
977
content-type
text/html; charset=utf-8
date
Sat, 22 Jun 2024 18:00:35 GMT
etag
"31351c4149495816ec6dd3cff699fdd7"
last-modified
Thu, 20 Jun 2024 14:02:05 GMT
server
AmazonS3
server-timing
cdn-cache; desc=HIT edge; dur=1 cdn;desc="AkamaiION";dur=0,rtt;desc="0";dur=0,cdnip;desc="23.221.20.194";dur=0,cdnmap;desc="a4343.a.akamaiedge.net";dur=0,proto;desc="h2";dur=0 ak_p; desc="1719079235238_389542548_83196189_34_1752_1_5_255";dur=1
strict-transport-security
max-age=15768000
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mRUM,2
x-amz-id-2
ckQLU0AKN7a1P78/kUE1RwfRns+7/ZhR+TwMd7MgMTjJK2wzCgAPAsd2sxf9y/dXQjabGlsLJvg=
x-amz-meta-pci_enabled
False
x-amz-replication-status
COMPLETED
x-amz-request-id
2SH50F3HPQ1Q2K84
x-amz-server-side-encryption
AES256
x-amz-version-id
jw3HkpZGMZGiN8V.zUq.RH.a42tTDTZu
/
geo.privacymanager.io/ 		31 B
625 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.192.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-192-52.sfo53.r.cloudfront.net
Software
/
Resource Hash
9c68b2aacc269439681b9a0d2624d2473595c07e5a2500f191b9517f6a2aac24

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 15:51:59 GMT
via
1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 e254430e2f05073f8b60d988c9070962.cloudfront.net (CloudFront)
x-amz-cf-pop
HIO50-C1, SFO53-P1
age
7716
x-amzn-requestid
d5071e2c-9f65-4692-9cbb-22001278fea4
x-amzn-trace-id
Root=1-6676f31f-39477c223486bf397607c746;Parent=46324bd2a766baf0;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
Zxrs8HAVjoEEXrA=
content-length
31
x-amz-cf-id
S1MLGqCzs6YK3uL9gHoN07BtEYN_D5f8-TeLESotu57wmRTE1NT1_Q==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
65568.js
cdn.brandmetrics.com/scripts/bundle/ 		61 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4f778682-7195-460b-83fa-73fe4d0c111c&toploc=www.heraldsun.com.au
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/heraldsun.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a65eace2559ec202c492352c43458f34f2aef234377022205d0c6f83526b0f3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:35 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Sat, 22 Jun 2024 17:08:51 GMT
server
cloudflare
age
3104
cf-polished
origSize=64526
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FUuEn1Jwm%2BYycV3ngYlgJhXMdXYHkkCn42FEOHmd%2Bdk8G3Q8Sc%2FIe9dIuG7OWlqzpDC6mZNgInAgwBolfjG0BAKaJT9D36%2BZNHDwBMzUcKD80FzWt7qvTfhfKpk2BhYvopvKnnrN"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
897e238448c3a974-SYD
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
script.js
au-script.dotmetrics.net/Scripts/ 		72 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/Scripts/script.js?v=285
Requested by
Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/door.js?id=13214
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-66.syd1.r.cloudfront.net
Software
Kestrel /
Resource Hash
27b65c06fcf400e92c162ef2a8497cc573468ed0904d1a4c92119344c9997313

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:35 GMT
content-encoding
br
via
1.1 a07d834fd91c0b45a6cd6b94cf97a64a.cloudfront.net (CloudFront)
last-modified
Mon, 15 Apr 2024 14:54:31 GMT
server
Kestrel
x-amz-cf-pop
SYD1-C1
etag
"1da8f44d2530d7f"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript
accept-ranges
bytes
x-amz-cf-id
qO3bvJi0z-6qLmG-lSV5rGoJJjPZJnZUjNHHZz3HbPHd3rnzFN8UjA==
3zcdIyo2Tk.gif
pixel.zprk.io/v5/pixel/ 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.zprk.io/v5/pixel/3zcdIyo2Tk.gif?idgen=1&_ncid=f8c16e972450c2e03cad1bd465e9f76c&timewithTz=2024-06-22T18:00:34.493Z&country=au&newsconnectId=&fpid=351c958114b7447c954c1d04cd30a0ed
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.73.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-73-13.compute-1.amazonaws.com
Software
/
Resource Hash
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:35 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-max-age
3600
access-control-allow-methods
POST, GET, DELETE, PUT
content-type
image/gif
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
35
attribution_trigger
px.ads.linkedin.com/ 		2 B
765 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=&time=1719079235244&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
*
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:35 GMT
content-encoding
gzip
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 2586B86A7F6D4E318762A1EC7F42CD5B Ref B: SYD03EDGE0820 Ref C: 2024-06-22T18:00:35Z
access-control-allow-methods
GET, OPTIONS
x-li-fabric
prod-lor1
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
content-type
application/json
x-li-proto
http/2
x-restli-protocol-version
1.0.0
access-control-allow-headers
*
x-li-uuid
AAYbflMucSJ1ZNTFbgXXwA==
x-fs-uuid
00061b7e532e71227564d4c56e05d7c0
collect
px.ads.linkedin.com/ 		0
532 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=&time=1719079235244&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:35 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 158628EC5B32467A83207CDDDBB7F141 Ref B: SYD03EDGE1313 Ref C: 2024-06-22T18:00:35Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYbflMupL7qA1rpCwf/JA==
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2Fleader%2Fouter-east&u=BNVOU-BR9yyLB1YifI&d=heraldsun.com.au&g=36976&g0=local%2Couter-east%2Cindex%2Cno_video&g1=hwt&n=1&f=00001&c=0&x=0&m=0&y=7358&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&b=3281&t=xjYaHB4-MrsDzxoUaBGUcn0E1r4Q&V=147&i=Outer%20east%20%7C%20Leader%20Newspapers%20East%20Melbourne%20%7C%20Local%20Community%20News%20VIC%20%7C%20Knox%20Leader%20%7C%20Maroondah%20Leader%20%7C%20Lilydale%20%26%20Yarra%20Valley%20Leader%20%7C%20Free%20Press%20Leader%20%7C%20Herald%20Sun&tz=-480&_acct=anon&sn=1&sv=aZVnzCyTkmHC_lfVdmdbGql_X9d&sr=external&sd=1&im=066b0f7a&_
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.253.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-253-44.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 22 Jun 2024 18:00:35 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/ 		199 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-100.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d98cc6e770bf9c71b8758a040222960e918adb20cc1f71f2296ae4f70256d510

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Aabpvbg3ktgBmwIqp1b4kZ3V88L5QhMx
content-encoding
gzip
via
1.1 435dfd2ccb739fd32ab23d873305cce2.cloudfront.net (CloudFront)
date
Sat, 22 Jun 2024 17:37:27 GMT
x-amz-cf-pop
SYD3-P2
age
1389
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Wed, 06 Sep 2023 13:04:53 GMT
server
AmazonS3
etag
W/"2be1fe7a43ef5ba626afab2ceddfc177"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
w2EYYDkpaWrc2ajxvQ8_mNgA0odlxjYaFYdgf80pDT0JSsEELNWpWQ==
www.heraldsun.com.au.json
script.crazyegg.com/pages/data-scripts/0018/2988/site/ 		1023 B
724 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0018/2988/site/www.heraldsun.com.au.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0018/2988.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca2bb4adf6785222084c9f5389ff48014df44c1422ab6da0f21c2fbac3f1de34

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:35 GMT
content-encoding
gzip
cf-cache-status
HIT
age
287
ce-version
11.5.221
content-length
453
last-modified
Sat, 22 Jun 2024 17:55:48 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
897e23866adda87c-SYD
undefined_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 		86 B
699 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/undefined_telemetry
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:35 GMT
content-encoding
gzip
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server
snooserv
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
content-length
97
config
pixel-config.reddit.com/pixels/t2_vrvmwxuz/ 		3 B
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel-config.reddit.com/pixels/t2_vrvmwxuz/config
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:35 GMT
content-encoding
gzip
via
1.1 varnish
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
content-length
27
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1719079235292&id=t2_vrvmwxuz&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=a9bbe022-a981-4e01-940a-2a2f4a6db27e&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_e9773deb&dpm=&dpcc=&dprc=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:35 GMT
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server
Varnish
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 2720 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-127.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
1430
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Sat, 22 Jun 2024 17:36:46 GMT
etag
W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified
Wed, 06 Sep 2023 13:04:52 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 435dfd2ccb739fd32ab23d873305cce2.cloudfront.net (CloudFront)
x-amz-cf-id
EFoN2bTrrxinySmJGDgfXFv4wHyccZXSc0DUnIqFiEC_-ahlM_P3GA==
x-amz-cf-pop
SYD3-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
CTbRZ.5UlARhD4XceMUpZU1V6DSHtB37
x-cache
Hit from cloudfront
c78d18b2483a1d7fd69acb361615da9948bfc9d9d46478616cc6
bedsberry.com/ 		3 B
458 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bedsberry.com/c78d18b2483a1d7fd69acb361615da9948bfc9d9d46478616cc6
Requested by
Host: bedsberry.com
URL: https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 22 Jun 2024 18:00:35 GMT
strict-transport-security
max-age=15724800; preload
via
1.1 google
cf-cache-status
DYNAMIC
x-buildnumber
1340724186
alt-svc
h3=":443"; ma=86400
content-length
3
server
cloudflare
x-datacenter
gce-asia-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
x-hostname
fen-hoothoot-asia-east1-spot-mlrj
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
cf-ray
897e2384de6f574e-SYD
expires
Sat, 22 Jun 2024 18:00:34 GMT
swg-button.css
news.google.com/swg/js/v1/ 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f14.1e100.net
Software
sffe /
Resource Hash
2935e77ba4a31d658633687964df779e6a6acd911252186240c22eafeba8bc36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 17:49:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
683
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5195
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 21:19:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Sat, 22 Jun 2024 18:39:12 GMT
loader.svg
news.google.com/swg/js/v1/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/loader.svg
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f14.1e100.net
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 17:16:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2666
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1049
x-xss-protection
0
last-modified
Mon, 16 Mar 2020 18:14:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
image/svg+xml
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Sat, 22 Jun 2024 18:06:09 GMT
serviceiframe
news.google.com/swg/ui/v1/ Frame C52C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/ui/v1/serviceiframe?_=1719079235353&publicationId=heraldsun.com.au
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f14.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dKIQp3zIcASNuNVHz1ZqFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://payments.google.com https://payments.sandbox.google.com https://sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-dKIQp3zIcASNuNVHz1ZqFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://payments.google.com https://payments.sandbox.google.com https://sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-resource-policy
same-site
date
Sat, 22 Jun 2024 18:00:35 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
reporting-endpoints
default="/swg/_/SubscribewithgoogleClientUi/web-reports?context=eJzjStHikmJw1gBi81tMcX9uMUWdfsTUtPIpUwsQfzv0jOkHEEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiJP-nWctAOIlERdZDyReZGV9epGVHYiXKl5iXQ7EQjwchxfd2cwmMOPo41ZmJaOk_ML44tKk4uSizKTU8sySjPT8_PSc1OSczNS8kuLUorLUongjAyMTAzNDSz0D4_gCAwDCYUWn"
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
article
news.google.com/swg/_/api/v1/publication/heraldsun.com.au/ 		451 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/api/v1/publication/heraldsun.com.au/article?locked=false
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f14.1e100.net
Software
ESF /
Resource Hash
00532d00ca338495060a9ed85b8ae63e8fb96dcca402c76b82a9ec05366cc01c
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
text/plain, application/json
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:35 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
SiteEvent.dotmetrics
au-script.dotmetrics.net/ 		399 B
1003 B 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/SiteEvent.dotmetrics?v=eyJpZCI6MTMyMTQsImZsIjp0cnVlLCJkb20iOiJ3d3cuaGVyYWxkc3VuLmNvbS5hdSIsImxzbyI6bnVsbCwidXJsIjoiaHR0cHM6Ly93d3cuaGVyYWxkc3VuLmNvbS5hdS9sZWFkZXIvb3V0ZXItZWFzdCIsInJ1cmwiOiIiLCJlY2lkIjoiOTY1ZGZlNWItYTE5YS00Y2Q4LTkxNjMtNGE3NWQyMTQ3NzFkIiwiZGMiOiIwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDAiLCJkZnBoIjoiIiwidHpPZmZzZXQiOi00ODAsIm9zcyI6dHJ1ZSwib3NlcyI6dHJ1ZX0%3D&r=1719079235401
Requested by
Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/Scripts/script.js?v=285
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-66.syd1.r.cloudfront.net
Software
Kestrel /
Resource Hash
54c52f631c5934d45b061a2923b0cd195d55507bba8c064aec5a619a6110f52e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:35 GMT
content-encoding
br
via
1.1 a07d834fd91c0b45a6cd6b94cf97a64a.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SYD1-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
GbnNr_AvYkc_JpWT7uAV8RhADrLOsIyks-zb_hQ0dAfn1XFi_LEDCA==
id
dpm.demdex.net/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1719079235478
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.vendors.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.214.152.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-152-138.compute-1.amazonaws.com
Software
/
Resource Hash
ca57f9be9ac3f1773fd7124d2f8a714d5da594ccd7f7619a18f9e2260d60f03f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

dcs
dcs-prod-va6-2-v060-0584558f0.edge-va6.demdex.com 3 ms
pragma
no-cache
date
Sat, 22 Jun 2024 18:00:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-tid
33Rk0GPbQl0=
vary
Origin
content-type
application/json;charset=utf-8
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
1559
expires
Thu, 01 Jan 1970 00:00:00 UTC
iu3
s.amazon-adsystem.com/ Frame D095
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_kg
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_kg&dcc=t
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_kg&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
286
Content-Type
text/html;charset=ISO-8859-1
Date
Sat, 22 Jun 2024 18:00:36 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
K3P40S00G4FQ2VNRP6V3

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Sat, 22 Jun 2024 18:00:36 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_kg&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
3Q9GGPQZA40PSR96RM91
v1
lb.eu-1-id5-sync.com/lb/ 		0
0
/
px.ads.linkedin.com/wa/ 		0
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Accept
*
Referer
https://www.heraldsun.com.au/
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:35 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 3DAA2B3BEBCC4DF38DA19ABAE6015DC0 Ref B: SYD03EDGE1313 Ref C: 2024-06-22T18:00:35Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
access-control-allow-origin
https://www.heraldsun.com.au
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYbflMxlhZFoJaiHRu49Q==
clarity.js
www.clarity.ms/s/0.7.32/ 		61 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.32/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/97081477
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:35 GMT
content-encoding
br
last-modified
Fri, 10 May 2024 17:30:20 GMT
etag
W/"0x8DC7116DE09E645"
vary
Accept-Encoding
x-azure-ref
20240622T180035Z-17b8d4f8bc7nt5pvs5dyxckhk400000002eg000000001tpn
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
d605c894-001e-0079-58f9-c2d2ff000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
core.js
s.pinimg.com/ct/ Frame 2264 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east?nk=351c958114b7447c954c1d04cd30a0ed-1719079233
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.168.218 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-218.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e9632017fc5e1d005631debbcc1b45afcd01834266a49cf8f22bce3140555249

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
x-cdn
akamai
etag
"9bc4bd8fd6a7603cc1c91cc83fc17417"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=7200
accept-ranges
bytes
alt-svc
h3=":443"; ma=600
content-length
1878
up_loader.1.1.0.js
js.adsrvr.org/ Frame C2CB 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.158.14.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-14-99.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f4d1e641d47b4af1b6cb7936c59626f4dbab3933473009b447406034c34facb5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 22 Jun 2024 16:41:57 GMT
Content-Encoding
gzip
Via
1.1 59067266959db6ef629f60366c4dee48.cloudfront.net (CloudFront)
Last-Modified
Fri, 07 Jun 2024 09:20:53 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SYD62-P3
Age
4719
x-amz-server-side-encryption
AES256
ETag
W/"a7eb6794e868fe870db350518165c868"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
aA4onsPmLM9RbuifvDq7gMtkqQFsY4CdnyUZlYlufPJeOT89s3XRDQ==
activityi;dc_pre=CPyc1pnl74YDFeAtgwMdO4cEUw;src=8228261;type=invmedia;cat=newsc02j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8682775706807.926
8228261.fls.doubleclick.net/ Frame 3786
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc02j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8682775706807.926?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CPyc1pnl74YDFeAtgwMdO4cEUw;src=8228261;type=invmedia;cat=newsc02j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=868277570680...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=CPyc1pnl74YDFeAtgwMdO4cEUw;src=8228261;type=invmedia;cat=newsc02j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8682775706807.926?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east?nk=351c958114b7447c954c1d04cd30a0ed-1719079233
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
972
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 22 Jun 2024 18:00:36 GMT
expires
Sat, 22 Jun 2024 18:00:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 22 Jun 2024 18:00:36 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8228261.fls.doubleclick.net/activityi;dc_pre=CPyc1pnl74YDFeAtgwMdO4cEUw;src=8228261;type=invmedia;cat=newsc02j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8682775706807.926?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CPCh1pnl74YDFa4FgwMdUi8F_Q;src=8228261;type=invmedia;cat=newsc02-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2842877810363.178
8228261.fls.doubleclick.net/ Frame 3FD9
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc02-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2842877810363.178?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CPCh1pnl74YDFa4FgwMdUi8F_Q;src=8228261;type=invmedia;cat=newsc02-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=284287781036...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=CPCh1pnl74YDFa4FgwMdUi8F_Q;src=8228261;type=invmedia;cat=newsc02-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2842877810363.178?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east?nk=351c958114b7447c954c1d04cd30a0ed-1719079233
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
1005
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 22 Jun 2024 18:00:36 GMT
expires
Sat, 22 Jun 2024 18:00:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 22 Jun 2024 18:00:36 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8228261.fls.doubleclick.net/activityi;dc_pre=CPCh1pnl74YDFa4FgwMdUi8F_Q;src=8228261;type=invmedia;cat=newsc02-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2842877810363.178?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
px
secure.adnxs.com/ Frame CB42 		0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/px?id=1274268&seg=22404526&t=1
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.179 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:36 GMT
an-x-request-uuid
a08d8632-b83b-4eba-8718-389b078762b4
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/javascript; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.162; 66.203.112.162; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
uwt.js
static.ads-twitter.com/ Frame 1C20 		56 KB
66 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east?nk=351c958114b7447c954c1d04cd30a0ed-1719079233
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.28.157 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/
If-None-Match
"bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
If-Modified-Since
Fri, 15 Mar 2024 03:07:08 GMT
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:35 GMT
etag
"bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-cache
HIT
cache-control
no-cache
x-served-by
cache-syd10149-SYD
js
www.googletagmanager.com/gtag/ Frame 23CD 		227 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-707564276
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
8889e713fb02218efc4b6bbfb619a4285db459243e8cb82167fe47b4753e0257
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84030
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 22 Jun 2024 18:00:39 GMT
up_loader.1.1.0.js
js.adsrvr.org/ Frame C761 		12 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.158.14.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-14-99.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f4d1e641d47b4af1b6cb7936c59626f4dbab3933473009b447406034c34facb5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 22 Jun 2024 16:41:57 GMT
Content-Encoding
gzip
Via
1.1 59067266959db6ef629f60366c4dee48.cloudfront.net (CloudFront)
Last-Modified
Fri, 07 Jun 2024 09:20:53 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SYD62-P3
Age
4719
x-amz-server-side-encryption
AES256
ETag
W/"a7eb6794e868fe870db350518165c868"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
X-Amz-Cf-Id
aA4onsPmLM9RbuifvDq7gMtkqQFsY4CdnyUZlYlufPJeOT89s3XRDQ==
pixie.js
acdn.adnxs.com/dmp/up/ Frame D5A3 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/up/pixie.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east?nk=351c958114b7447c954c1d04cd30a0ed-1719079233
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2761a6698395fb13fd3785c16dd380ec5d618de2abcc28eeaffe090b46a51fc4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Expires
Thu, 20 Jun 2024 17:12:23 GMT
Date
Sat, 22 Jun 2024 18:00:36 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
2888
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
7929
X-Served-By
cache-lga21930-LGA, cache-syd10174-SYD
Last-Modified
Wed, 19 Jun 2024 17:09:07 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Timer
S1719079236.003291,VS0,VE0
ETag
W/"667310b3-587e"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
16861, 131
activityi;dc_pre=CNig1pnl74YDFagBgwMdIgEKoA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4633713475760.905
8228261.fls.doubleclick.net/ Frame 7F95
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4633713475760.905?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CNig1pnl74YDFagBgwMdIgEKoA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=463371347576...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=CNig1pnl74YDFagBgwMdIgEKoA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4633713475760.905?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east?nk=351c958114b7447c954c1d04cd30a0ed-1719079233
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
1006
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 22 Jun 2024 18:00:36 GMT
expires
Sat, 22 Jun 2024 18:00:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 22 Jun 2024 18:00:36 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8228261.fls.doubleclick.net/activityi;dc_pre=CNig1pnl74YDFagBgwMdIgEKoA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4633713475760.905?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
conversion.js
www.googleadservices.com/pagead/ Frame CA71 		57 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
cafe /
Resource Hash
bf503a23e4e0eba3b3bf84282a360bf0c1664232cffb781aae272e8e77f2c63d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21119
x-xss-protection
0
server
cafe
etag
17744555452863531702
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 22 Jun 2024 18:00:36 GMT
pixel
pixel.mediaiqdigital.com/ Frame D904
Redirect Chain
  • https://secure.adnxs.com/px?id=1297269&seg=22449553&redir=https%3A%2F%2Fpixel.mediaiqdigital.com%2Fpixel%3Fu1%3D%pu1=!;%26pixel_id%3D1297269%26uid%3D%24%7BUID%7D&t=2
  • https://pixel.mediaiqdigital.com/pixel?u1=%pu1=!;&pixel_id=1297269&uid=5067895556725147321
2 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mediaiqdigital.com/pixel?u1=%pu1=!;&pixel_id=1297269&uid=5067895556725147321
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Server
52.76.196.116 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-196-116.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 22 Jun 2024 18:00:36 GMT
content-length
2

Redirect headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:36 GMT
an-x-request-uuid
46658d55-8111-40fd-8a74-de6194c0e33a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://pixel.mediaiqdigital.com/pixel?u1=%pu1=!;&pixel_id=1297269&uid=5067895556725147321
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.162; 66.203.112.162; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
px
secure.adnxs.com/ 		0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.179 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:36 GMT
an-x-request-uuid
e852a4c5-fcdc-4df2-a1a1-0bda6b85716d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/javascript; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.162; 66.203.112.162; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
adsct
t.co/i/ Frame 1C20 		43 B
160 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=827d7ef7-e34c-42c5-ab9a-982d23db7d03&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=3f1bcc0d-186f-455d-bfa4-c6c5836a68b0&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3flk&type=javascript&version=2.3.30
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
117.18.232.195 , Australia, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_r /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
144
date
Sat, 22 Jun 2024 18:00:35 GMT
strict-transport-security
max-age=0
server
tsa_r
content-type
image/gif;charset=utf-8
x-transaction-id
15efdf5a66e66303
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
47f8aac86d24091c24163844f58c5019ccd463c68bee34eee19378a9373ee2fb
content-length
43
adsct
analytics.twitter.com/i/ Frame 1C20 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=827d7ef7-e34c-42c5-ab9a-982d23db7d03&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=3f1bcc0d-186f-455d-bfa4-c6c5836a68b0&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3flk&type=javascript&version=2.3.30
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_r /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
145
date
Sat, 22 Jun 2024 18:00:35 GMT
strict-transport-security
max-age=631138519
server
tsa_r
content-type
image/gif;charset=utf-8
x-transaction-id
1ab660af41fcc6ed
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
fcfbb7e54649c4ecd4bce75d8c39490f268f2f1b600fdb5d6f047b13f25a8e1b
content-length
43
collect
v.clarity.ms/ 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/x-clarity-gzip
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://www.heraldsun.com.au
Date
Sat, 22 Jun 2024 18:00:39 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
up
ib.adnxs.com/pixie/ Frame D5A3 		9 B
314 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/pixie/up?pi=4332873b-84ca-4d4d-a575-ee974bcdf99a
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/up/pixie.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.179 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e4b9a4d34a563158069f54e72a34585d7a2a25f753b9b30220d429d2bc8624b8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:36 GMT
server
nginx/1.23.4
access-control-max-age
0
access-control-allow-methods
GET, OPTIONS
content-type
application/xml
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
x-proxy-origin
66.203.112.162; 66.203.112.162; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
access-control-allow-headers
Content-Type
content-length
9
tme
lm.serving-sys.com/lm/ 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://lm.serving-sys.com/lm/tme
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.77.62.68 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-77-62-68.eu-central-1.compute.amazonaws.com
Software
LogModule 0.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Allow-Credentials
true
Server
LogModule 0.6
Content-Length
0
Content-Type
text/plain
dest5.html
newscorpau.demdex.net/ Frame 63F9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://newscorpau.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.vendors.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.174.127.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-127-4.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sat, 22 Jun 2024 18:00:40 GMT
dcs
dcs-prod-va6-1-v060-0398031f6.edge-va6.demdex.com 0 ms
expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Thu, 9 May 2024 11:56:34 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
x-tid
fyJL+CloTgU=
id
newscorpau.sc.omtrdc.net/ 		2 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://newscorpau.sc.omtrdc.net/id?d_visid_ver=5.1.1&d_fieldgroup=A&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&mid=81089046183746668801760561004942051733&ts=1719079236124
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.vendors.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.39.117 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-39-117.data.adobedc.net
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 22 Jun 2024 18:00:39 GMT
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
2
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=ZncRRwAAAFv0vQMg
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=81064975311639868421758173671427053711
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZncRRwAAAFv0vQMg
42 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZncRRwAAAFv0vQMg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Server
18.214.152.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-152-138.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

dcs
dcs-prod-va6-1-v060-0906dd835.edge-va6.demdex.com 2 ms
pragma
no-cache
date
Sat, 22 Jun 2024 18:00:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
CxzwOEveR0g=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZncRRwAAAFv0vQMg
Date
Sat, 22 Jun 2024 18:00:39 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
pixie
ib.adnxs.com/ Frame D5A3 		42 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/pixie?e=PageView&pi=4332873b-84ca-4d4d-a575-ee974bcdf99a&it=1719079236026&v=0.0.38&u=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&r=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&st=1719079236026&et=1719079236134&if=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.179 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:36 GMT
cache-control
no-cache, no-store, must-revalidate
server
nginx/1.23.4
x-proxy-origin
66.203.112.162; 66.203.112.162; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
42
content-type
image/gif
events
logx.optimizely.com/v1/ 		0
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/20352597942.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.241.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
189.241.49.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 22 Jun 2024 18:00:36 GMT
via
1.1 google
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
2cfe741b-be5e-4c3d-b66f-594bcef7260b
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/ Frame CA71 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/?random=1719079236222&cv=9&fst=1719079236222&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635471%2C375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=480&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
0ec7a098b21e2eed1af069df21bc8338486ac5a110f377766e0ed4aafa95ae0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1368
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
bid.g.doubleclick.net/xbbe/ Frame D85E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 22 Jun 2024 18:00:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
main.f74ed22b.js
s.pinimg.com/ct/lib/ Frame 2264 		70 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.f74ed22b.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.168.218 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-218.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
35f4108ae4ee8a216ba179119f2d4dc2b020947c23a5455cf90472f2f40432f5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
x-cdn
akamai
etag
"446a72b73c00f6022c92a764d3c540bb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=1209600
accept-ranges
bytes
content-length
20114
/
ct.pinterest.com/user/ Frame 2264 		321 B
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?event=pagevisit&tid=2612777586108&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1719079236285&dep=2%2CPAGE_LOAD
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.f74ed22b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.168.218 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-218.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
27074e6240ca22f6d5a7cc51ee8cd8a0f091080ca80e6a1bea1c624e1cb40341
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
x-cdn
akamai
akamai-grn
0.bc052017.1719079236.126304
x-envoy-upstream-service-time
2
content-length
186
x-pinterest-rid
1339092430009763
pin-unauth
dWlkPU1XSXhNVEpqWVRFdE0ySm1aUzAwWVRVMkxXRTVZbVV0TWpVeE1qQmhaR1UzTWpFeg
pragma
no-cache
referrer-policy
origin
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
pinterest-version
ea7c913d1adcbb6fa3baa49abbfb88c249c35ad2
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/user/ Frame 2264 		321 B
706 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?event=pagevisit&tid=2612777586108&cb=1719079236286&dep=5%2CEVENT_TAGS_ABSENT
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.f74ed22b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.168.218 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-218.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
27074e6240ca22f6d5a7cc51ee8cd8a0f091080ca80e6a1bea1c624e1cb40341
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
x-cdn
akamai
akamai-grn
0.bc052017.1719079236.126303
x-envoy-upstream-service-time
1
content-length
186
x-pinterest-rid
1719906867179757
pin-unauth
dWlkPU1EY3pNRFZoTkRRdE9ETm1OUzAwWkRobExXRTRNbU10WldNNE5EYzNOVEkyTUROaw
pragma
no-cache
referrer-policy
origin
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
pinterest-version
ea7c913d1adcbb6fa3baa49abbfb88c249c35ad2
expires
Sat, 01 Jan 2000 00:00:00 GMT
bounce
id5-sync.com/ 		29 B
458 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/bounce
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		44 B
290 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
cb22ac2eb64428554e29d75e579378d09510484bc9c7d91902596945cbae538f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Sat, 22 Jun 2024 18:00:38 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
/
match.adsrvr.org/track/upb/ Frame 5206
Redirect Chain
  • https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&upid=trk7f24&upv=1.1.0
  • https://match.adsrvr.org/track/upb/?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&upid=trk7f24&upv=1.1.0
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/upb/?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&upid=trk7f24&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html
date
Sat, 22 Jun 2024 18:00:39 GMT
server
Kestrel
vary
Accept-Encoding

Redirect headers

content-length
313
date
Sat, 22 Jun 2024 18:00:39 GMT
location
https://match.adsrvr.org/track/upb/?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&upid=trk7f24&upv=1.1.0
server
Kestrel
/
match.adsrvr.org/track/upb/ Frame 81C3
Redirect Chain
  • https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&upid=ekg5qxt&upv=1.1.0
  • https://match.adsrvr.org/track/upb/?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&upid=ekg5qxt&upv=1.1.0
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/upb/?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&upid=ekg5qxt&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html
date
Sat, 22 Jun 2024 18:00:39 GMT
server
Kestrel
vary
Accept-Encoding

Redirect headers

content-length
313
date
Sat, 22 Jun 2024 18:00:39 GMT
location
https://match.adsrvr.org/track/upb/?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&upid=ekg5qxt&upv=1.1.0
server
Kestrel
ads
securepubads.g.doubleclick.net/gampad/ 		306 KB
42 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2963332978068749&correlator=343689404143177&hxva=1&scor=2867625173859847&eid=31079956%2C31084450%2C31084743%2C95328479%2C95335606%2C95335155%2C31084215%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202406170101&ptt=17&impl=fifs&iu_parts=5129%2Cndm.leader%2Clocal%2Coutereast&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x250%7C970x90%2C728x90%2C300x250%7C300x600%7C160x600%7C120x600%2C300x250%2C1000x50%7C728x1%2C300x90%7C315x90%2C1x1&ifi=1&sfv=1-0-40&ists=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1719079237114&lmt=1719079237&adxs=436%2C176%2C1112%2C1112%2C0%2C1112%2C0&adys=28%2C6592%2C472%2C3153%2C6620%2C446%2C7358&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C0%7C2%7C3%7C0%7C4&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTE0IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjExNCJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTE0Il1dLDBd&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&vis=1&psz=1600x134%7C1248x15%7C312x250%7C312x250%7C1600x767%7C312x0%7C1600x7358&msz=728x133%7C1248x15%7C312x250%7C312x250%7C1600x0%7C312x0%7C1600x0&fws=512%2C0%2C512%2C512%2C0%2C516%2C0&ohw=0%2C0%2C0%2C0%2C0%2C312%2C0&ga_vid=1869895191.1719079237&ga_sid=1719079237&ga_hid=781621455&ga_fc=false&topics=1&tps=1&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1719079233630&idt=1341&prev_scp=pos%3D1%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3Dg99yio%26amznp%3Dqgd1c0%26id%3D53040be2-30c1-11ef-827a-023157083963%26hb_format_ix%3Dbanner%26hb_size_ix%3D970x250%26hb_pb_ix%3D0.60%26hb_adid_ix%3D40e5f85e7d487c5%26hb_bidder_ix%3Dix%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.60%26hb_adid%3D40e5f85e7d487c5%26hb_bidder%3Dix%26amzniid%3DJKQY4HOTb7XvDG04pxt3r8IAAAGQQRtvqwUAABP_AQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICCZb-5A%26amznsz%3D970x250%7Cpos%3D2%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%26id%3D53040be3-30c1-11ef-827a-023157083963%7Cpos%3D1%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%26id%3D53040be4-30c1-11ef-827a-023157083963%26vw%3D40%2C50%2C60%26vw05%3D40%2C50%26vw15%3D40%2C50%26grm%3D40%2C50%2C60%26vw10%3D40%2C50%26pub%3D40%2C50%7Cpos%3D2%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%26id%3D53040be5-30c1-11ef-827a-023157083963%7Cpos%3D1%26refreshed%3Dfalse%26id%3D53040be6-30c1-11ef-827a-023157083963%7Cpos%3D1%26refreshed%3Dfalse%26id%3D53040be7-30c1-11ef-827a-023157083963%7Cpos%3D1%26id%3D53040be8-30c1-11ef-827a-023157083963&cust_params=us%3Db%26s%3D0%26kw%3D%26nk%3D351c958114b7447c954c1d04cd30a0ed%26sec1%3Dlocal%26sec2%3Doutereast%26ksgmnt%3D%26siteview%3D1%26pagetype%3Dindex%26pid%3Dnone%26adl%3Dfalse%26sssw%3Dtrue%26abtest%3Da%26pvid%3D351c958114b7447c954c1d04cd30a0ed-00000000000000000000000000000000-1719079234411-456281%26amznbid%3D0%26amznp%3D0%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_1510566_PG%252CIAS_1500868_PG&adks=2759325332%2C910307655%2C1660949697%2C2301834126%2C3743380450%2C1500297897%2C2032762553&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
cafe /
Resource Hash
b53acde6ee5936604a574611a278809d3217e40da07239621646232c90de706d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:39 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42951
x-xss-protection
0
google-lineitem-id
6517084259,5275743052,6517084259,5276126762,6517084259,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138480168262,138445902045,138479474019,138445939754,138479474022,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
8c4bca762e9251116806171d7fbf4fe1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 60B9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://8c4bca762e9251116806171d7fbf4fe1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.65 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 22 Jun 2024 18:00:39 GMT
expires
Sat, 22 Jun 2024 18:00:39 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.139.js
static.criteo.net/js/ld/ 		94 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
17882276150f09461415088bd161e0242ce0327673dc9233e11bf1f7cbe28762
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Jul 2023 13:25:47 GMT
server
nginx
etag
W/"64ad585b-17893"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 23 Jun 2024 18:00:39 GMT
gn
secure-sdk.imrworldwide.com/cgi-bin/ 		44 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_b04_leader_S&asn=leader&fp_id=kte67j17f1pvwo2yeeavcoufqsi831719079235&fp_cr_tm=1719079235323&fp_acc_tm=1719079235323&fp_emm_tm=1719079235323&ve_id=&sessionId=bskow4zjwr6m3k852qdpdelwynjfl1719079235&prv=1&c6=vc,b04&ca=NA&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&c32=segA,outer-east&c33=segB,NA&c34=segC,DSK-OTT-WinPhn-OtherBrowser&c15=apn,&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,cvj3bt6n3sz9g2cqqpocus36d5osy1719079235&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,17190792353201557&c30=bldv,6.0.0.673&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1719079234520&c3=st,c&c64=starttm,1719079236&adid=1719079234520&c58=isLive,false&c59=sesid,&c61=createtm,1719079236&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&c66=mediaurl,&sdd=&c62=sendTime,1719079236&rnd=929852
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.105.193.112 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-105-193-112.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:39 GMT
server
nginx
accept-ch
Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
13726
check.analytics.rlcdn.com/check/ 		25 B
385 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/13726
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.20.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-20-97.syd62.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 22 Jun 2024 18:00:39 GMT
via
1.1 8ccca629f0b1ca48e2e69a056f61f9a6.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P3
x-amzn-trace-id
Root=1-66771147-17409659078c7b8050c62994
x-amzn-requestid
65a5158c-ec23-4f26-8e5c-b3c7917e0b6b
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
Zx-jQFzUDoEEvSw=
content-length
25
x-amz-cf-id
N-ur4WylmlwtGCl65zDtbOeV6v1COEip0_eNqFSRTaBkXxd1Rwlarg==
LiveRampId
au.audience.newscgp.com/ 		94 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.audience.newscgp.com/LiveRampId?device_id_type=newskey&device_id=351c958114b7447c954c1d04cd30a0ed&bust=16905034818750.019150480735628417&errors-in-body=1
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.175.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-175-108.cgk51.r.cloudfront.net
Software
nginx /
Resource Hash
9efe4da49ff47e7c3c7b1cf8e5adbafe5fcf002c65dfe27d4321a79c9f6f1b56

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:39 GMT
via
1.1 5c7e2fc5931926e30d5bbace10503b1e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
CGK51-P3
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
94
x-amz-cf-id
Nmwt937NFu7UZ57qM93xvu6D8bin3GW0Jxawd7Rc9lvkpBXF8b4_Hg==
usync.html
eus.rubiconproject.com/ Frame 4C8B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.202.170.74 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-170-74.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
224
Content-Type
text/html; charset=UTF-8
Date
Sat, 22 Jun 2024 18:00:39 GMT
ETag
"28052a-10d-6142d69a886c0"
Last-Modified
Thu, 21 Mar 2024 15:32:19 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 93E2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
118
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
897e239f5bc4a7ea-SYD
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 22 Jun 2024 18:00:39 GMT
expires
Sat, 22 Jun 2024 22:00:39 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame E623 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.169.80 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-169-80.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 22 Jun 2024 18:00:39 GMT
ETag
"623de86a-cf34"
Expires
Sun, 23 Jun 2024 18:00:41 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame DF14
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=DZE4CCclNht9BV4-xUF5qMgXgdtWJeeH5jSDmhh12SM&pi=gumgum&tc=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=DZE4CCclNht9BV4-xUF5qMgXgdtWJeeH5jSDmhh12SM&pi=gumgum&tc=1
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.236.181 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-236-181.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 22 Jun 2024 18:00:40 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sat, 22 Jun 2024 18:00:40 GMT Sat, 22 Jun 2024 18:00:40 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=DZE4CCclNht9BV4-xUF5qMgXgdtWJeeH5jSDmhh12SM&pi=gumgum&tc=1
pragma
no-cache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2262 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.169.82 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-169-82.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
cache-control
max-age=65829
content-encoding
gzip
content-length
5492
content-type
text/html
date
Sat, 22 Jun 2024 18:00:39 GMT
expires
Sun, 23 Jun 2024 12:17:48 GMT
last-modified
Wed, 05 Jun 2024 06:37:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
ads.playground.xyz/
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://ads.playground.xyz/usersync?partner=appnexus&uid=$UID
  • https://ads.playground.xyz/usersync?partner=appnexus&uid=5067895556725147321
43 B
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.playground.xyz/usersync?partner=appnexus&uid=5067895556725147321
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Server
34.102.253.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.253.102.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 22 Jun 2024 18:00:39 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
8d16553a-3ab3-47a7-8473-be6d559628fd

Redirect headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:39 GMT
an-x-request-uuid
41c27b91-d625-453e-85cb-16875b3f3c35
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.playground.xyz/usersync?partner=appnexus&uid=5067895556725147321
x-proxy-origin
66.203.112.162; 66.203.112.162; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
token_create.js
ct.pinterest.com/static/ct/ Frame 2264 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/static/ct/token_create.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.f74ed22b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.168.218 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-218.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
x-cdn
akamai
akamai-grn
0.bc052017.1719079239.126e16
etag
"19c94b308deaf8fbf050b4fca2fa21b7"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=7200
content-length
2108
ct.html
ct.pinterest.com/ Frame F20D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/ct.html
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.f74ed22b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.168.218 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-218.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

akamai-grn
0.bc052017.1719079239.126e23
alt-svc
h3=":443"; ma=600
cache-control
max-age=86400
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Sat, 22 Jun 2024 18:00:39 GMT
pinterest-version
ea7c913d1adcbb6fa3baa49abbfb88c249c35ad2
referrer-policy
origin
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
vary
Accept-Encoding
x-cdn
akamai
x-envoy-upstream-service-time
0
x-pinterest-rid
1370486759343390
/
ct.pinterest.com/v3/ Frame 2264 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/v3/?event=pagevisit&tid=2612777586108&cb=1719079239562&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east%22%2C%22if%22%3Atrue%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22f74ed22b%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22brands%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22126%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22126%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22126.0.6478.114%22%2C%22ecm_enabled%22%3Atrue%7D
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.f74ed22b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.168.218 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-218.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:39 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.bc052017.1719079239.126e15
content-type
image/gif
access-control-allow-origin
https://www.heraldsun.com.au
pinterest-version
ea7c913d1adcbb6fa3baa49abbfb88c249c35ad2
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
content-length
35
x-pinterest-rid
8424644210116715
expires
Sat, 01 Jan 2000 00:00:00 GMT
lookuplist
au.audience.newscgp.com/ 		108 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.audience.newscgp.com/lookuplist?device_id_type=newskey&device_id=351c958114b7447c954c1d04cd30a0ed&&bust=17190792396280.49519022779779864&errors-in-body=1
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.175.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-175-108.cgk51.r.cloudfront.net
Software
nginx /
Resource Hash
758401fc1325218e9ba871e8899b74b2cbf4b3c109099b2f3ec1b35ee6dcf189

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:39 GMT
via
1.1 7c000044a169035a8e21395a28caf466.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
CGK51-P3
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
108
x-amz-cf-id
mwzT97ZFqTRaSERwPu7_cuJmbbyf-L7ftcTtvItD4HbjOMsRCoQebQ==
/
www.google.com/pagead/1p-user-list/859754747/ Frame CA71 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/859754747/?random=1719079236222&cv=9&fst=1719079200000&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635471%2C375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=480&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&hn=www.googleadservices.com&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLC7LcOqWrIwbTjxHPqftue6AIL9Pc6I1QiXpR6x2BFT8GnOy6&random=3162976786&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:39 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/859754747/ Frame CA71 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/859754747/?random=1719079236222&cv=9&fst=1719079200000&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635471%2C375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=480&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&hn=www.googleadservices.com&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLC7LcOqWrIwbTjxHPqftue6AIL9Pc6I1QiXpR6x2BFT8GnOy6&random=3162976786&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.71.67 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:39 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
c0.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c0.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.92.250 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
ef2d127de37b942baad06145e54b0c619a1f22327b2ebbcfbec78f5564afe39d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c1.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c1.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.92.37 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
3f39d5c348e5b79d06e842c114e6cc571583bbf44e4b0ebfda1a01ec05745d43

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c2.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.92.250 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
ef2d127de37b942baad06145e54b0c619a1f22327b2ebbcfbec78f5564afe39d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c3.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c3.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.95.152 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c4.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c4.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.92.187 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c5.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c5.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.92.37 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
3f39d5c348e5b79d06e842c114e6cc571583bbf44e4b0ebfda1a01ec05745d43

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c6.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c6.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.89.127 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
6b23c0d5f35d1b11f9b683f0b0a617355deb11277d91ae091d399c655b87940d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c7.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c7.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.92.187 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c0.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c0.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.92.187 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c1.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c1.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.88.190 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
559aead08264d5795d3909718cdd05abd49572e84fe55590eef31a88a08fdffd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c2.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.93.98 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
7902699be42c8a8e46fbbb4501726517e86b22c56a189f7625a6da49081b2451

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c3.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c3.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.95.152 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c4.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c4.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.89.127 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
6b23c0d5f35d1b11f9b683f0b0a617355deb11277d91ae091d399c655b87940d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c5.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c5.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.89.188 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
a9f51566bd6705f7ea6ad54bb9deb449f795582d6529a0e22207b8981233ec58

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c6.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c6.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.95.152 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c7.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c7.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.88.178 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
publishertag.prebid.139.js
static.criteo.net/js/ld/ 		94 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
17882276150f09461415088bd161e0242ce0327673dc9233e11bf1f7cbe28762

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:39 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 13:25:47 GMT
server
nginx
etag
W/"64ad585b-17893"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 23 Jun 2024 18:00:39 GMT
id
dpm.demdex.net/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=81089046183746668801760561004942051733&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=newsnkidcookie%01351c958114b7447c954c1d04cd30a0ed%011&ts=1719079239950
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.vendors.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.214.152.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-152-138.compute-1.amazonaws.com
Software
/
Resource Hash
f37029cd1328cc940ac5b59fd0b6757d86deadfc703b7e086ad4d9adfd9bde99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

dcs
dcs-prod-va6-1-v060-01349557c.edge-va6.demdex.com 3 ms
pragma
no-cache
date
Sat, 22 Jun 2024 18:00:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-tid
113fV0LZRWY=
vary
Origin
content-type
application/json;charset=utf-8
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
1560
expires
Thu, 01 Jan 1970 00:00:00 UTC
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/ Frame 23CD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/?random=1719079239979&cv=11&fst=1719079239979&bg=ffffff&guid=ON&async=1&gtm=45be46j0za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&hn=www.googleadservices.com&frm=1&npa=0&pscdl=noapi&auid=1514358757.1719079240&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
f02596f4c2790583794bff119ca9bf6a1ba579ca4479f0721b742aba4bbf8273
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1433
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 474B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvJHITlJO4bXuWj9JWtbjT5Vp-GROaB-OVH8bSytHvzrbFxidrVfwdgPQbzYJx-764DyQ2goOofScmwRhSPDYQnY8nxKth9YSZEX2As2sOt99CEM6u4fIwBtGu5q1KKF-pdXbPdQkIq4f_EI3j6Buzu52DCvqGQRxGPAj5GNS9S604rHkEDJJb9OAuGx7x_uALn24siQ-BWxnBZnv-k3wjACbiVXUofWX-owZOPo2J4H8NBCPs7vxTPwWSc9YSM1qsAw2M8IpuDSRWJI71vnTTIytpqQAd70JDd8D430WmJhYuvEnCevuTcXlaVFpJwBvg4s_MjoQNlboxsNMIqj2PHSuwbS8VPL5QUc9h_6XWF_wEffoYtHk-OtHzTI2UnBRiN1I0iPry51T8&sai=AMfl-YQHBMWnCwZWo5eaFFGY2B77BW2ERO00NU7TDQ03hNr5DQObH-Kho6FWOXd0G9mykupkdWDZvlRyCpZMjPDsmJlBBhvPqShIzz9lyQyOPb4sEHBee4q1FyCl-BwY3cU&sig=Cg0ArKJSzN2ubVE-xCupEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east?nk=351c958114b7447c954c1d04cd30a0ed-1719079233
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240620/r20110914/ Frame 474B 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240620/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
cafe /
Resource Hash
f0af53a1ec82b356c4ce2c4c5445d2549cd8a828ba7161df04ed2270d4ede463
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 15:43:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
8257
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9325
x-xss-protection
0
server
cafe
etag
6167529555892538299
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Jul 2024 15:43:03 GMT
invoke.do
invoke.bonzai.co/mizu/ Frame 474B 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invoke.bonzai.co/mizu/invoke.do?proto=https&adid=2664729713245404649&scriptid=bonzai_script_0&sn=DFP%20(PG)&contTyp=div&plid=2663177152027522640&rnd=32341147
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east?nk=351c958114b7447c954c1d04cd30a0ed-1719079233
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.105.186.250 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-105-186-250.ap-southeast-2.compute.amazonaws.com
Software
Jetty(8.1.7.v20120910) /
Resource Hash
3736174bd93368317845a36471f58335f9d5cc7650d6655f8b4c6a97b8b61d61

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 01 Jan 1970 00:00:00 GMT
date
Sat, 22 Jun 2024 18:00:40 GMT
server
Jetty(8.1.7.v20120910)
content-length
9627
content-type
text/html;charset=ISO-8859-1
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 474B 		211 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
c399b7bdfe397ba580791d798d7e570fc6a4fe438105d0a8401348d15c085c90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 17:22:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
2286
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66383
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 22 Jun 2024 18:22:34 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D3C2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstrKtgT_nLQYEV_-IFL42j9H-yT7_F-jCAzDqXJWiVtgeZFhoADhc9SpE32qlg49kpaKSJmqJRKCO-Zu8NbKtnnpZSwkB6rxJ647OsuJ5izkZU6wERkaaeucNSyvufdvfaEiDqD5Ccgs6O00jvlHZvcsT1k18bQknDxpGyhYd6-TZE21W4ghQjqBGwNxEhsx46AjMje9N8CzvaJ0kJ8Xg9YWMtpWnGO1P3VEDOs7gLVO6P1SmjyV7HqO7QsQqZzjsGvk9SXjHwUoheyi_t5q8rOPloOAbysRpKsm0bHc_IvVlhTVmyYeB7lSWoUiRCTukg2LJ0FdF-NaRYsodOlRbmZ2fGUjv_EN57_n-qDZkonPsKOOhhk2Mn2D_kLSoHQMDvLqMvacAJj0Ld87oNq&sai=AMfl-YQoYhHGrQgC_juZgM2ut4uN9jiT6G58eGqZ8FZ3NetnpESuM5xKt8DTh9KDTyBAyupOR_oKmQk6BrOG19gz8PUunI3t0KOuQCB4l9WWE5OlO0hhrUFVVxciaw2Z0zk&sig=Cg0ArKJSzAQCFuy76ND1EAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east?nk=351c958114b7447c954c1d04cd30a0ed-1719079233
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240620/r20110914/ Frame D3C2 		23 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240620/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
cafe /
Resource Hash
f0af53a1ec82b356c4ce2c4c5445d2549cd8a828ba7161df04ed2270d4ede463
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 15:43:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
8257
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9325
x-xss-protection
0
server
cafe
etag
6167529555892538299
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Jul 2024 15:43:03 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240620/r20110914/client/ Frame D3C2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240620/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
cafe /
Resource Hash
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 15:31:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
8974
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1229
x-xss-protection
0
server
cafe
etag
16544991220582087243
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Jul 2024 15:31:06 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame D3C2 		211 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
c399b7bdfe397ba580791d798d7e570fc6a4fe438105d0a8401348d15c085c90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 17:22:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
2286
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66383
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 22 Jun 2024 18:22:34 GMT
14822947184821417181
tpc.googlesyndication.com/simgad/ Frame D3C2 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14822947184821417181
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
sffe /
Resource Hash
99740307ed5cfa3bfd0c6d068d455e4c76d3328c7262599434f41754fd6165c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Sat, 21 Jun 2025 01:38:26 GMT
date
Fri, 21 Jun 2024 01:38:26 GMT
x-content-type-options
nosniff
age
145334
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27589
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 07:37:52 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
l
www.google.com/ads/measurement/ Frame D3C2 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame 8293 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuI40WJTjX6fT5tQb1s6zCMnWHUF1_G1TrSCk8xGxQ9lYQPvLkGbdj78Cqi23naSCWZLiFim1h6he1JwHQZrWUWW0ky4pf69oF4zUa_-g1x34zm48WmhSLnFh5Un0zfC74oaDPQQDfMEl3xaPsNCLBYXxCfygD8v_fYIXpZ3m9x_6ES9KWZiECo7bpK3MCCYanmjoyO3LStCvx1yx3A9cV3TzYvYRbH-MpBpVhMjr7tW270JzBqZ-T9DixU-QhxYrYbQOz7TW04qVPTqPLc2ntLWuiHmVsiogKYukM4oAZiXoN43Dyu6zPInNJEm86bTBGzKqmFTbtPUevqyOJHa480xQ2MpbqVGtcvQfh0WQZ-K7qiGUB7jGEmGFHlWgLMcdYKJqiPvnHFRVQ&sai=AMfl-YRKMnQzuSsO_cMDOEWHyS75L2ml8gR0wGrdIqaLbogTqMShDFEdhdGnu6cFOUPXCzcvZWJHWu8k0rxibXBT4g15a0ypgCt7hXkIb0j3YCQGdxxbFBQVcC4sWIN-eYs&sig=Cg0ArKJSzCl3LbXPAG4JEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east?nk=351c958114b7447c954c1d04cd30a0ed-1719079233
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240620/r20110914/ Frame 8293 		23 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240620/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
cafe /
Resource Hash
f0af53a1ec82b356c4ce2c4c5445d2549cd8a828ba7161df04ed2270d4ede463
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 15:43:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
8257
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9325
x-xss-protection
0
server
cafe
etag
6167529555892538299
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Jul 2024 15:43:03 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame 8293 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
sffe /
Resource Hash
47866b8d2915779096be19131efecce0297c2a0c37f581c4e6ee187b13ebb8ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 17:41:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1146
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7940
x-xss-protection
0
last-modified
Thu, 04 Apr 2024 14:32:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 22 Jun 2024 18:41:34 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 8293 		211 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
c399b7bdfe397ba580791d798d7e570fc6a4fe438105d0a8401348d15c085c90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 17:22:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
2286
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66383
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 22 Jun 2024 18:22:34 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0CBB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu-E1Gdhak2VY_7cF2_Y66FudTV4u3ToiEHSIClXzTuDJHFrRPIgMCH2mt8YQvt06w00BVPI8rM7PpSsMfdfzWzvLgVm69KkRsO1DObUf3tEMPoO6WozcS3cUmNuTHh8_pwvEwEo9-5Nm93lU_MbDk_4pXwM_enLC-1B2sIjHTYlQlJWAq9m3XArVGyQVidGsUgWY-ZGVYFQkL-XYHJPZkc6Dt4mGDSETAcXyv8EIt2KvsdbStLIk_X1CkMdakEiW189mkBqMY6R5dbMFSMFpKNj9CAaNnyAycvCYkNoYxN49ymJ_Dw_xB09eraykOOpdwJ-AmKvVU2rcSdrn9qKtHmupP_ZmhX1NEi3Tq6fCJ4qUq9gHk3Xh0K_VcNhkkUGxP6Qww1poz-pOEdJWwK&sai=AMfl-YTGooyoS_Ca1P5BVPXJ2SnU_YyWYxjpRW7ylwvY-uXcGA7eWE6Bx7UhNfsL7hRou7dweBcz8xjS0gA_G9Rox4WgNuvYtJ8kqVMp3ZlikCTpXd4V52ngmM7NoYf8RiY&sig=Cg0ArKJSzNQmhllkX5dREAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east?nk=351c958114b7447c954c1d04cd30a0ed-1719079233
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240620/r20110914/ Frame 0CBB 		23 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240620/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
cafe /
Resource Hash
f0af53a1ec82b356c4ce2c4c5445d2549cd8a828ba7161df04ed2270d4ede463
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 15:43:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
8257
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9325
x-xss-protection
0
server
cafe
etag
6167529555892538299
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Jul 2024 15:43:03 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240620/r20110914/client/ Frame 0CBB 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240620/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
cafe /
Resource Hash
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 15:31:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
8974
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1229
x-xss-protection
0
server
cafe
etag
16544991220582087243
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Jul 2024 15:31:06 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 0CBB 		211 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
c399b7bdfe397ba580791d798d7e570fc6a4fe438105d0a8401348d15c085c90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 17:22:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
2286
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66383
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 22 Jun 2024 18:22:34 GMT
11971533432141049298
tpc.googlesyndication.com/simgad/ Frame 0CBB 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11971533432141049298
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
sffe /
Resource Hash
6fb048b529862aa820b01dc3d122f0de2a3b145b79bc6eb281d4bdf96fd27141
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Sun, 15 Jun 2025 20:11:41 GMT
date
Sat, 15 Jun 2024 20:11:41 GMT
x-content-type-options
nosniff
age
596939
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30495
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 07:29:18 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
l
www.google.com/ads/measurement/ Frame 0CBB 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame 7D21 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv96Jib3dSFV4wAGpgw9hZ0WWr9hyRVKNubx6X0-7TGsNGjHgo3M6O7bL-b0abTGfucakQkmqaRZaXoTgG8hdWTx3LvuDbVb1h4jpqSbXrCLlXvD5bThythsfKXCcZJdUSpdyLVB2KQMlvL14-ah3pjOGRVqN14oCtlR7Fa_zN7t_22yisqcwgE1aw_4r9kGu4QlSTjZEEay-x_mAtsowU4XtkkHrHBvlWLEj7lolqfKaw9FuO9npnfaFxXCRHj8JRg7ykIcywklwXQ87Xj3tkJhGd85K2TIs9df59_VWIx7n7KG11lmaEyFgJ0yqnv8CFAHx4Nr00H8a9ehoS5HW5aa6YQzc88oCdPtKInx2fg3XusKysZG97DYaZedlUObjAd8-HM-uGdKnU&sai=AMfl-YTChRhPBfntvIxSGvI8FNQbscZ0otV-Uddd-GVvHYlS-8xAj2mve5_RKrCJVrb8-oQPnNV9pO9uUR_N3Wp_FQasXA9k7uvmaSZmHkm25tQm0OBDwLQ0bEZs3LtiOiI&sig=Cg0ArKJSzEOyESwvzbUeEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east?nk=351c958114b7447c954c1d04cd30a0ed-1719079233
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240620/r20110914/ Frame 7D21 		23 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240620/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
cafe /
Resource Hash
f0af53a1ec82b356c4ce2c4c5445d2549cd8a828ba7161df04ed2270d4ede463
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 15:43:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
8257
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9325
x-xss-protection
0
server
cafe
etag
6167529555892538299
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Jul 2024 15:43:03 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240620/r20110914/client/ Frame 7D21 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240620/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
cafe /
Resource Hash
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 15:31:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
8974
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1229
x-xss-protection
0
server
cafe
etag
16544991220582087243
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Jul 2024 15:31:06 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 7D21 		211 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
c399b7bdfe397ba580791d798d7e570fc6a4fe438105d0a8401348d15c085c90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 17:22:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
2286
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66383
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 22 Jun 2024 18:22:34 GMT
8337389262372139643
tpc.googlesyndication.com/simgad/ Frame 7D21 		95 B
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8337389262372139643
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
sffe /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Mon, 16 Jun 2025 10:07:08 GMT
date
Sun, 16 Jun 2024 10:07:08 GMT
x-content-type-options
nosniff
age
546812
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
x-xss-protection
0
last-modified
Tue, 13 Feb 2024 00:52:01 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
l
www.google.com/ads/measurement/ Frame 7D21 		0
0
truncated
/ Frame D3C2 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
356322604fbc9c9013286da1789adb77aed4b56febcdb8742e4cc9d7e7e275c0

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0CBB 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
23cc7d08b970adbf51b1c9676f85738c7e3cb015b514f807158347f5b51e5ebd

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 7D21 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c7af010c2b83ac5659c8756eb83f6e2ee70bcff49f6c5cdb676883e33ec879c7

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
s49507733892008
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/10/JS-2.25.0/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/10/JS-2.25.0/s49507733892008?AQB=1&ndh=1&pf=1&callback=s_c_il[0].doPostbacks&et=1&t=23%2F5%2F2024%202%3A0%3A40%200%20-480&cid.&newsnkidcookie.&id=351c958114b7447c954c1d04cd30a0ed&as=1&.newsnkidcookie&.cid&d.&nsid=0&jsonv=1&.d&vid=351c958114b7447c954c1d04cd30a0ed&mid=81089046183746668801760561004942051733&aamlh=7&ce=UTF-8&ns=newscorpau&cdp=3&pageName=hs%7Clocal%7Cindex%7Couter-east&g=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&c.&getNewRepeat=3.0&getTimeSinceLastVisit=2.0&getPercentPageViewed=5.0.1&getPreviousValue=3.0&getTimeParting=6.3&.c&cc=AUD&ch=D%3Dv4&events=event1%2Cevent8%2Cevent17%3D7%2Cevent18%2Cevent63%3D35%2Cevent118&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=D%3Dv1&v1=news%20corp%20au&h1=news%20corp%20au%7Cherald%20sun%7Cherald%20sun%20web%7Clocal%7Couter-east&l1=hybrid%3A1%7Chybrid-leader-billboard%3A1%7Ccustom%3A1%7Chalfpage%3A1%7Cmrec%3A1%7Cleader%3A1%7Croadblock-px%3A1&c2=D%3Dv2&v2=herald%20sun&c3=D%3Dv3&v3=herald%20sun%20web&c4=D%3Dv4&v4=local&c5=D%3Dv5&v5=outer-east&c9=D%3Dv9&v9=index&c10=D%3Dg&v10=D%3DpageName&c11=D%3Dv11&v11=D%3Dvid&c12=D%3Dv12&v12=not%20set&c14=D%3Dv14&v14=anonymous&c22=D%3Dv22&v22=4%3A00%20AM%7CSunday&c24=D%3Dv24&v24=New&c30=New%20Visitor&v34=D%3Dg&c45=landscape&c46=D%3Dv46&v46=not%20logged%20in&v52=1600x1200%7Cwindows%7C10&c53=D%3Dv53&v53=1.0%2Btheme_newscorpau_news_dna&c60=D%3Dv60&v60=35&c65=D%3Dv65&v65=false&c75=D%3Dv80&v76=pdf%20viewer%3Bchrome%20pdf%20viewer%3Bchromium%20pdf%20viewer%3Bmicrosoft%20edge%20pdf%20viewer%3Bwebkit%20built-in%20pdf&v77=D%3Dmid&v78=au%7Cnsw%7Csydney%7C-33.88%7C151.22%7Cgmt%2B10%7Cunknown&v79=au&v80=351c958114b7447c954c1d04cd30a0ed-00000000000000000000000000000000-1719079234411-456281&v110=2024-06-23%2002%3A00%3A33&v111=0&v199=en-US%2Cen&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&AQE=1
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.vendors.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.39.130 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-39-130.data.adobedc.net
Software
jag /
Resource Hash
49e9cfbdb05da39825185826f751b72504d3fc8e27395b817c815aa0d3c0083d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-aam-tid
HX4hjLFvThs=
date
Sat, 22 Jun 2024 18:00:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy"
content-length
4951
x-xss-protection
1; mode=block
dcs
dcs-prod-va6-2-v060-06ab6b266.edge-va6.demdex.com 6 ms
pragma
no-cache
last-modified
Sun, 23 Jun 2024 18:00:40 GMT
server
jag
etag
3691694558707122176-4618621288993947134
vary
*
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Fri, 21 Jun 2024 18:00:40 GMT
jload
pixel.adsafeprotected.com/ Frame 42D4 		61 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=970x250|1&pubId=54134231&chanId=168752591&placementId=6517084259&pubCreative=138480168262&pubOrder=3358436615&cb=1398649605&custom=index&custom3=168403511&adsafe_par&impId=53040be2-30c1-11ef-827a-023157083963
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.239.71.82 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-239-71-82.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
f7560f0d976a76740f76c0a8dd3483820ca48331df9b902c6acf39b6230bafd2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:40 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
/
www.google.com/pagead/1p-user-list/707564276/ Frame 23CD 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/707564276/?random=1719079239979&cv=11&fst=1719079200000&bg=ffffff&guid=ON&async=1&gtm=45be46j0za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&hn=www.googleadservices.com&frm=1&npa=0&pscdl=noapi&auid=1514358757.1719079240&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLF5AJtDb0kTiwqqf51adwhk8LV7OXNhGzxdzRi4oNwZGmP5KR&random=3483772195&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:40 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/707564276/ Frame 23CD 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/707564276/?random=1719079239979&cv=11&fst=1719079200000&bg=ffffff&guid=ON&async=1&gtm=45be46j0za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&hn=www.googleadservices.com&frm=1&npa=0&pscdl=noapi&auid=1514358757.1719079240&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLF5AJtDb0kTiwqqf51adwhk8LV7OXNhGzxdzRi4oNwZGmP5KR&random=3483772195&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.71.67 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:40 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2664729713245404649_1718685437090_script.js
massets.bonzai.co/ Frame 474B 		351 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://massets.bonzai.co/2664729713245404649_1718685437090_script.js
Requested by
Host: invoke.bonzai.co
URL: https://invoke.bonzai.co/mizu/invoke.do?proto=https&adid=2664729713245404649&scriptid=bonzai_script_0&sn=DFP%20(PG)&contTyp=div&plid=2663177152027522640&rnd=32341147
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-28.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cb9f9571cacb0007e70d914cc7c6e151b637adc3c29ac406420030bb2fb0a210

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 05:20:31 GMT
content-encoding
gzip
via
1.1 fa43c7fc4cce8d15bc6bb688567ffc10.cloudfront.net (CloudFront)
last-modified
Tue, 18 Jun 2024 04:37:23 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P2
age
391210
etag
"07185eb4d7e73afb82c1cf909ee6190b"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31104000
accept-ranges
bytes
content-length
141363
x-amz-cf-id
h7j72yDlJFMgZ-y7-STh_2uUOOk3CUr9fPUdPe_xH6LwH4HdNsXI5A==
rec
collector.bonzai.co/ Frame 474B 		43 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?ev=pre-preimp&tk=5d7ea62879ad8784a7db15e74db8cd14&ad=2664729713245404649&brkp=1920x1080&brkpid=dtsMain&cw=970&ch=250
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-26.syd3.r.cloudfront.net
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:40 GMT
via
1.1 c055c3339c284980acc0cc86a72891de.cloudfront.net (CloudFront)
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD3-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
x-amz-cf-id
Q8DXsIiVx9n7A7ncprv7fbDWPVFn_8WbiHN_NceCIbap9_5ho7ReYw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
B32086880.396138859;dc_pre=CJb91Zvl74YDFS-9SwUdtE8Niw;dc_trk_aid=587938364;dc_trk_cid=216909243;ord=32341147;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1
ad.doubleclick.net/ddm/trackimp/N558804.2144923NEWSCORPAU/ Frame 474B
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N558804.2144923NEWSCORPAU/B32086880.396138859;dc_trk_aid=587938364;dc_trk_cid=216909243;ord=32341147;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=...
  • https://ad.doubleclick.net/ddm/trackimp/N558804.2144923NEWSCORPAU/B32086880.396138859;dc_pre=CJb91Zvl74YDFS-9SwUdtE8Niw;dc_trk_aid=587938364;dc_trk_cid=216909243;ord=32341147;dc_lat=;dc_rdid=;tag_f...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N558804.2144923NEWSCORPAU/B32086880.396138859;dc_pre=CJb91Zvl74YDFS-9SwUdtE8Niw;dc_trk_aid=587938364;dc_trk_cid=216909243;ord=32341147;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H3
Server
142.250.76.102 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:40 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N558804.2144923NEWSCORPAU/B32086880.396138859;dc_pre=CJb91Zvl74YDFS-9SwUdtE8Niw;dc_trk_aid=587938364;dc_trk_cid=216909243;ord=32341147;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rec
collector.bonzai.co/ Frame 474B 		43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?mode=test&adid=2664729713245404649&tk=5d7ea62879ad8784a7db15e74db8cd14&domain=www.heraldsun.com.au&pagename=/leader/outer-east
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-26.syd3.r.cloudfront.net
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:40 GMT
via
1.1 c055c3339c284980acc0cc86a72891de.cloudfront.net (CloudFront)
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD3-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
x-amz-cf-id
bRB10bspbek-bbF7suf3bwgBkvzHMnoapqfil80k5FRaCFhjPv-n3Q==
expires
Thu, 01 Jan 1970 00:00:00 GMT
jload
pixel.adsafeprotected.com/ Frame 0D95 		61 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=728x90|2&pubId=36557831&chanId=168752591&placementId=5275743052&pubCreative=138445902045&pubOrder=2553375348&cb=1203773968&custom=index&custom3=168403511&adsafe_par&impId=53040be3-30c1-11ef-827a-023157083963
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.239.71.82 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-239-71-82.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
7cfd22d1b534c60d556df0cd25ed8bb26ac967b62c44d03a33f70fbb3e80b166

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:40 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
reach_worklet.html
www.googleadservices.com/pagead/managed/js/activeview/current/ Frame 8D5A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/managed/js/activeview/current/reach_worklet.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600, stale-while-revalidate=3600
content-encoding
br
content-length
69
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 22 Jun 2024 18:00:40 GMT
etag
expires
Sat, 22 Jun 2024 18:00:40 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
jload
pixel.adsafeprotected.com/ Frame AA83 		61 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|2&pubId=36557831&chanId=168752591&placementId=5276126762&pubCreative=138445939754&pubOrder=2553375348&cb=1664677471&custom=index&custom3=168403511&adsafe_par&impId=53040be5-30c1-11ef-827a-023157083963
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.239.71.82 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-239-71-82.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
95252cdc8b9d80ea5522ccb5fe532bee6582a8546304f12e04da3c57eb13af60

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:40 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
truncated
/ Frame 474B 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a19086382425f58019956ce628a50bc42ee510ded15179dc00fd5d99478fc11

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame F91C 		61 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=54134231&chanId=168752591&placementId=6517084259&pubCreative=138479474022&pubOrder=3358436615&cb=1371463703&custom=index&custom3=168403511&adsafe_par&impId=53040be6-30c1-11ef-827a-023157083963
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.239.71.82 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-239-71-82.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
258bef069d94720184bd38d532c14db4a65115e7b1af1ef036c45330580719e5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:40 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
reach_worklet.html
www.googleadservices.com/pagead/managed/js/activeview/current/ Frame 7D69 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/managed/js/activeview/current/reach_worklet.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600, stale-while-revalidate=3600
content-encoding
br
content-length
69
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 22 Jun 2024 18:00:40 GMT
etag
expires
Sat, 22 Jun 2024 18:00:40 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
reach_worklet.html
www.googleadservices.com/pagead/managed/js/activeview/current/ Frame 2271 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/managed/js/activeview/current/reach_worklet.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600, stale-while-revalidate=3600
content-encoding
br
content-length
69
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 22 Jun 2024 18:00:40 GMT
etag
expires
Sat, 22 Jun 2024 18:00:40 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
reach_worklet.html
www.googleadservices.com/pagead/managed/js/activeview/current/ Frame 8763 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/managed/js/activeview/current/reach_worklet.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600, stale-while-revalidate=3600
content-encoding
br
content-length
69
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 22 Jun 2024 18:00:40 GMT
etag
expires
Sat, 22 Jun 2024 18:00:40 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
main.19.8.511.js
static.adsafeprotected.com/ Frame 42D4 		222 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.511.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=970x250|1&pubId=54134231&chanId=168752591&placementId=6517084259&pubCreative=138480168262&pubOrder=3358436615&cb=1398649605&custom=index&custom3=168403511&adsafe_par&impId=53040be2-30c1-11ef-827a-023157083963
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.214.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-42.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4177211ae6a76aaf0d782dbf3eb19d46bd1af28fee17a5ce688caecc062072fc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 15:27:04 GMT
x-amz-version-id
uqV03.6ogLSkqx_n1jI65E.EhJ6GL9GN
content-encoding
gzip
via
1.1 594aa5e4a6030c26c04a6a841838abb2.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
age
268417
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 11 Jun 2024 19:49:04 GMT
server
AmazonS3
etag
W/"b1a013da72e494ee7966fe0bd9ce6a2d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
v8CcgW8wxH4bsF-BX933P5RAyNfzX9_l8cc9u6ZFBhnRE215IRROQA==
main.19.8.511.js
static.adsafeprotected.com/ Frame 0D95 		222 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.511.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=728x90|2&pubId=36557831&chanId=168752591&placementId=5275743052&pubCreative=138445902045&pubOrder=2553375348&cb=1203773968&custom=index&custom3=168403511&adsafe_par&impId=53040be3-30c1-11ef-827a-023157083963
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.214.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-42.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4177211ae6a76aaf0d782dbf3eb19d46bd1af28fee17a5ce688caecc062072fc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 15:27:04 GMT
x-amz-version-id
uqV03.6ogLSkqx_n1jI65E.EhJ6GL9GN
content-encoding
gzip
via
1.1 594aa5e4a6030c26c04a6a841838abb2.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
age
268417
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 11 Jun 2024 19:49:04 GMT
server
AmazonS3
etag
W/"b1a013da72e494ee7966fe0bd9ce6a2d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
v8CcgW8wxH4bsF-BX933P5RAyNfzX9_l8cc9u6ZFBhnRE215IRROQA==
main.19.8.511.js
static.adsafeprotected.com/ Frame AA83 		222 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.511.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|2&pubId=36557831&chanId=168752591&placementId=5276126762&pubCreative=138445939754&pubOrder=2553375348&cb=1664677471&custom=index&custom3=168403511&adsafe_par&impId=53040be5-30c1-11ef-827a-023157083963
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.214.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-42.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4177211ae6a76aaf0d782dbf3eb19d46bd1af28fee17a5ce688caecc062072fc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 15:27:04 GMT
x-amz-version-id
uqV03.6ogLSkqx_n1jI65E.EhJ6GL9GN
content-encoding
gzip
via
1.1 594aa5e4a6030c26c04a6a841838abb2.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
age
268417
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 11 Jun 2024 19:49:04 GMT
server
AmazonS3
etag
W/"b1a013da72e494ee7966fe0bd9ce6a2d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
v8CcgW8wxH4bsF-BX933P5RAyNfzX9_l8cc9u6ZFBhnRE215IRROQA==
main.19.8.511.js
static.adsafeprotected.com/ Frame F91C 		222 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.511.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=54134231&chanId=168752591&placementId=6517084259&pubCreative=138479474022&pubOrder=3358436615&cb=1371463703&custom=index&custom3=168403511&adsafe_par&impId=53040be6-30c1-11ef-827a-023157083963
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.214.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-42.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4177211ae6a76aaf0d782dbf3eb19d46bd1af28fee17a5ce688caecc062072fc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 15:27:04 GMT
x-amz-version-id
uqV03.6ogLSkqx_n1jI65E.EhJ6GL9GN
content-encoding
gzip
via
1.1 594aa5e4a6030c26c04a6a841838abb2.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
age
268417
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 11 Jun 2024 19:49:04 GMT
server
AmazonS3
etag
W/"b1a013da72e494ee7966fe0bd9ce6a2d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
v8CcgW8wxH4bsF-BX933P5RAyNfzX9_l8cc9u6ZFBhnRE215IRROQA==
view
securepubads.g.doubleclick.net/pcs/ Frame 0CBB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu7anOGYjYeCiAbSnUkISf4LJbh35v6lb1lsWMh20Nk6B_dA38vLZyzCcyDk42X_YWHz2U1vgZvk3R8hFVBpbTXnS-17iwCuB9uStZz0HTiFLNKiJe8ZuEPibvf8qXqrjxsMrtvYPvrBtv1G0WalH2NNMIu0Q5MSxElGot0OkN5KEgbwH3jEKNHTaFgPO4CuJpeQjb4GNQUHZs9jZvbGXJvrVZLTDFqcnFo5p0gy24wqH9PyC5qKOWfdMORIA12iWJML8teNydWH8b7qPzU8gFZ1gDRo63JLvmI5_gQM2KphMvWMxZ5MNs7ON8W4sUVpmeTqTLO8fbhBuVnEikdtkMfNRK3kfrgxvYxHiDHlpsGtby3t4m8AxwU4JzJguySaDajD63jVTgTep-a3xFt7nE&sai=AMfl-YSZYgo3VS5FZzKvhxs1WZVNeHgeGL1yIlSRe-foK2MdwHwo2ByTaT-uhM8XnjI-jBR41h1RkDLOY00YUnTepAqODSTkLX7KhIZyNqnAwpnD41NqxGpQEksPVWA3aKY&sig=Cg0ArKJSzArX7gdfAL8XEAE&uach_m=%5BUACH%5D&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTE0IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjExNCJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTE0Il1dLDBd&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 22 Jun 2024 18:00:40 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D3C2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJWw62xg3xFEG5gkWph-YSNYV-jkhpcypdv6VZrGOB4DVB6Em1vACg3y5iULkEn5sS52KbwuZJZMF_YA9byX7Sli9fOnGZGZcxMyKiJxmA8_ylbm0KylpAvuUA-3AARbB_M9XBnKBKffaed5PVqPnsIwEuurY2HQMDQelmUf4LL7B-h3cPgfUXCSpTS7K_5NG3MVrvqOHj08m0h1kXqYGnsBkYiprLkS3DeJfhP5i2PtNCgnrzkhNc4hMQAV4zewuz6awHp5ptpOpdn0IX1GZCvYJ4FEhtGjKmdLwINPt0629GUMJn2cDQvd_dAEhVWuUnYzBP2uPJ3TOnkUmgCZe50YWd3I6mCb409GWYvgDfsw-kvnRb3FTdBp3_FPv4k1hvvwdSEjxfV1Ii9a_ryAI&sai=AMfl-YSmI7bsNRI2BCbC5rEl7g9mXFGtsCW_DNIF9g7HCV6qScmB4VbT8xLqasa9kSQN9IFD62J3pvEAaPl08uze2HUr_SYMdEETqNZwP2Tjl0oxKZ95d120pwRvE1uiXgE&sig=Cg0ArKJSzKBkqRn8roLyEAE&uach_m=%5BUACH%5D&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTE0IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjExNCJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTE0Il1dLDBd&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 22 Jun 2024 18:00:40 GMT
impl_v101.js
www.googletagservices.com/dcm/ Frame 8293 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v101.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
sffe /
Resource Hash
4ad68c8b729e22717f327f8d8a5465366772f15b18a479115b0e71a450f790bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 04:29:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
135076
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24223
x-xss-protection
0
last-modified
Mon, 01 Apr 2024 16:06:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 21 Jun 2025 04:29:24 GMT
B32086880.396138856;dc_ver=101.296;dc_eid=40004001;sz=300x250;u_sd=1;nel=1;dc_adk=3861881387;ord=x7y256;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsu9GbbY6SUZLTBtKGH3M...
ad.doubleclick.net/ddm/adj/N558804.2144923NEWSCORPAU/ Frame 8293 		69 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N558804.2144923NEWSCORPAU/B32086880.396138856;dc_ver=101.296;dc_eid=40004001;sz=300x250;u_sd=1;nel=1;dc_adk=3861881387;ord=x7y256;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsu9GbbY6SUZLTBtKGH3MWEOoACCbg3nVdFlVfm14xifJE-pkehYqwOym8KR1fPitNfCjFeFf7IY6dZO1IqV_gZ7pSgN726wiYFXkK-dNgR8E4xkCtfou62mpDK2u1luwITAB2wnuyG37cdoqJj5anx6jhcSO5r-B7KONoAjtZH5Yx-Bj3FYZgKTSqDrzXparUchZXYSrvdGYqteGcL0UY4Cc8ziibKW7Q-Rcr8jqLQpk6FCyQY45A_uf9IqKc-q4KET8m39anCuXQ4w86zQXLxfjErHEN1sSB1NvJaVJNSo9RBsuUO2yLvp62EA8cJvCpUd8dv8JrB7L1qc-5YdR_7alXdR3EjrOQwGFzvRQqBgU8f9skF9ohVZ8q1ciQg%26sai%3DAMfl-YSP8zGNuA2L_cHXnCymxciyN7QtLtIRIZZooNmJG645PvUKlDXL6Xf2jmXlZwQGb9HaJSSrD5xcrZNfRHrZsJ_p9SVS6TCdJC0DtEHyFZkiMgSGpthm2QC1S6PYvVg%26sig%3DCg0ArKJSzMs14w_OKSNcEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D;uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTE0IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjExNCJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTE0Il1dLDBd;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east$0;xdt=0;crlt=vu(Op8!jpj;stc=1;chaa=1;sttr=29;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.102 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f6.1e100.net
Software
cafe /
Resource Hash
84fd7e843252d85427bcdfda13e2a3adc9345d1ef378532c1db85eb6a8ee4db2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32402
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
desktop_truskinwww.heraldsun.com.au.js
massets.bonzai.co/c2/jd/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://massets.bonzai.co/c2/jd/desktop_truskinwww.heraldsun.com.au.js
Requested by
Host: massets.bonzai.co
URL: https://massets.bonzai.co/2664729713245404649_1718685437090_script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-28.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
abacf250d50fb0fcb7d95bf85146ce5ef54ac8954c2a0a0f1810339bbab63f00

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:41 GMT
content-encoding
gzip
via
1.1 fa43c7fc4cce8d15bc6bb688567ffc10.cloudfront.net (CloudFront)
last-modified
Thu, 20 Jun 2024 21:18:03 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P2
x-amz-server-side-encryption
AES256
etag
"2a14133919f728041cb3929aea11a93e"
x-cache
RefreshHit from cloudfront
content-type
text/javascript
cache-control
max-age=0
accept-ranges
bytes
content-length
1068
x-amz-cf-id
ZJILFNjNBDBeuWM2FhB7PnDpKYRcZM4cj_fDRcol7CAMceIK0uFtyA==
rec
collector.bonzai.co/ Frame 474B 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?ev=preimp&tk=5d7ea62879ad8784a7db15e74db8cd14&ad=2664729713245404649&brkp=1920x1080&brkpid=dtsMain&cw=970&ch=250
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-26.syd3.r.cloudfront.net
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:40 GMT
via
1.1 c055c3339c284980acc0cc86a72891de.cloudfront.net (CloudFront)
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD3-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
x-amz-cf-id
x6CAaR-HVLXLJdkzY9cbpc4_jM9vJUqVUxIHuuZJTYLLe44cdehh5g==
expires
Thu, 01 Jan 1970 00:00:00 GMT
1px.gif
dcollector.bonzai.co/ Frame 474B 		35 B
381 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoibG9nIiwiZXZ0IjoiQXV0byIsImV2biI6IlNjcmlwdCBMb2ciLCJtb2RlIjoidGVzdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzE5MDc5MjQwNTkxLCJmaSI6ZmFsc2UsInRrIjoiNWQ3ZWE2Mjg3OWFkODc4NGE3ZGIxNWU3NGRiOGNkMTQiLCJhZCI6IjI2NjQ3Mjk3MTMyNDU0MDQ2NDkiLCJjbnQiOiJkaXYiLCJzbiI6IkRGUCAoUEcpIiwicGwiOiIyNjYzMTc3MTUyMDI3NTIyNjQwIiwiY3MiOiIiLCJzY3IiOiJib256YWlfc2NyaXB0XzAiLCJtZXNzYWdlIjoiRGV0ZWN0ZWQgU0RLLCBXZWIifQ==&etc=0.9514060111553024
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-29.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:09:26 GMT
via
1.1 f1646a7b70ef690faac638f9c1dd2364.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
17475
x-amz-server-side-encryption
AES256
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
pKyZLFbWOloOWk9AD5LMVaNLu-iIbTb9tWNK3xQvCE8sGH6WF88Y2g==
rec
collector.bonzai.co/ Frame 474B 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?ev=imp&tk=5d7ea62879ad8784a7db15e74db8cd14&ad=2664729713245404649
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-26.syd3.r.cloudfront.net
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:40 GMT
via
1.1 c055c3339c284980acc0cc86a72891de.cloudfront.net (CloudFront)
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD3-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
x-amz-cf-id
jgEBxLacZ5SSqQ8xnPexnfQZHSZnVt58MVkfV0RHOcs2M_y-TdQ_4g==
expires
Thu, 01 Jan 1970 00:00:00 GMT
sca.17.6.4.js
static.adsafeprotected.com/ Frame 5600 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.4.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.214.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-42.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ac42cf20760d5b0f71be7a0391c76020002aa1dcfc75bae782360bf2761db29f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 15:27:03 GMT
x-amz-version-id
bOtNsqPibVajaDyuqqyqCrhSRcjcC6sa
content-encoding
gzip
via
1.1 594aa5e4a6030c26c04a6a841838abb2.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
age
268417
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 13 May 2024 16:44:02 GMT
server
AmazonS3
etag
W/"8fa66f8b94450bd040e7b5a7550c52de"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
Bf7Fe-pjPZTK1ZfngGqmUzg7zwjORq78ksOCJK8saL68XYVaYigxIQ==
mon
pixel.adsafeprotected.com/ 		43 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=970x250|1&pubId=54134231&chanId=168752591&placementId=6517084259&pubCreative=138480168262&pubOrder=3358436615&cb=1398649605&custom=index&custom3=168403511&adsafe_par&impId=53040be2-30c1-11ef-827a-023157083963&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:560ba54e-4242-c736-9b45-5cbdd24dab1f,c:gpTPLU,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-c58cf9d87-vjb9q,rg:au,pt:1-5-15,wc:30.30.1600.1200,ac:345.58.970.250,am:i,cc:345.58.970.250,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:360,mot:0,app:0,maw:0,tdt:s,fm:ugs1iGg+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911%7C1912%7C1913%7C1914%7C1a%7C1b11%7C1b12%7C1b13%7C1c1%7C1d%7C1e1%7C1f%7C1g%7C1h%7C1i11%7C1i12%7C1i13%7C1j%7C1k1%7C1l1%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s1%7C1s2%7C1s3%7C1t%7C1u*.10507%7C1u1%7C1u2%7C1v1%7C1v2%7C1w%7C1x1%7C1x2%7C1y1%7C1y2,idMap:1u*,pl:CV8L.CV8L.CV8L.CV8L.CV8L,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:387,oid:5610fd94-30c1-11ef-9eba-e28eb5d29135,v:19.8.511,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.239.71.82 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-239-71-82.ap-southeast-2.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 22 Jun 2024 18:00:40 GMT
cache-control
no-cache
server
Apache-Coyote/1.1
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=560ba54e-4242-c736-9b45-5cbdd24dab1f&tv=%7Bc:gpTPLW,pingTime:-8,time:388,type:l,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:388,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:386,wc:30.30.1600.1200,ac:345.58.970.250,am:i,cc:345.58.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B25~100%5D,as:%5B25~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:ugs1iGg+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911%7C1912%7C1913%7C1914%7C1a%7C1b11%7C1b12%7C1b13%7C1c1%7C1d%7C1e1%7C1f%7C1g%7C1h%7C1i11%7C1i12%7C1i13%7C1j%7C1k1%7C1l1%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s1%7C1s2%7C1s3%7C1t%7C1u*.10507%7C1u1%7C1u2%7C1v1%7C1v2%7C1w%7C1x1%7C1x2%7C1y1%7C1y2,idMap:1u*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:388%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.71.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-71-247.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:41 GMT
server
nginx
x-server-name
dt61.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sca.17.6.4.js
static.adsafeprotected.com/ Frame 6E4A 		91 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.4.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.214.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-42.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ac42cf20760d5b0f71be7a0391c76020002aa1dcfc75bae782360bf2761db29f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 15:27:03 GMT
x-amz-version-id
bOtNsqPibVajaDyuqqyqCrhSRcjcC6sa
content-encoding
gzip
via
1.1 594aa5e4a6030c26c04a6a841838abb2.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
age
268417
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 13 May 2024 16:44:02 GMT
server
AmazonS3
etag
W/"8fa66f8b94450bd040e7b5a7550c52de"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
Bf7Fe-pjPZTK1ZfngGqmUzg7zwjORq78ksOCJK8saL68XYVaYigxIQ==
mon
pixel.adsafeprotected.com/ 		43 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=728x90|2&pubId=36557831&chanId=168752591&placementId=5275743052&pubCreative=138445902045&pubOrder=2553375348&cb=1203773968&custom=index&custom3=168403511&adsafe_par&impId=53040be3-30c1-11ef-827a-023157083963&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:80b17bf4-7dd2-fc6a-b7c3-6f063254a047,c:gpTPMF,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-c58cf9d87-vjb9q,rg:au,pt:1-5-15,wc:30.30.1600.1200,ac:466.6782.728.90,am:i,cc:466.6782.728.90,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:411,mot:0,app:0,maw:0,tdt:s,fm:ugs1iGk+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911%7C1912%7C1913%7C1914%7C1a%7C1b11%7C1b12%7C1b13%7C1c1%7C1d%7C1e1%7C1f%7C1g%7C1h%7C1i11%7C1i12%7C1i13%7C1j%7C1k1%7C1l1%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s1%7C1s2%7C1s3%7C1t%7C1u1%7C1u2%7C1u3%7C1v*.10507%7C1v1%7C1v2%7C1w%7C1x1%7C1x2%7C1y1%7C1y2,idMap:1v*,pl:CV8L.CV8L.CV8L.CV8L.CV8L,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:429,oid:5616a2ea-30c1-11ef-9eba-e28eb5d29135,v:19.8.511,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.239.71.82 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-239-71-82.ap-southeast-2.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 22 Jun 2024 18:00:40 GMT
cache-control
no-cache
server
Apache-Coyote/1.1
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=560ba54e-4242-c736-9b45-5cbdd24dab1f&tv=%7Bc:gpTPMU,pingTime:0,time:448,type:pf,sca:%7Blts:2024-06-23%2002.00.40%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:386%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:448,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:386,wc:30.30.1600.1200,ac:345.58.970.250,am:i,cc:345.58.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B84~100%5D,as:%5B84~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:ugs1iGg+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911%7C1912%7C1913%7C1914%7C1a%7C1b11%7C1b12%7C1b13%7C1c1%7C1d%7C1e1%7C1f%7C1g%7C1h%7C1i11%7C1i12%7C1i13%7C1j%7C1k1%7C1l1%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s1%7C1s2%7C1s3%7C1t%7C1u*.10507%7C1u1%7C1u2%7C1v1%7C1v2%7C1w%7C1x1%7C1x2%7C1y1%7C1y2,idMap:1u*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:388%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.71.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-71-247.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:41 GMT
server
nginx
x-server-name
dt59.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 8293 		211 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N558804.2144923NEWSCORPAU/B32086880.396138856;dc_ver=101.296;dc_eid=40004001;sz=300x250;u_sd=1;nel=1;dc_adk=3861881387;ord=x7y256;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsu9GbbY6SUZLTBtKGH3MWEOoACCbg3nVdFlVfm14xifJE-pkehYqwOym8KR1fPitNfCjFeFf7IY6dZO1IqV_gZ7pSgN726wiYFXkK-dNgR8E4xkCtfou62mpDK2u1luwITAB2wnuyG37cdoqJj5anx6jhcSO5r-B7KONoAjtZH5Yx-Bj3FYZgKTSqDrzXparUchZXYSrvdGYqteGcL0UY4Cc8ziibKW7Q-Rcr8jqLQpk6FCyQY45A_uf9IqKc-q4KET8m39anCuXQ4w86zQXLxfjErHEN1sSB1NvJaVJNSo9RBsuUO2yLvp62EA8cJvCpUd8dv8JrB7L1qc-5YdR_7alXdR3EjrOQwGFzvRQqBgU8f9skF9ohVZ8q1ciQg%26sai%3DAMfl-YSP8zGNuA2L_cHXnCymxciyN7QtLtIRIZZooNmJG645PvUKlDXL6Xf2jmXlZwQGb9HaJSSrD5xcrZNfRHrZsJ_p9SVS6TCdJC0DtEHyFZkiMgSGpthm2QC1S6PYvVg%26sig%3DCg0ArKJSzMs14w_OKSNcEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D;uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTE0IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjExNCJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTE0Il1dLDBd;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east$0;xdt=0;crlt=vu(Op8!jpj;stc=1;chaa=1;sttr=29;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
c399b7bdfe397ba580791d798d7e570fc6a4fe438105d0a8401348d15c085c90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 17:24:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
2166
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66383
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 22 Jun 2024 18:24:34 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240620/r20110914/elements/html/ Frame 8293 		12 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240620/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N558804.2144923NEWSCORPAU/B32086880.396138856;dc_ver=101.296;dc_eid=40004001;sz=300x250;u_sd=1;nel=1;dc_adk=3861881387;ord=x7y256;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsu9GbbY6SUZLTBtKGH3MWEOoACCbg3nVdFlVfm14xifJE-pkehYqwOym8KR1fPitNfCjFeFf7IY6dZO1IqV_gZ7pSgN726wiYFXkK-dNgR8E4xkCtfou62mpDK2u1luwITAB2wnuyG37cdoqJj5anx6jhcSO5r-B7KONoAjtZH5Yx-Bj3FYZgKTSqDrzXparUchZXYSrvdGYqteGcL0UY4Cc8ziibKW7Q-Rcr8jqLQpk6FCyQY45A_uf9IqKc-q4KET8m39anCuXQ4w86zQXLxfjErHEN1sSB1NvJaVJNSo9RBsuUO2yLvp62EA8cJvCpUd8dv8JrB7L1qc-5YdR_7alXdR3EjrOQwGFzvRQqBgU8f9skF9ohVZ8q1ciQg%26sai%3DAMfl-YSP8zGNuA2L_cHXnCymxciyN7QtLtIRIZZooNmJG645PvUKlDXL6Xf2jmXlZwQGb9HaJSSrD5xcrZNfRHrZsJ_p9SVS6TCdJC0DtEHyFZkiMgSGpthm2QC1S6PYvVg%26sig%3DCg0ArKJSzMs14w_OKSNcEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D;uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTE0IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjExNCJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTE0Il1dLDBd;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east$0;xdt=0;crlt=vu(Op8!jpj;stc=1;chaa=1;sttr=29;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
ce13d5d11a2c8a21612d2eae7a1732f20ca5a38daf0be8af6aaeef64e07d75e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 16:49:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
4293
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4395
x-xss-protection
0
server
cafe
etag
4271344721252203484
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Jul 2024 16:49:02 GMT
view
ad.doubleclick.net/pcs/ Frame 8293 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstHBLEPTt1oR6eQAYtIu06ehQ2b8BWkC3WnLvGFJG--IHqkHU5nQBBwghJCAtlsK42n3d0JMejTNgtv1zxdPa2LsXCKhIhd2WxQfDCjRbsjTj4MQ2W2FxRkEYygsmvJc37YGNfcrdYOYBWw-6vG7Nym9LV49xkLMXsR85EHTFHBGLoRpZIg355pSn9HAhgSWBym1zm71_c2l2lkggc8c_tculGNWA&sai=AMfl-YRgsAsGE9r7Q_mSp-RE2qvzZ0TyzMVQyaMNXtX8WeJlLcmAO65ZNX9YnPma_5ejzPxcKAScrSaX6G7CmXvrVQTVZUAVD-GH9qHGWA&sig=Cg0ArKJSzIgDWpXSEEtjEAE&uach_m=%5BUACH%5D&cry=1&crd=aHR0cHM6Ly9teWVyLmNvbS5hdQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20240620.74713&arae=1&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N558804.2144923NEWSCORPAU/B32086880.396138856;dc_ver=101.296;dc_eid=40004001;sz=300x250;u_sd=1;nel=1;dc_adk=3861881387;ord=x7y256;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsu9GbbY6SUZLTBtKGH3MWEOoACCbg3nVdFlVfm14xifJE-pkehYqwOym8KR1fPitNfCjFeFf7IY6dZO1IqV_gZ7pSgN726wiYFXkK-dNgR8E4xkCtfou62mpDK2u1luwITAB2wnuyG37cdoqJj5anx6jhcSO5r-B7KONoAjtZH5Yx-Bj3FYZgKTSqDrzXparUchZXYSrvdGYqteGcL0UY4Cc8ziibKW7Q-Rcr8jqLQpk6FCyQY45A_uf9IqKc-q4KET8m39anCuXQ4w86zQXLxfjErHEN1sSB1NvJaVJNSo9RBsuUO2yLvp62EA8cJvCpUd8dv8JrB7L1qc-5YdR_7alXdR3EjrOQwGFzvRQqBgU8f9skF9ohVZ8q1ciQg%26sai%3DAMfl-YSP8zGNuA2L_cHXnCymxciyN7QtLtIRIZZooNmJG645PvUKlDXL6Xf2jmXlZwQGb9HaJSSrD5xcrZNfRHrZsJ_p9SVS6TCdJC0DtEHyFZkiMgSGpthm2QC1S6PYvVg%26sig%3DCg0ArKJSzMs14w_OKSNcEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D;uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTE0IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjExNCJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTE0Il1dLDBd;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east$0;xdt=0;crlt=vu(Op8!jpj;stc=1;chaa=1;sttr=29;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.102 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:40 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
attribution-reporting-info
preferred-platform=os
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
attribution-reporting-register-source
{"aggregation_keys":{"12":"0x33b46afd033d7aac0000000000000000","16":"0x96e0f7da9494a18f0000000000000000","17":"0xdb0a84b5026b6e220000000000000000","18":"0x854296b2cdf93f8e0000000000000000"},"debug_key":"2477651822900862910","debug_reporting":true,"destination":["https://myer.com.au","https://debugconversiondomain1.com","https://debugconversiondomain2.com"],"event_report_windows":{"end_times":[86400,604800,2592000]},"expiry":"691200","filter_data":{"14":[],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["6853159"]},"max_event_level_reports":2,"priority":"0","source_event_id":"5053737150549862381"}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/png
access-control-allow-origin
*
cache-control
private
timing-allow-origin
*
expires
Sat, 22 Jun 2024 18:00:40 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 8293 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N558804.2144923NEWSCORPAU/B32086880.396138856;dc_ver=101.296;dc_eid=40004001;sz=300x250;u_sd=1;nel=1;dc_adk=3861881387;ord=x7y256;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsu9GbbY6SUZLTBtKGH3MWEOoACCbg3nVdFlVfm14xifJE-pkehYqwOym8KR1fPitNfCjFeFf7IY6dZO1IqV_gZ7pSgN726wiYFXkK-dNgR8E4xkCtfou62mpDK2u1luwITAB2wnuyG37cdoqJj5anx6jhcSO5r-B7KONoAjtZH5Yx-Bj3FYZgKTSqDrzXparUchZXYSrvdGYqteGcL0UY4Cc8ziibKW7Q-Rcr8jqLQpk6FCyQY45A_uf9IqKc-q4KET8m39anCuXQ4w86zQXLxfjErHEN1sSB1NvJaVJNSo9RBsuUO2yLvp62EA8cJvCpUd8dv8JrB7L1qc-5YdR_7alXdR3EjrOQwGFzvRQqBgU8f9skF9ohVZ8q1ciQg%26sai%3DAMfl-YSP8zGNuA2L_cHXnCymxciyN7QtLtIRIZZooNmJG645PvUKlDXL6Xf2jmXlZwQGb9HaJSSrD5xcrZNfRHrZsJ_p9SVS6TCdJC0DtEHyFZkiMgSGpthm2QC1S6PYvVg%26sig%3DCg0ArKJSzMs14w_OKSNcEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D;uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTE0IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjExNCJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTE0Il1dLDBd;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east$0;xdt=0;crlt=vu(Op8!jpj;stc=1;chaa=1;sttr=29;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 13:36:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
361435
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 13:36:45 GMT
11848721173783214027
s0.2mdn.net/simgad/ Frame 8293 		91 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/11848721173783214027
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.70 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f6.1e100.net
Software
sffe /
Resource Hash
aaab512678133fbf81f6a2965984e651bce4e4b28c43625e8fbebaf2bbf62a86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 18 Jun 2025 00:48:26 GMT
date
Tue, 18 Jun 2024 00:48:26 GMT
x-content-type-options
nosniff
age
407535
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
93432
x-xss-protection
0
last-modified
Thu, 13 Jun 2024 01:42:46 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
reach_worklet.html
www.googleadservices.com/pagead/managed/js/activeview/current/ Frame CB04 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/managed/js/activeview/current/reach_worklet.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600, stale-while-revalidate=3600
content-encoding
br
content-length
69
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 22 Jun 2024 18:00:40 GMT
etag
expires
Sat, 22 Jun 2024 18:00:40 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
reach_worklet.html
www.googleadservices.com/pagead/managed/js/activeview/current/ Frame 8E13 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/managed/js/activeview/current/reach_worklet.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600, stale-while-revalidate=3600
content-encoding
br
content-length
69
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 22 Jun 2024 18:00:40 GMT
etag
expires
Sat, 22 Jun 2024 18:00:40 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
jload
pixel.adsafeprotected.com/ Frame B310 		61 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|1&pubId=54134231&chanId=168752591&placementId=6517084259&pubCreative=138479474019&pubOrder=3358436615&cb=658376325&custom=index&custom3=168403511&adsafe_par&impId=53040be4-30c1-11ef-827a-023157083963
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.239.71.82 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-239-71-82.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
d1b1e45484b0508ebff571852b5bb7ecd6a19d496131f8702ab3e6408da63592

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:40 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
truncated
/ Frame 8293 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
33a858d8d6a87bf8221230d1c629f77b63830e08e02159a4684e19ec4a94f6e5

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
sca.17.6.4.js
static.adsafeprotected.com/ Frame 3D4F 		91 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.4.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.214.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-42.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ac42cf20760d5b0f71be7a0391c76020002aa1dcfc75bae782360bf2761db29f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 15:27:03 GMT
x-amz-version-id
bOtNsqPibVajaDyuqqyqCrhSRcjcC6sa
content-encoding
gzip
via
1.1 594aa5e4a6030c26c04a6a841838abb2.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
age
268417
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 13 May 2024 16:44:02 GMT
server
AmazonS3
etag
W/"8fa66f8b94450bd040e7b5a7550c52de"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
Bf7Fe-pjPZTK1ZfngGqmUzg7zwjORq78ksOCJK8saL68XYVaYigxIQ==
mon
pixel.adsafeprotected.com/ 		43 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=300x250|2&pubId=36557831&chanId=168752591&placementId=5276126762&pubCreative=138445939754&pubOrder=2553375348&cb=1664677471&custom=index&custom3=168403511&adsafe_par&impId=53040be5-30c1-11ef-827a-023157083963&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:91ccf1fd-ea1f-aed5-a1ec-471bcad920ea,c:gpTPOw,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-c58cf9d87-vjb9q,rg:au,pt:1-5-15,wc:30.30.1600.1200,ac:1148.3343.300.250,am:i,cc:1148.3343.300.250,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:519,mot:0,app:0,maw:0,tdt:s,fm:ugs1iGn+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911%7C1912%7C1913%7C1914%7C1a%7C1b11%7C1b12%7C1b13%7C1c1%7C1d%7C1e1%7C1f%7C1g%7C1h%7C1i11%7C1i12%7C1i13%7C1j%7C1k1%7C1l1%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s1%7C1s2%7C1s3%7C1t%7C1u1%7C1u2%7C1u3%7C1v1%7C1v2%7C1v3%7C1w1%7C1w2%7C1w3%7C1x*.10507%7C1x1%7C1x2%7C1y1%7C1y2,idMap:1x*,pl:CV8L.CV8L.CV8L.CV8L.CV8L,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:541,oid:561ae8af-30c1-11ef-9eba-e28eb5d29135,v:19.8.511,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.239.71.82 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-239-71-82.ap-southeast-2.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 22 Jun 2024 18:00:40 GMT
cache-control
no-cache
server
Apache-Coyote/1.1
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
sca.17.6.4.js
static.adsafeprotected.com/ Frame 69CE 		91 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.4.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.214.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-42.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ac42cf20760d5b0f71be7a0391c76020002aa1dcfc75bae782360bf2761db29f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 15:27:03 GMT
x-amz-version-id
bOtNsqPibVajaDyuqqyqCrhSRcjcC6sa
content-encoding
gzip
via
1.1 594aa5e4a6030c26c04a6a841838abb2.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
age
268417
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 13 May 2024 16:44:02 GMT
server
AmazonS3
etag
W/"8fa66f8b94450bd040e7b5a7550c52de"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
Bf7Fe-pjPZTK1ZfngGqmUzg7zwjORq78ksOCJK8saL68XYVaYigxIQ==
mon
pixel.adsafeprotected.com/ 		43 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|1&pubId=54134231&chanId=168752591&placementId=6517084259&pubCreative=138479474022&pubOrder=3358436615&cb=1371463703&custom=index&custom3=168403511&adsafe_par&impId=53040be6-30c1-11ef-827a-023157083963&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:ff7098c0-82eb-73b0-e973-2c49b2277228,c:gpTPOU,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-c58cf9d87-7zj8w,rg:au,pt:1-5-15,wc:30.30.1600.1200,ac:30.6921.1.1,am:i,cc:30.6921.1.1,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:548,mot:0,app:0,maw:0,tdt:s,fm:ugs1iGq+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911%7C1912%7C1913%7C1914%7C1a%7C1b11%7C1b12%7C1b13%7C1c1%7C1d%7C1e1%7C1f%7C1g%7C1h%7C1i11%7C1i12%7C1i13%7C1j%7C1k1%7C1l1%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s1%7C1s2%7C1s3%7C1t%7C1u1%7C1u2%7C1u3%7C1v1%7C1v2%7C1v3%7C1w1%7C1w2%7C1w3%7C1x1%7C1x2%7C1x3%7C1y*.10507%7C1y1%7C1y2,idMap:1y*,pl:CV8L.CV8L.CV8L.CV8L.CV8L,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:562,oid:561f7c10-30c1-11ef-83a0-dab308e60f2c,v:19.8.511,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.239.71.82 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-239-71-82.ap-southeast-2.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 22 Jun 2024 18:00:40 GMT
cache-control
no-cache
server
Apache-Coyote/1.1
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 474B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACYANgBGgD
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0CBB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACYANgBGgD
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D3C2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACYANgBGgD
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7D21 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACYANgBGgD
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7D21 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsugsQvV8K3TYYR4BHRv0nFNzK21Cnn30BuVf3FIPurE4Ehrm72dhGPR27YdsU_wSIIuxt5LY9h4491EvNiqMHFpJ4ApkuHvx8df5yOEeXs9ou2urOy0OzPsxUJUNLV_j5eeC6BbQgtkfZoFJVKAJlSEAcaA6hCKroYEX8fRXbl3T08qk6rlXv4rbdBxAdgpNLi43h9hXOuBD3A4M4Idk3cvEkvRwp6z6OsTZ9iTh-dR_nIsq4m1UjcgBHmdIIly1OBZfgoK8qnJmKuBWi9qwobiPfuKUugRxux_-bEsv9X4rYWiczYu2PDDqVBYmzMrchTBNIABwfMRsZ14Utx_tRqHWRDYUkxgGbJ6KX-Fq0mjZ5AYCvU4KbuYHBa1GH8&sai=AMfl-YTEPoSGr4O6Za60dFeCbLNZCpTpcE2ckt8iT1u4QjRNoCdUPuz8kNQjczGzZP3-mTHYm7YAGYejy_98U-XCNzi1P611MWN9kuKlt4coXA1O6slRGS09Saz52VpirMw&sig=Cg0ArKJSzHfhL2P9MmDYEAE&uach_m=%5BUACH%5D&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTE0IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjExNCJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTE0Il1dLDBd&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 22 Jun 2024 18:00:41 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=560ba54e-4242-c736-9b45-5cbdd24dab1f&tv=%7Bc:gpTPPO,pingTime:-2,time:628,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:140,beZ:142,mfA:500,cmA:501,inA:501,inZ:505,prA:506,prZ:517,si:526,poA:528,poZ:549,cmZ:549,mfZ:549,loA:659,loZ:664,ecZ:758,ltA:767,ltZ:767,mdA:142,mdZ:475%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:body%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:386%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:628,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:386,wc:30.30.1600.1200,ac:345.58.970.250,am:i,cc:345.58.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B264~100%5D,as:%5B264~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:ugs1iGg+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911%7C1912%7C1913%7C1914%7C1a%7C1b11%7C1b12%7C1b13%7C1c1%7C1d%7C1e1%7C1f%7C1g%7C1h%7C1i11%7C1i12%7C1i13%7C1j%7C1k1%7C1l1%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s1%7C1s2%7C1s3%7C1t%7C1u*.10507%7C1u1%7C1u2%7C1v.10507%7C1v1%7C1v2%7C1w%7C1x1%7C1x2%7C1y1%7C1y2,idMap:1u*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:388,slid:%5Bgoogle_ads_iframe_/5129/ndm.leader/local/outereast_0,google_ads_iframe_/5129/ndm.leader/local/outereast_0__container__,ad-block-728x90-1%5D,sis:619,sinceFw:238,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.71.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-71-247.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:41 GMT
server
nginx
x-server-name
dt39.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8293 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACYANgBGgD
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8293 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACYANgBGgD
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 474B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv3ztUZEaTKPeo80wl97Fmt9TMMTdRswsZT5p7FSkzkgQWY8x-Wb-XrstRZLVxgC5Mxt2CLHwpcaZuoMMk4IfcoCm9g3dLXI7_rZ5AX1sNLDe3sn6nA4U3NjZmmCLGudsViDWakIJ-5Z4UzlePRdwByuv7Mwd4nKbu5bRF2_1iQCa0Mi9ZAb5aV1l_EbRqflhA_qEkwdQl3g3OXQUcj9wvkGdfebWG72U3w5ODrg4fQdH_A6f8rHGVAIAkP1x63VmDflNZr7h-ybRcEKnjP4OspH_J1a8w6ZPikasYNWsBA8fwACTWpW9BhgWMfS5uCpFBSZkbsUx96IEJJpCXoMpTn9aYZsScQOYQKwE14FgtTKfWVAWH1kbMcYbY8-ro&sai=AMfl-YQOYjfSsXFdrONPiTGf9ZdG5AAhladvjGdr5K5_GW8IuxOtVJxZo2Lwn_EAiCQvt9nLW_5XYsS5mURpwp1xq59WKBTFlmGnbPZ9vPDQVnELgkLmZuF0Kf6S27Mu9qY&sig=Cg0ArKJSzKulaWuDD07UEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTE0IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjExNCJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTE0Il1dLDBd&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 22 Jun 2024 18:00:41 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=80b17bf4-7dd2-fc6a-b7c3-6f063254a047&tv=%7Bc:gpTPQc,pingTime:-2,time:648,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:101,beZ:103,mfA:513,cmA:518,inA:518,inZ:519,prA:519,prZ:527,si:531,poA:531,poZ:541,cmZ:541,mfZ:541,loA:683,loZ:684,ecZ:723,ltA:749,ltZ:749,mdA:103,mdZ:435%7D%7D,sca:%7Blts:2024-06-23%2002.00.40,dfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:728,h:90,t:429%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:648,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:429,wc:30.30.1600.1200,ac:466.6782.728.90,am:i,cc:466.6782.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B231~0%5D,as:%5B231~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:ugs1iGg+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911%7C1912%7C1913%7C1914%7C1a%7C1b11%7C1b12%7C1b13%7C1c1%7C1d%7C1e1%7C1f%7C1g%7C1h%7C1i11%7C1i12%7C1i13%7C1j%7C1k1%7C1l1%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s1%7C1s2%7C1s3%7C1t%7C1u.10507%7C1u1%7C1u2%7C1u3%7C1v*.10507%7C1v1%7C1v2%7C1w%7C1x.10507%7C1x1%7C1x2%7C1y.10507%7C1y1%7C1y2,idMap:1v*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,siq:429,slid:%5Bgoogle_ads_iframe_/5129/ndm.leader/local/outereast_1,google_ads_iframe_/5129/ndm.leader/local/outereast_1__container__,ad-block-728x90-2%5D,sis:621,sinceFw:217,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.71.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-71-247.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:41 GMT
server
nginx
x-server-name
dt03.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=91ccf1fd-ea1f-aed5-a1ec-471bcad920ea&tv=%7Bc:gpTPQk,pingTime:-2,time:653,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:74,beZ:76,mfA:594,cmA:595,inA:595,inZ:596,prA:596,prZ:612,si:616,poA:616,poZ:623,cmZ:623,mfZ:623,loA:700,loZ:701,ecZ:718,ltA:728,ltZ:728,mdA:77,mdZ:404%7D%7D,sca:%7Blts:2024-06-23%2002.00.40,dfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:300,h:250,t:541%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:653,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:541,wc:30.30.1600.1200,ac:1148.3343.300.250,am:i,cc:1148.3343.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B132~0%5D,as:%5B132~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:ugs1iGk+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911%7C1912%7C1913%7C1914%7C1a%7C1b11%7C1b12%7C1b13%7C1c1%7C1d%7C1e1%7C1f%7C1g%7C1h%7C1i11%7C1i12%7C1i13%7C1j%7C1k1%7C1l1%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s1%7C1s2%7C1s3%7C1t%7C1u1%7C1u2%7C1u3%7C1v.10507%7C1v1%7C1v2%7C1v3%7C1w1%7C1w2%7C1w3%7C1x*.10507%7C1x1%7C1x2%7C1y.10507%7C1y1%7C1y2,idMap:1x*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,siq:542,slid:%5Bgoogle_ads_iframe_/5129/ndm.leader/local/outereast_3,google_ads_iframe_/5129/ndm.leader/local/outereast_3__container__,ad-block-300x250-2%5D,sis:644,sinceFw:111,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.71.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-71-247.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:41 GMT
server
nginx
x-server-name
dt31.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ff7098c0-82eb-73b0-e973-2c49b2277228&tv=%7Bc:gpTPQm,pingTime:-2,time:652,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:47,beZ:48,mfA:596,cmA:596,inA:596,inZ:598,prA:598,prZ:604,si:609,poA:609,poZ:617,cmZ:617,mfZ:617,loA:683,loZ:685,ecZ:692,ltA:699,ltZ:699,mdA:49,mdZ:373%7D%7D,sca:%7Blts:2024-06-23%2002.00.40,dfp:%7Bdf:4,sz:100.100,dom:div%7D,ha1:%7Bres1:1,ps:1,ts:1719079241027,psfr:1%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:1,h:1,t:562%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:652,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:562,wc:30.30.1600.1200,ac:30.6921.1.1,am:i,cc:30.6921.1.1,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B102~0%5D,as:%5B102~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:ugs1iGk+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911%7C1912%7C1913%7C1914%7C1a%7C1b11%7C1b12%7C1b13%7C1c1%7C1d%7C1e1%7C1f%7C1g%7C1h%7C1i11%7C1i12%7C1i13%7C1j%7C1k1%7C1l1%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s1%7C1s2%7C1s3%7C1t%7C1u1%7C1u2%7C1u3%7C1v.10507%7C1v1%7C1v2%7C1v3%7C1w1%7C1w2%7C1w3%7C1x.10507%7C1x1%7C1x2%7C1x3%7C1y*.10507%7C1y1%7C1y2,idMap:1y*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,siq:562,slid:%5Bgoogle_ads_iframe_/5129/ndm.leader/local/outereast_4,google_ads_iframe_/5129/ndm.leader/local/outereast_4__container__,ad-block-1000x50-1%5D,sis:645,sinceFw:90,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.71.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-71-247.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:41 GMT
server
nginx
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
v3
id5-sync.com/gm/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
c6e21fbff981fbf42e4461b47d5aae7d7fe029f6b5635a8057da4fe71b53a1cd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 22 Jun 2024 18:00:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.heraldsun.com.au
content-type
application/json
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
main.19.8.511.js
static.adsafeprotected.com/ Frame B310 		222 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.511.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|1&pubId=54134231&chanId=168752591&placementId=6517084259&pubCreative=138479474019&pubOrder=3358436615&cb=658376325&custom=index&custom3=168403511&adsafe_par&impId=53040be4-30c1-11ef-827a-023157083963
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.214.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-42.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4177211ae6a76aaf0d782dbf3eb19d46bd1af28fee17a5ce688caecc062072fc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 15:27:04 GMT
x-amz-version-id
uqV03.6ogLSkqx_n1jI65E.EhJ6GL9GN
content-encoding
gzip
via
1.1 594aa5e4a6030c26c04a6a841838abb2.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
age
268417
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 11 Jun 2024 19:49:04 GMT
server
AmazonS3
etag
W/"b1a013da72e494ee7966fe0bd9ce6a2d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
v8CcgW8wxH4bsF-BX933P5RAyNfzX9_l8cc9u6ZFBhnRE215IRROQA==
desktop_truskinwww.heraldsun.com.au.js
massets.bonzai.co/c2/jd/ Frame 474B 		3 KB
292 B 		Script
General
Check archive.org
Download Go to
Full URL
https://massets.bonzai.co/c2/jd/desktop_truskinwww.heraldsun.com.au.js
Requested by
Host: massets.bonzai.co
URL: https://massets.bonzai.co/2664729713245404649_1718685437090_script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-28.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
abacf250d50fb0fcb7d95bf85146ce5ef54ac8954c2a0a0f1810339bbab63f00

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:42 GMT
via
1.1 fa43c7fc4cce8d15bc6bb688567ffc10.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 20 Jun 2024 21:18:03 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P2
x-amz-server-side-encryption
AES256
etag
"2a14133919f728041cb3929aea11a93e"
x-cache
RefreshHit from cloudfront
content-type
text/javascript
cache-control
max-age=0
accept-ranges
bytes
x-amz-cf-id
puj-hZxFikwBbZcOY8WRU2O_1AYBTNZGRqrPoXSul_oPN7tQL0pX8w==
content-length
1068
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 871D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
545934
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jun 2024 10:21:47 GMT
expires
Mon, 16 Jun 2025 10:21:47 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
v.clarity.ms/ 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/x-clarity-gzip
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://www.heraldsun.com.au
Date
Sat, 22 Jun 2024 18:00:41 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
sca.17.6.4.js
static.adsafeprotected.com/ Frame D2D3 		91 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.4.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.214.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-42.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ac42cf20760d5b0f71be7a0391c76020002aa1dcfc75bae782360bf2761db29f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 15:27:03 GMT
x-amz-version-id
bOtNsqPibVajaDyuqqyqCrhSRcjcC6sa
content-encoding
gzip
via
1.1 594aa5e4a6030c26c04a6a841838abb2.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
age
268417
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 13 May 2024 16:44:02 GMT
server
AmazonS3
etag
W/"8fa66f8b94450bd040e7b5a7550c52de"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
Bf7Fe-pjPZTK1ZfngGqmUzg7zwjORq78ksOCJK8saL68XYVaYigxIQ==
mon
pixel.adsafeprotected.com/ 		43 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=300x250|1&pubId=54134231&chanId=168752591&placementId=6517084259&pubCreative=138479474019&pubOrder=3358436615&cb=658376325&custom=index&custom3=168403511&adsafe_par&impId=53040be4-30c1-11ef-827a-023157083963&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:380ce709-1371-956a-3b40-b2d254aa5329,c:gpTPRz,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-c58cf9d87-vjb9q,rg:au,pt:1-5-15,wc:30.30.1600.1200,ac:1148.662.300.250,am:i,cc:1148.662.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:50,mot:0,app:0,maw:0,tdt:s,fm:ugs1iR5+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911%7C1912%7C1913%7C1914%7C1a%7C1b11%7C1b12%7C1b13%7C1c1%7C1d%7C1e1%7C1f%7C1g%7C1h%7C1i11%7C1i12%7C1i13%7C1j%7C1k1%7C1l1%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s1%7C1s2%7C1s3%7C1t%7C1u1%7C1u2%7C1u3%7C1v1%7C1v2%7C1v3%7C1w*.10507%7C1w1%7C1w2%7C1w3%7C1w4%7C1x1%7C1x2%7C1x3%7C1y1%7C1y2%7C1y3,idMap:1w*,pl:CV8L.CV8L.CV8L.CV8L.CV8L,rmeas:1,rend:0,renddet:IMG.qs.bi,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:66,oid:56731a4c-30c1-11ef-9eba-e28eb5d29135,v:19.8.511,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.239.71.82 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-239-71-82.ap-southeast-2.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 22 Jun 2024 18:00:41 GMT
cache-control
no-cache
server
Apache-Coyote/1.1
content-length
43
p3p
CP="COM NAV INT STA NID OUR IND NOI"
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=380ce709-1371-956a-3b40-b2d254aa5329&tv=%7Bc:gpTPRU,pingTime:-2,time:87,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:162,beZ:164,mfA:212,cmA:213,inA:213,inZ:214,prA:214,prZ:225,si:229,poA:229,poZ:236,cmZ:236,mfZ:236,loA:242,loZ:244,ltA:249,ltZ:249,mdA:164,mdZ:164%7D%7D,sca:%7Blts:2024-06-23%2002.00.41,dfp:%7Bdf:2,sz:300.250,dom:img%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:66%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:87,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:66,wc:30.30.1600.1200,ac:1148.662.300.250,am:i,cc:1148.662.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B36~0%5D,as:%5B36~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:ugs1iR5+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911%7C1912%7C1913%7C1914%7C1a%7C1b11%7C1b12%7C1b13%7C1c1%7C1d%7C1e1%7C1f%7C1g%7C1h%7C1i11%7C1i12%7C1i13%7C1j%7C1k1%7C1l1%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s1%7C1s2%7C1s3%7C1t%7C1u1%7C1u2%7C1u3%7C1v1%7C1v2%7C1v3%7C1w*.10507%7C1w1%7C1w2%7C1w3%7C1w4%7C1x1%7C1x2%7C1x3%7C1y1%7C1y2%7C1y3,idMap:1w*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.qs.bi,siq:67,slid:%5Bgoogle_ads_iframe_/5129/ndm.leader/local/outereast_2,google_ads_iframe_/5129/ndm.leader/local/outereast_2__container__,ad-block-300x250-1%5D,sinceFw:20,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.71.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-71-247.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:41 GMT
server
nginx
x-server-name
dt40.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=560ba54e-4242-c736-9b45-5cbdd24dab1f&tv=%7Bc:gpTPSo,time:788,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:788,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:386,wc:30.30.1600.1200,ac:345.58.970.250,am:i,cc:345.58.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B424~100%5D,as:%5B424~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:ugs1iGg+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911%7C1912%7C1913%7C1914%7C1a%7C1b11%7C1b12%7C1b13%7C1c1%7C1d%7C1e1%7C1f%7C1g%7C1h%7C1i11%7C1i12%7C1i13%7C1j%7C1k1%7C1l1%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s1%7C1s2%7C1s3%7C1t%7C1u*.10507%7C1u1%7C1u2%7C1v.10507%7C1v1%7C1v2%7C1w.10507%7C1x.10507%7C1x1%7C1x2%7C1y.10507%7C1y1%7C1y2,idMap:1u*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:388,sis:619%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.71.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-71-247.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:41 GMT
server
nginx
x-server-name
dt86.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=80b17bf4-7dd2-fc6a-b7c3-6f063254a047&tv=%7Bc:gpTPSp,time:785,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:785,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:429,wc:30.30.1600.1200,ac:466.6782.728.90,am:i,cc:466.6782.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B368~0%5D,as:%5B368~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:ugs1iGg+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911%7C1912%7C1913%7C1914%7C1a%7C1b11%7C1b12%7C1b13%7C1c1%7C1d%7C1e1%7C1f%7C1g%7C1h%7C1i11%7C1i12%7C1i13%7C1j%7C1k1%7C1l1%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s1%7C1s2%7C1s3%7C1t%7C1u.10507%7C1u1%7C1u2%7C1u3%7C1v*.10507%7C1v1%7C1v2%7C1w.10507%7C1x.10507%7C1x1%7C1x2%7C1y.10507%7C1y1%7C1y2,idMap:1v*,rmeas:1,rend:1,renddet:IMG.qs,siq:429,sis:621%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.71.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-71-247.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:41 GMT
server
nginx
x-server-name
dt41.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=91ccf1fd-ea1f-aed5-a1ec-471bcad920ea&tv=%7Bc:gpTPSq,time:783,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:783,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:541,wc:30.30.1600.1200,ac:1148.3343.300.250,am:i,cc:1148.3343.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B262~0%5D,as:%5B262~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:ugs1iGk+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911%7C1912%7C1913%7C1914%7C1a%7C1b11%7C1b12%7C1b13%7C1c1%7C1d%7C1e1%7C1f%7C1g%7C1h%7C1i11%7C1i12%7C1i13%7C1j%7C1k1%7C1l1%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s1%7C1s2%7C1s3%7C1t%7C1u1%7C1u2%7C1u3%7C1v.10507%7C1v1%7C1v2%7C1v3%7C1w.10507%7C1w1%7C1w2%7C1w3%7C1x*.10507%7C1x1%7C1x2%7C1y.10507%7C1y1%7C1y2,idMap:1x*,rmeas:1,rend:1,renddet:IMG.qs,siq:542,sis:644%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.71.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-71-247.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:41 GMT
server
nginx
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ff7098c0-82eb-73b0-e973-2c49b2277228&tv=%7Bc:gpTPSq,time:780,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:780,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:562,wc:30.30.1600.1200,ac:30.6921.1.1,am:i,cc:30.6921.1.1,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B231~0%5D,as:%5B231~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:ugs1iGk+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911%7C1912%7C1913%7C1914%7C1a%7C1b11%7C1b12%7C1b13%7C1c1%7C1d%7C1e1%7C1f%7C1g%7C1h%7C1i11%7C1i12%7C1i13%7C1j%7C1k1%7C1l1%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s1%7C1s2%7C1s3%7C1t%7C1u1%7C1u2%7C1u3%7C1v.10507%7C1v1%7C1v2%7C1v3%7C1w.10507%7C1w1%7C1w2%7C1w3%7C1x.10507%7C1x1%7C1x2%7C1x3%7C1y*.10507%7C1y1%7C1y2,idMap:1y*,rmeas:1,rend:1,renddet:IMG.qs,siq:562,sis:645%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.71.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-71-247.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:41 GMT
server
nginx
x-server-name
dt81.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=380ce709-1371-956a-3b40-b2d254aa5329&tv=%7Bc:gpTPSr,time:120,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:120,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:66,wc:30.30.1600.1200,ac:1148.662.300.250,am:i,cc:1148.662.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B70~0%5D,as:%5B70~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:ugs1iR5+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911%7C1912%7C1913%7C1914%7C1a%7C1b11%7C1b12%7C1b13%7C1c1%7C1d%7C1e1%7C1f%7C1g%7C1h%7C1i11%7C1i12%7C1i13%7C1j%7C1k1%7C1l1%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s1%7C1s2%7C1s3%7C1t%7C1u1%7C1u2%7C1u3%7C1v1%7C1v2%7C1v3%7C1w*.10507%7C1w1%7C1w2%7C1w3%7C1w4%7C1x1%7C1x2%7C1x3%7C1y1%7C1y2%7C1y3,idMap:1w*,rmeas:1,rend:0,renddet:IMG.qs.bi,siq:67,sis:91%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.71.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-71-247.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:41 GMT
server
nginx
x-server-name
dt01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
view
ad.doubleclick.net/pcs/ Frame 8293 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstHBLEPTt1oR6eQAYtIu06ehQ2b8BWkC3WnLvGFJG--IHqkHU5nQBBwghJCAtlsK42n3d0JMejTNgtv1zxdPa2LsXCKhIhd2WxQfDCjRbsjTj4MQ2W2FxRkEYygsmvJc37YGNfcrdYOYBWw-6vG7Nym9LV49xkLMXsR85EHTFHBGLoRpZIg355pSn9HAhgSWBym1zm71_c2l2lkggc8c_tculGNWA&sai=AMfl-YRgsAsGE9r7Q_mSp-RE2qvzZ0TyzMVQyaMNXtX8WeJlLcmAO65ZNX9YnPma_5ejzPxcKAScrSaX6G7CmXvrVQTVZUAVD-GH9qHGWA&sig=Cg0ArKJSzIgDWpXSEEtjEAE&uach_m=%5BUACH%5D&cry=1&crd=aHR0cHM6Ly9teWVyLmNvbS5hdQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=415&vt=11&dtpt=413&dett=2&cstd=0&cisv=r20240620.74713&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTE0IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjExNCJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTE0Il1dLDBd&arae=1&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N558804.2144923NEWSCORPAU/B32086880.396138856;dc_ver=101.296;dc_eid=40004001;sz=300x250;u_sd=1;nel=1;dc_adk=3861881387;ord=x7y256;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsu9GbbY6SUZLTBtKGH3MWEOoACCbg3nVdFlVfm14xifJE-pkehYqwOym8KR1fPitNfCjFeFf7IY6dZO1IqV_gZ7pSgN726wiYFXkK-dNgR8E4xkCtfou62mpDK2u1luwITAB2wnuyG37cdoqJj5anx6jhcSO5r-B7KONoAjtZH5Yx-Bj3FYZgKTSqDrzXparUchZXYSrvdGYqteGcL0UY4Cc8ziibKW7Q-Rcr8jqLQpk6FCyQY45A_uf9IqKc-q4KET8m39anCuXQ4w86zQXLxfjErHEN1sSB1NvJaVJNSo9RBsuUO2yLvp62EA8cJvCpUd8dv8JrB7L1qc-5YdR_7alXdR3EjrOQwGFzvRQqBgU8f9skF9ohVZ8q1ciQg%26sai%3DAMfl-YSP8zGNuA2L_cHXnCymxciyN7QtLtIRIZZooNmJG645PvUKlDXL6Xf2jmXlZwQGb9HaJSSrD5xcrZNfRHrZsJ_p9SVS6TCdJC0DtEHyFZkiMgSGpthm2QC1S6PYvVg%26sig%3DCg0ArKJSzMs14w_OKSNcEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D;uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTE0IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjExNCJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTE0Il1dLDBd;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east$0;xdt=0;crlt=vu(Op8!jpj;stc=1;chaa=1;sttr=29;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.102 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:41 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
attribution-reporting-info
preferred-platform=os
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
attribution-reporting-register-source
{"aggregation_keys":{"12":"0x33b46afd033d7aac0000000000000000","16":"0x96e0f7da9494a18f0000000000000000","17":"0xdb0a84b5026b6e220000000000000000","18":"0x854296b2cdf93f8e0000000000000000"},"debug_key":"2806515496626199249","debug_reporting":true,"destination":["https://myer.com.au","https://debugconversiondomain1.com","https://debugconversiondomain2.com"],"event_report_windows":{"end_times":[86400,604800,2592000]},"expiry":"691200","filter_data":{"14":[],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["6853159"]},"max_event_level_reports":2,"priority":"0","source_event_id":"17173707675016517488"}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/png
access-control-allow-origin
*
cache-control
private
timing-allow-origin
*
expires
Sat, 22 Jun 2024 18:00:41 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8293 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuw1y6ZoabgfIsAbnDV9Xsy3zAl7eaZ5Kms4oA6p3HiSPWTqU_Zopdd6fpSvg0MJAUgKdwX6oNBlRJyMX5KLH5BmsE7LmBGq-rtMia6a8RhneS9fcY9FhOT4zUR5V2ZMGPjqbSnE_k8xAb2KwT2JnyqT0HjBpi2g5wAE85d473-poGc42foXR9zAynvNMBiM-EGsl-9wS8u9JMGfw1H-mU4gy-59rb6q_YAYC6zul5XcN45rRHhuDIA7jKaThrdWgYJ0WiqEjcMPibtV1Eb8dAelg-qMZUkZHSyJS2WjKSHzKcVVv9lvOypWEWORy3L9jdJqN7kJjWMzjg-e6Vc3D40ByaV5vDqJcElK66LpqJlmLXUn8_tmeisOTAoFrw&sai=AMfl-YTtmvswu7YLMl00xggfYQOdNUw8RvtolQX4JyUho0GnCc_edLW1gos9zXtPbZdzjzEFUbtXAC4D7m7lsyDVii5SAlASIoE5UAYLKP3v3lfnATuTgeNKJXPbmK9W_4s&sig=Cg0ArKJSzKc1U1K1XpcWEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTE0IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjExNCJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTE0Il1dLDBd&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 22 Jun 2024 18:00:41 GMT
8.gif
id5-sync.com/i/701/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/701/8.gif?o=api&id5id=ID5*h-IPWxeXxlrKnd365CjKwtMOoNC4m3RL_2E5Z215y4uqGXgSI_tjLdDphY2zQz9y&gdpr_consent=undefined&gdpr=false
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/gif;charset=UTF-8
date
Sat, 22 Jun 2024 18:00:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=560ba54e-4242-c736-9b45-5cbdd24dab1f&tv=%7Bc:gpTPVe,pingTime:-10,time:964,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi40djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi40dk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNDgwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTI2LjAuMC4wIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.4v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200222002220222202,asp:1719079241343%7C%7Cba103c5564f860ca7d8f99303d19cc83%7C%7Cf1f6b29a6cc1f79a0fea05b885aa33d0%7C%7Cf04aa7487c74c0860548c0d4f3385b1c%7C%7Ccea3c96f59d94616c1d07cafb72af298%7C%7C823fc3b0f937aa1bdb52822c0396f413%7C%7C28d78f98310c7feac5c0d310a705b8c5%7C%7Cfb4770368c3f50aa31c4b97ba9c99f68%7C%7C1715618633%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.71.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-71-247.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:41 GMT
server
nginx
x-server-name
dt42.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
interact
edge.adobedc.net/ee/v1/ 		725 B
816 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://edge.adobedc.net/ee/v1/interact?configId=a1c5b3bc-ee60-4471-b1d4-6ae69f1da99d&requestId=cb44405d-d57d-49fa-be29-8726a3677d84
Requested by
Host: cdn1.adoberesources.net
URL: https://cdn1.adoberesources.net/alloy/2.9.0/alloy.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.39.248 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-39-248.data.adobedc.net
Software
jag /
Resource Hash
a1685107a06548dbd7623b6ebb6a7550715582e15583ad9c02efb8ae1e378dc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Sat, 22 Jun 2024 18:00:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
server
jag
vary
Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
Retry-After, X-Adobe-Edge, X-Request-ID
x-adobe-edge
VA6;7
access-control-allow-credentials
true
x-konductor
N/A
cache-control
no-cache, no-store, max-age=0, no-transform, private
x-xss-protection
1; mode=block
x-request-id
cb44405d-d57d-49fa-be29-8726a3677d84
moatad.js
z.moatads.com/bonzai678688331786/ 		318 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/bonzai678688331786/moatad.js
Requested by
Host: massets.bonzai.co
URL: https://massets.bonzai.co/2664729713245404649_1718685437090_script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.170.204 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-170-204.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
01714f3ed03025b847151d23307d073adb01b9753030bf9081ceb0f006276d50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 22 Jun 2024 18:00:41 GMT
content-md5
/kxZ4YPxNaKGgU2jKc714w==
storage-tier
Standard
content-length
110875
opc-meta-btime
2024-04-22T05:24:24Z
opc-meta-mtime
1713763464
last-modified
Mon, 22 Apr 2024 19:25:34 GMT
opc-request-id
iad-1:5qdDqMN25JCV8VRXwr-FxbiecOUo6yFQNIEz2gA-G2bMQ1ebZhbt-5uEbiskh_55
x-api-id
native
etag
e5f052f5-62b9-48ec-83f3-e2ea3623395d
vary
Accept-Encoding
access-control-allow-methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type
application/x-javascript
version-id
ce4fcbcf-ae28-4486-ae62-1cba883be4d7
access-control-allow-origin
*
access-control-expose-headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
cache-control
max-age=24135
access-control-allow-credentials
true
accept-ranges
bytes
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=80b17bf4-7dd2-fc6a-b7c3-6f063254a047&tv=%7Bc:gpTPXI,pingTime:-10,time:1114,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi40djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi40dk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNDgwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTI2LjAuMC4wIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.4v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200222002220222202,asp:1719079241343%7C%7Cba103c5564f860ca7d8f99303d19cc83%7C%7Cf1f6b29a6cc1f79a0fea05b885aa33d0%7C%7Cf04aa7487c74c0860548c0d4f3385b1c%7C%7Ccea3c96f59d94616c1d07cafb72af298%7C%7C823fc3b0f937aa1bdb52822c0396f413%7C%7C28d78f98310c7feac5c0d310a705b8c5%7C%7Cfb4770368c3f50aa31c4b97ba9c99f68%7C%7C1715618633,sca:%7Bspg:560ba54e-4242-c736-9b45-5cbdd24dab1f%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.71.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-71-247.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:41 GMT
server
nginx
x-server-name
dt38.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=BONZAI1&hp=1&sst=1&wf=1&ra=1&sgs=3&vb=7&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1719079241518&de=976545834293&m=0&ar=9cc5b3e58a7-clean&iw=65d8acd&q=2&cb=0&ym=0&cu=1719079241518&ll=2&lm=0&ln=0&r=0&em=0&en=0&d=2664729713245404649%3A2663177152027522640%3Adesktop_truskin%3Aundefined&bo=dfp_pg&bp=wap&bd=undefined&zGSRC=1&gu=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&id=1&ii=4&zMoatOrigSlicer1=dfp_pg&zMoatOrigSlicer2=wap&gw=bonzai678688331786&fd=1&it=500&ti=0&ih=2&pe=1%3A1861%3A1861%3A0%3A1848&fs=208210&na=1276176213&cs=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.170.204 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-170-204.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:41 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 22 Jun 2024 18:00:41 GMT
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&sst=1&wf=1&ra=1&sgs=3&vb=7&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=0&ni=1&ak=https%3A%2F%2Fwww.heraldsun.com.au%2F%2Fleader%2F-&i=BONZAI1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.snxNz3%2B1bmlLntoDUj%7B!%3CFeid%5BOV%7C%2B2x%3D(%3Ce7%25tDkkcRYG%3EZcTOc9!x%5E%7D%2Cap.%3E%25.s)yeA1%7Cu%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ2M3%3C%2B%7BK%24%3D!%2509.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-53F%2B%2BNkZmb%2FPZE5huWvRGicZ6Z%2BcTnsOSyy9oU9P6JZYWukXqqJkIhT%2FncgZbY1D8fQ%3D&rs=1-OXHdlqV6USoP6g%3D%3D&sc=1&os=1-pA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3DI7ALTC%22%2FE&qc=30&qd=30&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&bq=0&g=0&h=1195&w=1631&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=-0.6139507293701172&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&id=1&ii=4&f=0&j=&t=1719079241518&de=976545834293&cu=1719079241518&m=79&ar=9cc5b3e58a7-clean&iw=65d8acd&cb=0&ym=0&ll=2&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7687&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=98&vx=98%3A-%3A-&pe=1%3A1861%3A1861%3A0%3A1848&as=0&ag=27&an=0&gf=27&gg=0&ix=27&ic=27&ez=1&aj=1&pg=98&pf=0&ib=0&cc=0&bw=27&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=54&cd=0&ah=54&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=2664729713245404649%3A2663177152027522640%3Adesktop_truskin%3Aundefined&bo=dfp_pg&bp=wap&bd=undefined&gw=bonzai678688331786&zMoatOrigSlicer1=dfp_pg&zMoatOrigSlicer2=wap&hv=DOMSEARCH&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=af&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=208210&na=210920422&cs=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.170.204 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-170-204.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:41 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 22 Jun 2024 18:00:41 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=380ce709-1371-956a-3b40-b2d254aa5329&tv=%7Bc:gpTQ0q,time:615,type:e,im:%7Bpci:%7Btdr:513%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:615,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:66,wc:30.30.1600.1200,ac:1148.662.300.250,am:i,cc:1148.662.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B564~0%5D,as:%5B564~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:ugs1iR5+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911%7C1912%7C1913%7C1914%7C1a%7C1b11%7C1b12%7C1b13%7C1c1%7C1d%7C1e1%7C1f%7C1g%7C1h%7C1i11%7C1i12%7C1i13%7C1j%7C1k1%7C1l1%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s1%7C1s2%7C1s3%7C1t%7C1u1%7C1u2%7C1u3%7C1v1%7C1v2%7C1v3%7C1w*.10507%7C1w1%7C1w2%7C1w3%7C1w4%7C1x1%7C1x2%7C1x3%7C1y1%7C1y2%7C1y3,idMap:1w*,rmeas:1,rend:1,renddet:IMG.qs,siq:67,sis:91%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.71.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-71-247.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:41 GMT
server
nginx
x-server-name
dt32.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ff7098c0-82eb-73b0-e973-2c49b2277228&tv=%7Bc:gpTQ2r,pingTime:-10,time:1401,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi40djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi40dk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNDgwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTI2LjAuMC4wIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.4v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200222002220222202,asp:1719079241343%7C%7Cba103c5564f860ca7d8f99303d19cc83%7C%7Cf1f6b29a6cc1f79a0fea05b885aa33d0%7C%7Cf04aa7487c74c0860548c0d4f3385b1c%7C%7Ccea3c96f59d94616c1d07cafb72af298%7C%7C823fc3b0f937aa1bdb52822c0396f413%7C%7C28d78f98310c7feac5c0d310a705b8c5%7C%7Cfb4770368c3f50aa31c4b97ba9c99f68%7C%7C1715618633,sca:%7Bspg:560ba54e-4242-c736-9b45-5cbdd24dab1f%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.71.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-71-247.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:41 GMT
server
nginx
x-server-name
dt84.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=560ba54e-4242-c736-9b45-5cbdd24dab1f&tv=%7Bc:gpTQ41,pingTime:1,time:1509,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:386%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1509,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:386,wc:30.30.1600.1200,ac:30.30.970.250,am:i,cc:30.30.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1145~100%5D,as:%5B1145~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:729,fm:ugs1iGg+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911%7C1912%7C1913%7C1914%7C1a%7C1b11%7C1b12%7C1b13%7C1c1%7C1d%7C1e1%7C1f%7C1g%7C1h%7C1i11%7C1i12%7C1i13%7C1j%7C1k1%7C1l1%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s1%7C1s2%7C1s3%7C1t%7C1u*.10507%7C1u1%7C1u2%7C1v.10507%7C1v1%7C1v2%7C1w.10507%7C1x.10507%7C1x1%7C1x2%7C1y.10507%7C1y1%7C1y2,idMap:1u*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:388,sis:619%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.71.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-71-247.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:42 GMT
server
nginx
x-server-name
dt36.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=560ba54e-4242-c736-9b45-5cbdd24dab1f&tv=%7Bc:gpTQ41,pingTime:1,time:1509,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:386%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1509,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:386,wc:30.30.1600.1200,ac:30.30.970.250,am:i,cc:30.30.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1145~100%5D,as:%5B1145~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:729,fm:ugs1iGg+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911%7C1912%7C1913%7C1914%7C1a%7C1b11%7C1b12%7C1b13%7C1c1%7C1d%7C1e1%7C1f%7C1g%7C1h%7C1i11%7C1i12%7C1i13%7C1j%7C1k1%7C1l1%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s1%7C1s2%7C1s3%7C1t%7C1u*.10507%7C1u1%7C1u2%7C1v.10507%7C1v1%7C1v2%7C1w.10507%7C1x.10507%7C1x1%7C1x2%7C1y.10507%7C1y1%7C1y2,idMap:1u*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:388,sis:619%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.71.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-71-247.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:42 GMT
server
nginx
x-server-name
dt65.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=560ba54e-4242-c736-9b45-5cbdd24dab1f&tv=%7Bc:gpTQ41,pingTime:1,time:1509,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:386%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1510,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:386,wc:30.30.1600.1200,ac:30.30.970.250,am:i,cc:30.30.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1146~100%5D,as:%5B1146~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:729,fm:ugs1iGg+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911%7C1912%7C1913%7C1914%7C1a%7C1b11%7C1b12%7C1b13%7C1c1%7C1d%7C1e1%7C1f%7C1g%7C1h%7C1i11%7C1i12%7C1i13%7C1j%7C1k1%7C1l1%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s1%7C1s2%7C1s3%7C1t%7C1u*.10507%7C1u1%7C1u2%7C1v.10507%7C1v1%7C1v2%7C1w.10507%7C1x.10507%7C1x1%7C1x2%7C1y.10507%7C1y1%7C1y2,idMap:1u*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:388,sis:619,metricId:publ1,cmr:t%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.71.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-71-247.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:42 GMT
server
nginx
x-server-name
dt21.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=560ba54e-4242-c736-9b45-5cbdd24dab1f&tv=%7Bc:gpTQ42,pingTime:1,time:1510,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:386%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1510,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:386,wc:30.30.1600.1200,ac:30.30.970.250,am:i,cc:30.30.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1146~100%5D,as:%5B1146~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:729,fm:ugs1iGg+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911%7C1912%7C1913%7C1914%7C1a%7C1b11%7C1b12%7C1b13%7C1c1%7C1d%7C1e1%7C1f%7C1g%7C1h%7C1i11%7C1i12%7C1i13%7C1j%7C1k1%7C1l1%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s1%7C1s2%7C1s3%7C1t%7C1u*.10507%7C1u1%7C1u2%7C1v.10507%7C1v1%7C1v2%7C1w.10507%7C1x.10507%7C1x1%7C1x2%7C1y.10507%7C1y1%7C1y2,idMap:1u*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:388,sis:619,metricId:grpm1,cmr:t%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.71.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-71-247.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:42 GMT
server
nginx
x-server-name
dt23.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
1px.gif
dcollector.bonzai.co/ Frame 474B 		35 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoibG9nIiwiZXZ0IjoiQXV0byIsImV2biI6IlNjcmlwdCBMb2ciLCJtb2RlIjoidGVzdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzE5MDc5MjQxOTY4LCJmaSI6ZmFsc2UsInRrIjoiNWQ3ZWE2Mjg3OWFkODc4NGE3ZGIxNWU3NGRiOGNkMTQiLCJhZCI6IjI2NjQ3Mjk3MTMyNDU0MDQ2NDkiLCJjbnQiOiJkaXYiLCJzbiI6IkRGUCAoUEcpIiwicGwiOiIyNjYzMTc3MTUyMDI3NTIyNjQwIiwiY3MiOiIiLCJzY3IiOiJib256YWlfc2NyaXB0XzAiLCJtZXNzYWdlIjoiUGFnZSBmdW5jdGlvbiBjYWxsZWQsIGR0c01haW4ifQ==&etc=0.370371313937929
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-29.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:09:26 GMT
via
1.1 f1646a7b70ef690faac638f9c1dd2364.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
17476
x-amz-server-side-encryption
AES256
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
PLAt2Mdw_9Ode9HWk1FcqWMV_THy_dEy2Hak8zZ5_F5LjDeb6Lr7GA==
rec
collector.bonzai.co/ Frame 474B 		43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJicGlkIjoiZHRzTWFpbiIsInBhZ2VJZCI6ImR0c01haW4iLCJ3aWR0aCI6MTkyMCwiaGVpZ2h0IjoxMDgwLCJldiI6ImluaXRpYWxfYnAiLCJldm4iOiJpbml0aWFsX2JwIiwiZXZ0IjoiQXV0byIsImZpIjpmYWxzZSwibyI6InBvcnRyYWl0IiwiY3R6IjotNDgwLCJjdHMiOjE3MTkwNzkyNDE5NzIsIm1vZGUiOiJsaXZlIiwidGsiOiI1ZDdlYTYyODc5YWQ4Nzg0YTdkYjE1ZTc0ZGI4Y2QxNCIsImFkIjoiMjY2NDcyOTcxMzI0NTQwNDY0OSJ9&etc=0.6805059862458571
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-26.syd3.r.cloudfront.net
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:42 GMT
via
1.1 c055c3339c284980acc0cc86a72891de.cloudfront.net (CloudFront)
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD3-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
x-amz-cf-id
KodJxCaTLWQgggew5KiJNoPmFRRRSurd-S-GfzY2OfxC7B2Sd3EY4A==
expires
Thu, 01 Jan 1970 00:00:00 GMT
truncated
/ 		50 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d239318f5ae741505d6c4f3a5af36d3dfd38e0bc792a46430af382b0c0f029f

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
8d383470-93da-4e3e-b827-5ce36b5c601f_v1_5.jpg
massets.bonzai.co/ Frame 474B 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/8d383470-93da-4e3e-b827-5ce36b5c601f_v1_5.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-28.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8cc560d86a801a19e4c59e07b7988df6835c06e7b2708fb1e96b984b775d25b9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 05:30:31 GMT
via
1.1 fa43c7fc4cce8d15bc6bb688567ffc10.cloudfront.net (CloudFront)
last-modified
Thu, 13 Jun 2024 09:18:18 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P2
age
477011
etag
"c484a7d67bca527a631c7e9597280ec4"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
6469
x-amz-cf-id
dwqppXcJ74oqrq1-_mS3PGHGngOefzTpMD9v8t0-unma7SyaAUOLkA==
27f52fb3-87a1-4e8a-84b1-056ea05c47b3_v1_5.jpg
massets.bonzai.co/ Frame 474B 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/27f52fb3-87a1-4e8a-84b1-056ea05c47b3_v1_5.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-28.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
552606b059b9ce152808b2d5e18a34ca9cbca8ee769aeba9301cc77c5072d641

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 05:30:31 GMT
via
1.1 fa43c7fc4cce8d15bc6bb688567ffc10.cloudfront.net (CloudFront)
last-modified
Thu, 13 Jun 2024 09:18:42 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P2
age
477011
etag
"87b5e10437688025187cc42ef4df1d1f"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
11092
x-amz-cf-id
KIFjjUKwMYE1VqoztGAr4kDyJkIkgkxDkZaqAsfk2oyX9tTuEQdciQ==
21418153-5475-494e-a7e5-b2470fd255e2_v1_5.jpg
massets.bonzai.co/ Frame 474B 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/21418153-5475-494e-a7e5-b2470fd255e2_v1_5.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-28.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
995bfdc3e828bb7e8fb8d12d0726a6564a6189fbb33938eab3a2aa1badd0e5e8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 05:30:31 GMT
via
1.1 fa43c7fc4cce8d15bc6bb688567ffc10.cloudfront.net (CloudFront)
last-modified
Thu, 13 Jun 2024 09:19:12 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P2
age
477011
etag
"66bfc1b5b19a219701aef85233a2bbe9"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
33413
x-amz-cf-id
9DKXxyS_EEmPRLOXGpCSag1t9gLVAQ2g2zl2uvpGwKeksM8zKtjs3A==
bdc3f06a-f7da-4ad8-b957-26b3d86fb8ac_v1_5.jpg
massets.bonzai.co/ Frame 474B 		82 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/bdc3f06a-f7da-4ad8-b957-26b3d86fb8ac_v1_5.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-28.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e75c17ffe0601df51d177a986651e002410b4de78b2f14ac88f7f2e0cd81c220

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 05:30:31 GMT
via
1.1 fa43c7fc4cce8d15bc6bb688567ffc10.cloudfront.net (CloudFront)
last-modified
Thu, 13 Jun 2024 09:19:34 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P2
age
477011
etag
"d3284ff73fb02a45f024acb0232827b9"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
84364
x-amz-cf-id
2q775UVtLq7D1d9xqMZHIGx32gEKDz-FnYWrzFYwq2yeqivUwqHOzw==
a9858566-d433-4186-b18d-f7549a113100_v1_5.png
massets.bonzai.co/ Frame 474B 		113 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/a9858566-d433-4186-b18d-f7549a113100_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-28.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
126f63e28c1510f168d1b6860230a8c09fdb973dfef391171d3fd7ec8e614fda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 03:15:43 GMT
via
1.1 fa43c7fc4cce8d15bc6bb688567ffc10.cloudfront.net (CloudFront)
last-modified
Tue, 18 Jun 2024 02:40:48 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P2
age
398699
etag
"c24e156a27f884c92803f3e8de16b259"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
115786
x-amz-cf-id
vYmbSnO6egsWUh--SJpfkD0GGokr0DmWRfuZ248lAIYr0IA-yyPw2Q==
f39bdb29-af1b-4e03-9ec2-bb56f54db46f_v1_5.png
massets.bonzai.co/ Frame 474B 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/f39bdb29-af1b-4e03-9ec2-bb56f54db46f_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-28.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cb93dbbcd184de53a80ef373c6f565601b15b1cbb59a87e61b2633b3b373a1c2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 03:15:43 GMT
via
1.1 fa43c7fc4cce8d15bc6bb688567ffc10.cloudfront.net (CloudFront)
last-modified
Tue, 18 Jun 2024 02:40:51 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P2
age
398699
etag
"d983108a6f9b36493ad049db65aa0615"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
9396
x-amz-cf-id
YysqpyViBCUNgCbR6yQI5lAsUxBoH0Iu9_Ay6J8RjM3EHTKhrUBYrA==
me-min-0c34c9ac03.js
s.bzcdn.co/canvas/ca/video/raw-lib/ Frame 474B 		133 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.bzcdn.co/canvas/ca/video/raw-lib/me-min-0c34c9ac03.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-116.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 13 Feb 2024 13:37:10 GMT
content-encoding
br
via
1.1 332185989ef2da97d1a56bdaee204b78.cloudfront.net (CloudFront)
last-modified
Thu, 25 Jan 2024 09:44:59 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
11247812
etag
W/"b162e5356e64e3f4caba75f7adf0b8d2"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
s0WrDEKCxs3VcmiZFIpya6oX4WjcJPff01TLs_Lgfd8QJ90DpXcwDA==
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=91ccf1fd-ea1f-aed5-a1ec-471bcad920ea&tv=%7Bc:gpTQ5W,pingTime:-10,time:1621,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi40djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi40dk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNDgwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTI2LjAuMC4wIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.4v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200222002220222202,asp:1719079241343%7C%7Cba103c5564f860ca7d8f99303d19cc83%7C%7Cf1f6b29a6cc1f79a0fea05b885aa33d0%7C%7Cf04aa7487c74c0860548c0d4f3385b1c%7C%7Ccea3c96f59d94616c1d07cafb72af298%7C%7C823fc3b0f937aa1bdb52822c0396f413%7C%7C28d78f98310c7feac5c0d310a705b8c5%7C%7Cfb4770368c3f50aa31c4b97ba9c99f68%7C%7C1715618633,sca:%7Bspg:560ba54e-4242-c736-9b45-5cbdd24dab1f%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.71.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-71-247.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:42 GMT
server
nginx
x-server-name
dt40.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=380ce709-1371-956a-3b40-b2d254aa5329&tv=%7Bc:gpTQ8w,pingTime:-10,time:1117,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi40djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi40dk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNDgwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTI2LjAuMC4wIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.4v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200222002220222202,asp:1719079241343%7C%7Cba103c5564f860ca7d8f99303d19cc83%7C%7Cf1f6b29a6cc1f79a0fea05b885aa33d0%7C%7Cf04aa7487c74c0860548c0d4f3385b1c%7C%7Ccea3c96f59d94616c1d07cafb72af298%7C%7C823fc3b0f937aa1bdb52822c0396f413%7C%7C28d78f98310c7feac5c0d310a705b8c5%7C%7Cfb4770368c3f50aa31c4b97ba9c99f68%7C%7C1715618633,sca:%7Bspg:560ba54e-4242-c736-9b45-5cbdd24dab1f%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.71.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-71-247.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:42 GMT
server
nginx
x-server-name
dt72.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=380ce709-1371-956a-3b40-b2d254aa5329&tv=%7Bc:gpTQ9G,pingTime:0,time:1189,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:66%7D,%7Bpiv:100,vs:i,r:,t:1188%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1,o:1188,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:66,wc:30.30.1600.1200,ac:1148.662.300.250,am:i,cc:1148.662.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1137~0,1~100%5D,as:%5B1138~300.250%5D%7D%7D,%7Bsl:i,t:1188,wc:30.30.1600.1200,ac:1148.618.300.250,am:i,cc:1148.618.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1137~0,1~100%5D,as:%5B1138~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:273,fm:ugs1iR5+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911%7C1912%7C1913%7C1914%7C1a%7C1b11%7C1b12%7C1b13%7C1c1%7C1d%7C1e1%7C1f%7C1g%7C1h%7C1i11%7C1i12%7C1i13%7C1j%7C1k1%7C1l1%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s1%7C1s2%7C1s3%7C1t%7C1u1%7C1u2%7C1u3%7C1v1%7C1v2%7C1v3%7C1w*.10507%7C1w1%7C1w2%7C1w3%7C1w4%7C1x1%7C1x2%7C1x3%7C1y1%7C1y2%7C1y3,idMap:1w*,rmeas:1,rend:1,renddet:IMG.qs,siq:67,sis:91%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.71.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-71-247.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:42 GMT
server
nginx
x-server-name
dt23.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame 8293 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssSXtUKsBLdUZ9r2eqrODfS_eLVQ6VSKx9Q_0b-06d2bB4cWjAHUkgV33bVJJRVqf5QtmCoXTZVACKX2uCzHRVVL2vKLsAF1gcV4ujTNAPNIfikxFrZMTiyCvqSe6mZUdZqsXCHG4m1bIKyF4NaCKu7&sig=Cg0ArKJSzL2X9aeablEkEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240617&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=32&adk=3861881387&rs=6&la=0&cr=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTE0IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjExNCJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTE0Il1dLDBd&vs=4&r=v&co=1501204000&rst=1719079240105&rpt=1146&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8293 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuJ3AeZjnifXlYjkIGtPW8qSMjSLuyS-9jW9VXqtAs2GPYVChtfKLcwhw4PS8QmdGMyyaaXwb-w9wqK3cL1dWxC9hZdqbsjtVV97sec5J0g6l2JtiupZd9_kZqVU-VWogWfliFhsRbSJY1a969ksC2xOuYrgkfcqvfyljZ77A&sig=Cg0ArKJSzCIFfJlJnnQFEAE&id=lidar2&mcvt=1004&p=632,1118,882,1418&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20240617&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1660949697&rs=4&la=0&cr=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTE0IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjExNCJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTE0Il1dLDBd&vs=4&r=v&co=1501204000&rst=1719079240105&rpt=1143&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ccdb4925-e9b1-476a-87e1-610bbd0130e3_v1_5_original.0000000.jpeg
massets.bonzai.co/mediaconvert/ccdb4925-e9b1-476a-87e1-610bbd0130e3_v1_5/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/mediaconvert/ccdb4925-e9b1-476a-87e1-610bbd0130e3_v1_5/ccdb4925-e9b1-476a-87e1-610bbd0130e3_v1_5_original.0000000.jpeg
Requested by
Host: massets.bonzai.co
URL: https://massets.bonzai.co/2664729713245404649_1718685437090_script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-28.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3ccff908ec46787430c5320de8d33089bc88edb634a5b769e2d6fd3fe4916bb5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 05:41:28 GMT
via
1.1 fa43c7fc4cce8d15bc6bb688567ffc10.cloudfront.net (CloudFront)
last-modified
Thu, 13 Jun 2024 09:18:51 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P2
age
44532
x-amz-server-side-encryption
AES256
etag
"d388fc167da14da3ad288765fba4c89d"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-meta-mediaconvert-jobid
1718270323516-iq6san
accept-ranges
bytes
content-length
55816
x-amz-cf-id
T8kltHaidwwFTF_VNm4h-xI-XPDaeajafdI0w68LDOL3Wyyz15oGkw==
ce-video-new-min-fd8262ba53.css
s.bzcdn.co/canvas/ca/video/raw-lib/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.bzcdn.co/canvas/ca/video/raw-lib/ce-video-new-min-fd8262ba53.css
Requested by
Host: massets.bonzai.co
URL: https://massets.bonzai.co/2664729713245404649_1718685437090_script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-116.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
18c54fdefb6751daf143fd6c63b4f2153f2df222eda828a5ec2f10ab8c410f59

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 13 Feb 2024 13:37:11 GMT
content-encoding
br
via
1.1 332185989ef2da97d1a56bdaee204b78.cloudfront.net (CloudFront)
last-modified
Thu, 25 Jan 2024 09:44:59 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
11247812
etag
W/"32363fbe7416020c70983107aea60606"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=315360000
x-amz-cf-id
cuKVtEtOB70bmYNxwy1dchlFVGBtLPlIAjMWGNxNyARUj7azuGmd8Q==
ce-video-vv-6b88b1ed56.css
s.bzcdn.co/canvas/ca/video/raw-lib/ 		431 B
802 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.bzcdn.co/canvas/ca/video/raw-lib/ce-video-vv-6b88b1ed56.css
Requested by
Host: massets.bonzai.co
URL: https://massets.bonzai.co/2664729713245404649_1718685437090_script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-116.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ca40f6cbbf38d34bcdbd7727249fd016b7bc8aac6e117adcb82d3792e76f9860

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 14 Feb 2024 07:30:25 GMT
via
1.1 332185989ef2da97d1a56bdaee204b78.cloudfront.net (CloudFront)
last-modified
Thu, 25 Jan 2024 09:44:59 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
11183418
etag
"430de22743d923be7f36b54d1776a908"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=315360000
accept-ranges
bytes
content-length
431
x-amz-cf-id
lsKLOulsJ7aKZjPa6WW9BNOxuJfNrziGbTkkCv_U4zc9ThfAfOrv7A==
8d383470-93da-4e3e-b827-5ce36b5c601f_v1_5.jpg
massets.bonzai.co/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/8d383470-93da-4e3e-b827-5ce36b5c601f_v1_5.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-28.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8cc560d86a801a19e4c59e07b7988df6835c06e7b2708fb1e96b984b775d25b9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 05:30:31 GMT
via
1.1 fa43c7fc4cce8d15bc6bb688567ffc10.cloudfront.net (CloudFront)
last-modified
Thu, 13 Jun 2024 09:18:18 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P2
age
477011
etag
"c484a7d67bca527a631c7e9597280ec4"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
6469
x-amz-cf-id
dwqppXcJ74oqrq1-_mS3PGHGngOefzTpMD9v8t0-unma7SyaAUOLkA==
27f52fb3-87a1-4e8a-84b1-056ea05c47b3_v1_5.jpg
massets.bonzai.co/ 		11 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/27f52fb3-87a1-4e8a-84b1-056ea05c47b3_v1_5.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-28.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
552606b059b9ce152808b2d5e18a34ca9cbca8ee769aeba9301cc77c5072d641

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 05:30:31 GMT
via
1.1 fa43c7fc4cce8d15bc6bb688567ffc10.cloudfront.net (CloudFront)
last-modified
Thu, 13 Jun 2024 09:18:42 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P2
age
477011
etag
"87b5e10437688025187cc42ef4df1d1f"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
11092
x-amz-cf-id
KIFjjUKwMYE1VqoztGAr4kDyJkIkgkxDkZaqAsfk2oyX9tTuEQdciQ==
21418153-5475-494e-a7e5-b2470fd255e2_v1_5.jpg
massets.bonzai.co/ 		33 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/21418153-5475-494e-a7e5-b2470fd255e2_v1_5.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-28.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
995bfdc3e828bb7e8fb8d12d0726a6564a6189fbb33938eab3a2aa1badd0e5e8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 05:30:31 GMT
via
1.1 fa43c7fc4cce8d15bc6bb688567ffc10.cloudfront.net (CloudFront)
last-modified
Thu, 13 Jun 2024 09:19:12 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P2
age
477011
etag
"66bfc1b5b19a219701aef85233a2bbe9"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
33413
x-amz-cf-id
9DKXxyS_EEmPRLOXGpCSag1t9gLVAQ2g2zl2uvpGwKeksM8zKtjs3A==
bdc3f06a-f7da-4ad8-b957-26b3d86fb8ac_v1_5.jpg
massets.bonzai.co/ 		82 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/bdc3f06a-f7da-4ad8-b957-26b3d86fb8ac_v1_5.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-28.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e75c17ffe0601df51d177a986651e002410b4de78b2f14ac88f7f2e0cd81c220

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 05:30:31 GMT
via
1.1 fa43c7fc4cce8d15bc6bb688567ffc10.cloudfront.net (CloudFront)
last-modified
Thu, 13 Jun 2024 09:19:34 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P2
age
477011
etag
"d3284ff73fb02a45f024acb0232827b9"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
84364
x-amz-cf-id
2q775UVtLq7D1d9xqMZHIGx32gEKDz-FnYWrzFYwq2yeqivUwqHOzw==
a9858566-d433-4186-b18d-f7549a113100_v1_5.png
massets.bonzai.co/ 		113 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/a9858566-d433-4186-b18d-f7549a113100_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-28.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
126f63e28c1510f168d1b6860230a8c09fdb973dfef391171d3fd7ec8e614fda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 03:15:43 GMT
via
1.1 fa43c7fc4cce8d15bc6bb688567ffc10.cloudfront.net (CloudFront)
last-modified
Tue, 18 Jun 2024 02:40:48 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P2
age
398699
etag
"c24e156a27f884c92803f3e8de16b259"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
115786
x-amz-cf-id
vYmbSnO6egsWUh--SJpfkD0GGokr0DmWRfuZ248lAIYr0IA-yyPw2Q==
f39bdb29-af1b-4e03-9ec2-bb56f54db46f_v1_5.png
massets.bonzai.co/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/f39bdb29-af1b-4e03-9ec2-bb56f54db46f_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-28.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cb93dbbcd184de53a80ef373c6f565601b15b1cbb59a87e61b2633b3b373a1c2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 03:15:43 GMT
via
1.1 fa43c7fc4cce8d15bc6bb688567ffc10.cloudfront.net (CloudFront)
last-modified
Tue, 18 Jun 2024 02:40:51 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P2
age
398699
etag
"d983108a6f9b36493ad049db65aa0615"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
9396
x-amz-cf-id
YysqpyViBCUNgCbR6yQI5lAsUxBoH0Iu9_Ay6J8RjM3EHTKhrUBYrA==
me-min-0c34c9ac03.js
s.bzcdn.co/canvas/ca/video/raw-lib/ 		133 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s.bzcdn.co/canvas/ca/video/raw-lib/me-min-0c34c9ac03.js
Requested by
Host: massets.bonzai.co
URL: https://massets.bonzai.co/2664729713245404649_1718685437090_script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-116.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
017ed3a3015deeaaeadc08a4d8dcde59e102fb6838ab0df6b89ff4aee77ec196

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 13 Feb 2024 13:37:10 GMT
content-encoding
br
via
1.1 332185989ef2da97d1a56bdaee204b78.cloudfront.net (CloudFront)
last-modified
Thu, 25 Jan 2024 09:44:59 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
11247812
etag
W/"b162e5356e64e3f4caba75f7adf0b8d2"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
s0WrDEKCxs3VcmiZFIpya6oX4WjcJPff01TLs_Lgfd8QJ90DpXcwDA==
1px.gif
dcollector.bonzai.co/ Frame 474B 		35 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoibG9nIiwiZXZ0IjoiQXV0byIsImV2biI6IlNjcmlwdCBMb2ciLCJtb2RlIjoidGVzdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzE5MDc5MjQyMzExLCJmaSI6ZmFsc2UsInRrIjoiNWQ3ZWE2Mjg3OWFkODc4NGE3ZGIxNWU3NGRiOGNkMTQiLCJhZCI6IjI2NjQ3Mjk3MTMyNDU0MDQ2NDkiLCJjbnQiOiJkaXYiLCJzbiI6IkRGUCAoUEcpIiwicGwiOiIyNjYzMTc3MTUyMDI3NTIyNjQwIiwiY3MiOiIiLCJzY3IiOiJib256YWlfc2NyaXB0XzAiLCJtZXNzYWdlIjoiUGFnZSByZWFkeSwgKiJ9&etc=0.33578963814070617
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-29.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:09:26 GMT
via
1.1 f1646a7b70ef690faac638f9c1dd2364.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
17477
x-amz-server-side-encryption
AES256
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
B4qAtKldWucF-2Nat0g_yJoAd5CKKrDv65R0Ba4WrDHiVNT4qsmI1w==
1px.gif
dcollector.bonzai.co/ Frame 474B 		35 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoibG9nIiwiZXZ0IjoiQXV0byIsImV2biI6IlNjcmlwdCBMb2ciLCJtb2RlIjoidGVzdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzE5MDc5MjQyMzMwLCJmaSI6ZmFsc2UsInRrIjoiNWQ3ZWE2Mjg3OWFkODc4NGE3ZGIxNWU3NGRiOGNkMTQiLCJhZCI6IjI2NjQ3Mjk3MTMyNDU0MDQ2NDkiLCJjbnQiOiJkaXYiLCJzbiI6IkRGUCAoUEcpIiwicGwiOiIyNjYzMTc3MTUyMDI3NTIyNjQwIiwiY3MiOiIiLCJzY3IiOiJib256YWlfc2NyaXB0XzAiLCJtZXNzYWdlIjoiUGFnZSByZWFkeSwgZHRzTWFpbiJ9&etc=0.06907283255225494
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-29.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:09:26 GMT
via
1.1 f1646a7b70ef690faac638f9c1dd2364.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
17477
x-amz-server-side-encryption
AES256
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
P8WwESwPSv2otYc9enB3VWLvgDwwXfm29QJWv88aKT2zRKOoCWGloA==
ccdb4925-e9b1-476a-87e1-610bbd0130e3_v1_5_original.mp4
massets.bonzai.co/mediaconvert/ccdb4925-e9b1-476a-87e1-610bbd0130e3_v1_5/ 		558 KB
559 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://massets.bonzai.co/mediaconvert/ccdb4925-e9b1-476a-87e1-610bbd0130e3_v1_5/ccdb4925-e9b1-476a-87e1-610bbd0130e3_v1_5_original.mp4?ngsw-bypass=true
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-28.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9390e0bd210ec383a4f0f0fda09113612b26b68580d93d24c3473122b350caf2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer
https://www.heraldsun.com.au/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 06:35:01 GMT
via
1.1 fa43c7fc4cce8d15bc6bb688567ffc10.cloudfront.net (CloudFront)
last-modified
Thu, 13 Jun 2024 09:18:49 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P2
age
41142
x-amz-server-side-encryption
AES256
etag
"427528686e161e0daba631a35253c69f"
x-cache
Hit from cloudfront
content-type
video/mp4
Content-Range
bytes 0-571472/571473
x-amz-meta-mediaconvert-jobid
1718270323516-iq6san
accept-ranges
bytes
x-amz-cf-id
3JVp7dhdFxhBtMTuQkuBYFI-gWyjWyO0cqbpSp4nR8EoA43qtzUctQ==
Content-Length
571473
rec
collector.bonzai.co/ Frame 474B 		43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZXYiOiJ2aWV3LTUxIiwiZXZuIjoidmlldy01MSIsImV2dCI6IkF1dG8iLCJmaSI6ZmFsc2UsIm8iOiJwb3J0cmFpdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzE5MDc5MjQyNDQ5LCJtb2RlIjoibGl2ZSIsInRrIjoiNWQ3ZWE2Mjg3OWFkODc4NGE3ZGIxNWU3NGRiOGNkMTQiLCJhZCI6IjI2NjQ3Mjk3MTMyNDU0MDQ2NDkifQ==&etc=0.13526885536036892
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-26.syd3.r.cloudfront.net
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:42 GMT
via
1.1 c055c3339c284980acc0cc86a72891de.cloudfront.net (CloudFront)
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD3-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
x-amz-cf-id
ZgCMqP_01SO-qorfMwzz9jwU6oSKkYGF7oFs7jh1BOun5r5yXodlnw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
ccdb4925-e9b1-476a-87e1-610bbd0130e3_v1_5_original.0000000.jpeg
massets.bonzai.co/mediaconvert/ccdb4925-e9b1-476a-87e1-610bbd0130e3_v1_5/ Frame 474B 		55 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/mediaconvert/ccdb4925-e9b1-476a-87e1-610bbd0130e3_v1_5/ccdb4925-e9b1-476a-87e1-610bbd0130e3_v1_5_original.0000000.jpeg
Requested by
Host: massets.bonzai.co
URL: https://massets.bonzai.co/2664729713245404649_1718685437090_script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-28.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3ccff908ec46787430c5320de8d33089bc88edb634a5b769e2d6fd3fe4916bb5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 05:41:28 GMT
via
1.1 fa43c7fc4cce8d15bc6bb688567ffc10.cloudfront.net (CloudFront)
last-modified
Thu, 13 Jun 2024 09:18:51 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P2
age
44532
x-amz-server-side-encryption
AES256
etag
"d388fc167da14da3ad288765fba4c89d"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-meta-mediaconvert-jobid
1718270323516-iq6san
accept-ranges
bytes
content-length
55816
x-amz-cf-id
T8kltHaidwwFTF_VNm4h-xI-XPDaeajafdI0w68LDOL3Wyyz15oGkw==
TL-Play.svg
s.bzcdn.co/canvas/ca/video/raw-lib/ 		379 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.bzcdn.co/canvas/ca/video/raw-lib/TL-Play.svg
Requested by
Host: s.bzcdn.co
URL: https://s.bzcdn.co/canvas/ca/video/raw-lib/ce-video-new-min-fd8262ba53.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-116.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5479429cf03c62393df0e79e6ad5f626153798b7339ff83af1a1a8495824f2e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://s.bzcdn.co/canvas/ca/video/raw-lib/ce-video-new-min-fd8262ba53.css
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 16:40:17 GMT
via
1.1 332185989ef2da97d1a56bdaee204b78.cloudfront.net (CloudFront)
last-modified
Fri, 14 Jun 2024 09:50:36 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
4826
x-amz-server-side-encryption
AES256
etag
"bd3cbcf6fa4e381e788b759e0f902237"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=86400
accept-ranges
bytes
content-length
379
x-amz-cf-id
5ylq4OAHlzh44OIcVkVlK16DaWiHMM8M3FQVWFRvMQT3z-R51kdIGw==
mute.svg
s.bzcdn.co/canvas/ca/video/raw-lib/ 		612 B
1002 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.bzcdn.co/canvas/ca/video/raw-lib/mute.svg
Requested by
Host: s.bzcdn.co
URL: https://s.bzcdn.co/canvas/ca/video/raw-lib/ce-video-new-min-fd8262ba53.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-116.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e745fd04b3660338e575422753f485d606dc732ef86fd366601483f65ab97744

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://s.bzcdn.co/canvas/ca/video/raw-lib/ce-video-new-min-fd8262ba53.css
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 01:35:22 GMT
via
1.1 332185989ef2da97d1a56bdaee204b78.cloudfront.net (CloudFront)
last-modified
Fri, 14 Jun 2024 09:50:36 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
59121
x-amz-server-side-encryption
AES256
etag
"4d2781ec1a00eaf0d5c27a476a0576be"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=86400
accept-ranges
bytes
content-length
612
x-amz-cf-id
R5NAKEjGfwQBRhiwID_MIqkQUBAqTPNyT-_SxfKkhMIsWIYJwqUP1Q==
1px.gif
dcollector.bonzai.co/ Frame 474B 		35 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoibG9nIiwiZXZ0IjoiQXV0byIsImV2biI6IlNjcmlwdCBMb2ciLCJtb2RlIjoidGVzdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzE5MDc5MjQyNDk2LCJmaSI6ZmFsc2UsInRrIjoiNWQ3ZWE2Mjg3OWFkODc4NGE3ZGIxNWU3NGRiOGNkMTQiLCJhZCI6IjI2NjQ3Mjk3MTMyNDU0MDQ2NDkiLCJjbnQiOiJkaXYiLCJzbiI6IkRGUCAoUEcpIiwicGwiOiIyNjYzMTc3MTUyMDI3NTIyNjQwIiwiY3MiOiIiLCJzY3IiOiJib256YWlfc2NyaXB0XzAiLCJtZXNzYWdlIjoiUGFnZSBsb2FkLCAqIn0=&etc=0.482904348787514
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-29.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:09:26 GMT
via
1.1 f1646a7b70ef690faac638f9c1dd2364.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
17477
x-amz-server-side-encryption
AES256
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
hmltI6273wldFikQvlkV46wAaUFfomrXReP6aO4pfG6DztcdR5nbew==
1px.gif
dcollector.bonzai.co/ Frame 474B 		35 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoibG9nIiwiZXZ0IjoiQXV0byIsImV2biI6IlNjcmlwdCBMb2ciLCJtb2RlIjoidGVzdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzE5MDc5MjQyNDk2LCJmaSI6ZmFsc2UsInRrIjoiNWQ3ZWE2Mjg3OWFkODc4NGE3ZGIxNWU3NGRiOGNkMTQiLCJhZCI6IjI2NjQ3Mjk3MTMyNDU0MDQ2NDkiLCJjbnQiOiJkaXYiLCJzbiI6IkRGUCAoUEcpIiwicGwiOiIyNjYzMTc3MTUyMDI3NTIyNjQwIiwiY3MiOiIiLCJzY3IiOiJib256YWlfc2NyaXB0XzAiLCJtZXNzYWdlIjoiUGFnZSBsb2FkLCBkdHNNYWluIn0=&etc=0.32296979966019124
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-29.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:09:26 GMT
via
1.1 f1646a7b70ef690faac638f9c1dd2364.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
17477
x-amz-server-side-encryption
AES256
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
kImF76jMudWZ-Oj0gvceU1AV-GAdw89kP8oVLa_RvvMArthu0f83fw==
rec
collector.bonzai.co/ Frame 474B 		43 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZWxlaWQiOiJCRWJOSHciLCJlbGVuIjoiU1ctVHJ1c2tpbi1BbmltYXRpb24tNC0zIDEiLCJlbGV0IjoiVklERU8iLCJldiI6InZpZGVvc3RhcnQiLCJldm4iOiJWaWRlbyBTdGFydCIsImV2dCI6IkF1dG8iLCJmaSI6ZmFsc2UsInBuIjoiRGVza3RvcCB0cnVTa2luIG1haW4iLCJwaWQiOiJkdHNNYWluIiwicHQiOiJkdHMiLCJicmtwIjoiRGVza3RvcCB0cnVTa2luIG1haW4iLCJicmtwaWQiOiJkdHNNYWluIiwiYXV0byI6dHJ1ZSwidmxlbiI6bnVsbCwicG9zIjowLCJ3aWQiOjEsIm8iOiJwb3J0cmFpdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzE5MDc5MjQyNTUyLCJtb2RlIjoibGl2ZSIsInRrIjoiNWQ3ZWE2Mjg3OWFkODc4NGE3ZGIxNWU3NGRiOGNkMTQiLCJhZCI6IjI2NjQ3Mjk3MTMyNDU0MDQ2NDkifQ==&etc=0.392486131415954
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-26.syd3.r.cloudfront.net
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:42 GMT
via
1.1 c055c3339c284980acc0cc86a72891de.cloudfront.net (CloudFront)
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD3-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
x-amz-cf-id
GssgUhGsiT4NHHytwlPmBiJmUA8_rwChv4bgy1nP516blGCKZzcAxg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
rec
collector.bonzai.co/ Frame 474B 		43 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZXYiOiJ2aWV3LTUxIiwiZXZuIjoidmlldy01MSIsImV2dCI6IkF1dG8iLCJmaSI6ZmFsc2UsIm8iOiJwb3J0cmFpdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzE5MDc5MjQyNTU5LCJtb2RlIjoibGl2ZSIsInRrIjoiNWQ3ZWE2Mjg3OWFkODc4NGE3ZGIxNWU3NGRiOGNkMTQiLCJhZCI6IjI2NjQ3Mjk3MTMyNDU0MDQ2NDkifQ==&etc=0.5162391304038081
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-26.syd3.r.cloudfront.net
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:42 GMT
via
1.1 c055c3339c284980acc0cc86a72891de.cloudfront.net (CloudFront)
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD3-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
x-amz-cf-id
jttsnsGkDq1dE357kUWs9pADB1Hto3DlE9rCIkU-TD5DhE4g9-LdDw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&sst=1&wf=1&ra=1&sgs=3&vb=7&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=0&ni=1&ak=-&i=BONZAI1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.snxNz3%2B1bmlLntoDUj%7B!%3CFeid%5BOV%7C%2B2x%3D(%3Ce7%25tDkkcRYG%3EZcTOc9!x%5E%7D%2Cap.%3E%25.s)yeA1%7Cu%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ2M3%3C%2B%7BK%24%3D!%2509.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-53F%2B%2BNkZmb%2FPZE5huWvRGicZ6Z%2BcTnsOSyy9oU9P6JZYWukXqqJkIhT%2FncgZbY1D8fQ%3D&rs=1-OXHdlqV6USoP6g%3D%3D&sc=1&os=1-pA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3DI7ALTC%22%2FE&qc=30&qd=30&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=1195&w=1631&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=-409.59375&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&id=1&ii=4&f=0&j=&t=1719079241518&de=976545834293&cu=1719079241518&m=1053&ar=9cc5b3e58a7-clean&iw=65d8acd&cb=0&ym=0&ll=2&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7604&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=66&vx=66%3A67%3A-&pe=1%3A1861%3A1861%3A0%3A1848&as=1&ag=1008&an=27&gf=103&gg=27&ix=103&ic=103&ez=1&ck=1008&kw=830&aj=1&pg=98&pf=98&ib=0&cc=1&bw=1008&bx=27&ci=1008&jz=830&dj=1&aa=0&ad=905&cn=0&gk=0&gl=0&ik=0&cq=1&im=1&in=1&pd=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=830&cd=54&ah=830&am=54&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=2664729713245404649%3A2663177152027522640%3Adesktop_truskin%3Aundefined&bo=dfp_pg&bp=wap&bd=undefined&gw=bonzai678688331786&zMoatOrigSlicer1=dfp_pg&zMoatOrigSlicer2=wap&hv=Bonzai&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=af&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=208210&na=279710930&cs=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.170.204 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-170-204.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:42 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 22 Jun 2024 18:00:42 GMT
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&sst=1&wf=1&ra=1&sgs=3&vb=7&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=0&ni=1&ak=-&i=BONZAI1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.snxNz3%2B1bmlLntoDUj%7B!%3CFeid%5BOV%7C%2B2x%3D(%3Ce7%25tDkkcRYG%3EZcTOc9!x%5E%7D%2Cap.%3E%25.s)yeA1%7Cu%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ2M3%3C%2B%7BK%24%3D!%2509.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-53F%2B%2BNkZmb%2FPZE5huWvRGicZ6Z%2BcTnsOSyy9oU9P6JZYWukXqqJkIhT%2FncgZbY1D8fQ%3D&rs=1-OXHdlqV6USoP6g%3D%3D&sc=1&os=1-pA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3DI7ALTC%22%2FE&qc=30&qd=30&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=1195&w=1631&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=-409.59375&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&id=1&ii=4&f=0&j=&t=1719079241518&de=976545834293&cu=1719079241518&m=1057&ar=9cc5b3e58a7-clean&iw=65d8acd&cb=0&ym=0&ll=2&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7604&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=66&vx=66%3A67%3A-&pe=1%3A1861%3A1861%3A0%3A1848&as=1&ag=1008&an=1008&gf=103&gg=103&ix=103&ic=103&ez=1&ck=1008&kw=830&aj=1&pg=98&pf=98&ib=0&cc=1&bw=1008&bx=1008&ci=1008&jz=830&dj=1&aa=0&ad=905&cn=905&gk=0&gl=0&ik=0&cq=1&im=1&in=1&pd=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=830&cd=830&ah=830&am=830&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=2664729713245404649%3A2663177152027522640%3Adesktop_truskin%3Aundefined&bo=dfp_pg&bp=wap&bd=undefined&gw=bonzai678688331786&zMoatOrigSlicer1=dfp_pg&zMoatOrigSlicer2=wap&hv=Bonzai&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=af&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=208210&na=1688567147&cs=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.170.204 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-170-204.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:42 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 22 Jun 2024 18:00:42 GMT
rec
collector.bonzai.co/ Frame 474B 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZWxlaWQiOiJCRWJOSHciLCJlbGVuIjoiU1ctVHJ1c2tpbi1BbmltYXRpb24tNC0zIDEiLCJlbGV0IjoiVklERU8iLCJldiI6InZpZGVvc3RhcnQiLCJldm4iOiJWaWRlbyBTdGFydCIsImV2dCI6IkF1dG8iLCJmaSI6ZmFsc2UsInBuIjoiRGVza3RvcCB0cnVTa2luIG1haW4iLCJwaWQiOiJkdHNNYWluIiwicHQiOiJkdHMiLCJicmtwIjoiRGVza3RvcCB0cnVTa2luIG1haW4iLCJicmtwaWQiOiJkdHNNYWluIiwiYXV0byI6dHJ1ZSwidmxlbiI6OCwicG9zIjowLjAwMjk1Miwid2lkIjoxLCJvIjoicG9ydHJhaXQiLCJjdHoiOi00ODAsImN0cyI6MTcxOTA3OTI0MjYxMiwibW9kZSI6ImxpdmUiLCJ0ayI6IjVkN2VhNjI4NzlhZDg3ODRhN2RiMTVlNzRkYjhjZDE0IiwiYWQiOiIyNjY0NzI5NzEzMjQ1NDA0NjQ5In0=&etc=0.2487013190899765
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/outer-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-26.syd3.r.cloudfront.net
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:42 GMT
via
1.1 c055c3339c284980acc0cc86a72891de.cloudfront.net (CloudFront)
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD3-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
x-amz-cf-id
3Zt8zcQjC96PP_7BmkKEXWq4nyjiGuDwrCx21g2M7cqLDYvoFyN45w==
expires
Thu, 01 Jan 1970 00:00:00 GMT
generic1715769109244.js
nebula-cdn.kampyle.com/au/wau/132224/onsite/ 		459 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/au/wau/132224/onsite/generic1715769109244.js
Requested by
Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/au/wau/132224/onsite/embed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.175 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
29a87db3f1d7967d183df115a6a9c96b89665cfd8c142f35946b93d13ee30246
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
beZJH2h2ibfRRAw_FrzoqWdn.S51YnrK
content-encoding
gzip
via
1.1 varnish
date
Sat, 22 Jun 2024 18:00:42 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
E272D08A0Y30NYFZ
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
87945
x-amz-id-2
56qrQ1f5C4IcnGctx5wwe70OrKthb/J7H8kCJCJ449aSRNDLZk/Lbi/KDDzHFdKTuNN0SmaxwOY=
x-served-by
cache-syd10162-SYD
last-modified
Wed, 15 May 2024 10:31:50 GMT
server
AmazonS3
x-timer
S1719079243.622912,VS0,VE0
etag
"cd4bfd27daf057ed3d1d560fc9c108a3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
132107
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=33F227FAB674441C83701B6A5DE0DEA7&RedC=c.clarity.ms&MXFR=1EBA2973EFFA6EC329963DD5EBFA607E
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=33F227FAB674441C83701B6A5DE0DEA7&MUID=0B711CBE08FE6A912E480818096E6B90
42 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=33F227FAB674441C83701B6A5DE0DEA7&MUID=0B711CBE08FE6A912E480818096E6B90
Protocol
H2
Server
52.231.230.148 Busan, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:42 GMT
last-modified
Thu, 20 Jun 2024 17:32:12 GMT
server
Microsoft-IIS/10.0
etag
"1b2b37c937c3da1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:42 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 56D73D38323944BDAC73CA458234E5A8 Ref B: SYD03EDGE1009 Ref C: 2024-06-22T18:00:43Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=33F227FAB674441C83701B6A5DE0DEA7&MUID=0B711CBE08FE6A912E480818096E6B90
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202406170101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
19414408923a4e6661887770667450797f70a55b378bbc2f24c4be6c99f7ff95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12947
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 550D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.heraldsun.com.au
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 22 Jun 2024 18:00:43 GMT
server
Kestrel
server-processing-duration-in-ticks
324827
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
rec
collector.bonzai.co/ Frame 474B 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZXYiOiJ2aWV3LTUxIiwiZXZuIjoidmlldy01MSIsImV2dCI6IkF1dG8iLCJmaSI6ZmFsc2UsIm8iOiJwb3J0cmFpdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzE5MDc5MjQyNjQ3LCJtb2RlIjoibGl2ZSIsInRrIjoiNWQ3ZWE2Mjg3OWFkODc4NGE3ZGIxNWU3NGRiOGNkMTQiLCJhZCI6IjI2NjQ3Mjk3MTMyNDU0MDQ2NDkifQ==&etc=0.9677309152897886
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-26.syd3.r.cloudfront.net
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:42 GMT
via
1.1 c055c3339c284980acc0cc86a72891de.cloudfront.net (CloudFront)
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD3-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
x-amz-cf-id
7vO79mvnMZvXDZbeYFchfF0ADgbqfhJJQqoHarTA_MXXG6O5_WATpA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
__cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 		0
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyNi4wLjAuMCBTYWZhcmkvNTM3LjM2Iiwic2Vzc2lvbl9wbGF0Zm9ybSI6ICJXaW4zMiIsInBhZ2VfdGl0bGUiOiAiT3V0ZXIgZWFzdCB8IExlYWRlciBOZXdzcGFwZXJzIEVhc3QgTWVsYm91cm5lIHwgTG9jYWwgQ29tbXVuaXR5IE5ld3MgVklDIHwgS25veCBMZWFkZXIgfCBNYXJvb25kYWggTGVhZGVyIHwgTGlseWRhbGUgJiBZYXJyYSBWYWxsZXkgTGVhZGVyIHwgRnJlZSBQcmVzcyBMZWFkZXIgfCBIZXJhbGQgU3VuIiwicGFnZV91cmwiOiAiaHR0cHM6Ly93d3cuaGVyYWxkc3VuLmNvbS5hdS9sZWFkZXIvb3V0ZXItZWFzdCIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMi4yMyIsImV2ZW50X25hbWUiOiAibmVidWxhX3BhZ2VfdmlldyIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNzE5MDc5MjQyNjgzIiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogOCwidXNlcl9pZCI6ICIxOTA0MTFiOGJiNGRiOC0wODY3ZjY2MGZjYzY5Yy0yNjAwMWY1MS0xZDRjMDAtMTkwNDExYjhiYjUxMmEzIiwiZW52aXJvbWVudCI6ICJkaWdpdGFsLWNsb3VkLXN5ZDEiLCJhY2NvdW50SWQiOiAxMzIyMjIsInVybCI6ICJodHRwczovL3d3dy5oZXJhbGRzdW4uY29tLmF1L2xlYWRlci9vdXRlci1lYXN0Iiwid2Vic2l0ZUlkIjogMTMyMjI0LCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7Im1kX2lzU3VydmV5U3VibWl0dGVkSW5TZXNzaW9uIjogIiIsIkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICI5OWM5LTUwM2YtMTA2YS0wNjcxLWFhM2QtNWU3MS0yZjJhLWFlYjMiLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTcxOTA3OTI0MjY4MCIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIiLCJTVUJNSVRURURfREFURSI6ICIifSwiY29va2llX3NpemUiOiA0OTQ4LCJrYW1weWxlX3ZlcnNpb24iOiAiMi41NS4wIiwib25zaXRlX3ZlcnNpb24iOiAiMi41NS4wIiwiaGlzdG9yeV9sZW5ndGgiOiAyLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNzE5MDc5MjQyNjgzLCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZX0KXX0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
82.45.241.35.bc.googleusercontent.com
Software
Jetty(9.2.11.v20150529) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-me
prod-instance-gatewayservice-green-4kwh
date
Sat, 22 Jun 2024 18:00:42 GMT
via
1.1 google
server
Jetty(9.2.11.v20150529)
access-control-max-age
1800
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
image/gif; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept
content-length
0
x-application-context
application:9090
rec
collector.bonzai.co/ Frame 474B 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZXYiOiJ2aWV3LTUxIiwiZXZuIjoidmlldy01MSIsImV2dCI6IkF1dG8iLCJmaSI6ZmFsc2UsIm8iOiJwb3J0cmFpdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzE5MDc5MjQyNzIxLCJtb2RlIjoibGl2ZSIsInRrIjoiNWQ3ZWE2Mjg3OWFkODc4NGE3ZGIxNWU3NGRiOGNkMTQiLCJhZCI6IjI2NjQ3Mjk3MTMyNDU0MDQ2NDkifQ==&etc=0.9854307418327257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-26.syd3.r.cloudfront.net
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:42 GMT
via
1.1 c055c3339c284980acc0cc86a72891de.cloudfront.net (CloudFront)
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD3-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
x-amz-cf-id
LueZy1wRtBdWf2LXblR48uNW3uypcDjvnOZC8OCBkBMw53FD6Gcwiw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 18:00:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 22 Jun 2024 18:00:42 GMT
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&sst=1&wf=1&ra=1&sgs=3&vb=7&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=0&ni=1&ak=-&i=BONZAI1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.snxNz3%2B1bmlLntoDUj%7B!%3CFeid%5BOV%7C%2B2x%3D(%3Ce7%25tDkkcRYG%3EZcTOc9!x%5E%7D%2Cap.%3E%25.s)yeA1%7Cu%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ2M3%3C%2B%7BK%24%3D!%2509.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-53F%2B%2BNkZmb%2FPZE5huWvRGicZ6Z%2BcTnsOSyy9oU9P6JZYWukXqqJkIhT%2FncgZbY1D8fQ%3D&rs=1-OXHdlqV6USoP6g%3D%3D&sc=1&os=1-pA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3DI7ALTC%22%2FE&qc=30&qd=30&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=1195&w=1631&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=-409.59375&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&id=1&ii=4&f=0&j=&t=1719079241518&de=976545834293&cu=1719079241518&m=1259&ar=9cc5b3e58a7-clean&iw=65d8acd&cb=0&ym=0&ll=2&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7604&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=66&vx=66%3A67%3A-&pe=1%3A1861%3A1861%3A10651%3A1848&as=1&ag=1214&an=1008&gf=103&gg=103&ix=103&ic=103&ez=1&ck=1008&kw=830&aj=1&pg=98&pf=98&ib=0&cc=1&bw=1214&bx=1008&ci=1008&jz=830&dj=1&aa=1&ad=1111&cn=905&gk=0&gl=0&ik=0&co=1111&cp=1035&cq=1&im=1&in=1&pd=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1035&cd=830&ah=1035&am=830&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=2664729713245404649%3A2663177152027522640%3Adesktop_truskin%3Aundefined&bo=dfp_pg&bp=wap&bd=undefined&gw=bonzai678688331786&zMoatOrigSlicer1=dfp_pg&zMoatOrigSlicer2=wap&hv=Bonzai&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=af&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=208210&na=2004640711&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.170.204 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-170-204.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:42 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 22 Jun 2024 18:00:42 GMT
rec
collector.bonzai.co/ Frame 474B 		43 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZXYiOiJ2aWV3LTUxIiwiZXZuIjoidmlldy01MSIsImV2dCI6IkF1dG8iLCJmaSI6ZmFsc2UsIm8iOiJwb3J0cmFpdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzE5MDc5MjQyODYxLCJtb2RlIjoibGl2ZSIsInRrIjoiNWQ3ZWE2Mjg3OWFkODc4NGE3ZGIxNWU3NGRiOGNkMTQiLCJhZCI6IjI2NjQ3Mjk3MTMyNDU0MDQ2NDkifQ==&etc=0.5903872981936902
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-26.syd3.r.cloudfront.net
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:42 GMT
via
1.1 c055c3339c284980acc0cc86a72891de.cloudfront.net (CloudFront)
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD3-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
x-amz-cf-id
1mkJ6cpOrdnU0j1y44d4h3ivZEPSgcnONrEVHzB2m3KW44F7J059rQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
rec
collector.bonzai.co/ Frame 474B 		43 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZXYiOiJ2aWV3LTUxIiwiZXZuIjoidmlldy01MSIsImV2dCI6IkF1dG8iLCJmaSI6ZmFsc2UsIm8iOiJwb3J0cmFpdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzE5MDc5MjQzMDAyLCJtb2RlIjoibGl2ZSIsInRrIjoiNWQ3ZWE2Mjg3OWFkODc4NGE3ZGIxNWU3NGRiOGNkMTQiLCJhZCI6IjI2NjQ3Mjk3MTMyNDU0MDQ2NDkifQ==&etc=0.6892474717826604
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-26.syd3.r.cloudfront.net
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:43 GMT
via
1.1 c055c3339c284980acc0cc86a72891de.cloudfront.net (CloudFront)
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD3-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
x-amz-cf-id
Yhm9S-sk36_BBeXscyA-ONrWVocTe5U6X94tf_n9sFeEVdS7sX5tjQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6074 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
474945
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 17 Jun 2024 06:04:58 GMT
expires
Tue, 17 Jun 2025 06:04:58 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame BA8D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0Gmi40di87M6qYdbFJYpHg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-0Gmi40di87M6qYdbFJYpHg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 22 Jun 2024 18:00:43 GMT
expires
Sat, 22 Jun 2024 18:00:43 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=380ce709-1371-956a-3b40-b2d254aa5329&tv=%7Bc:gpTQpP,pingTime:1,time:2190,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:66%7D,%7Bpiv:100,vs:i,r:,t:1188%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1002,o:1188,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:66,wc:30.30.1600.1200,ac:1148.662.300.250,am:i,cc:1148.662.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1137~0,1~100%5D,as:%5B1138~300.250%5D%7D%7D,%7Bsl:i,t:1188,wc:30.30.1600.1200,ac:1148.618.300.250,am:i,cc:1148.618.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:294,fm:ugs1iR5+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911%7C1912%7C1913%7C1914%7C1a%7C1b11%7C1b12%7C1b13%7C1c1%7C1d%7C1e1%7C1f%7C1g%7C1h%7C1i11%7C1i12%7C1i13%7C1j%7C1k1%7C1l1%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s1%7C1s2%7C1s3%7C1t%7C1u1%7C1u2%7C1u3%7C1v1%7C1v2%7C1v3%7C1w*.10507%7C1w1%7C1w2%7C1w3%7C1w4%7C1x1%7C1x2%7C1x3%7C1y1%7C1y2%7C1y3,idMap:1w*,rmeas:1,rend:1,renddet:IMG.qs,siq:67,sis:91%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.71.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-71-247.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:43 GMT
server
nginx
x-server-name
dt01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=380ce709-1371-956a-3b40-b2d254aa5329&tv=%7Bc:gpTQpP,pingTime:1,time:2190,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:66%7D,%7Bpiv:100,vs:i,r:,t:1188%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1002,o:1188,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:66,wc:30.30.1600.1200,ac:1148.662.300.250,am:i,cc:1148.662.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1137~0,1~100%5D,as:%5B1138~300.250%5D%7D%7D,%7Bsl:i,t:1188,wc:30.30.1600.1200,ac:1148.618.300.250,am:i,cc:1148.618.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:294,fm:ugs1iR5+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911%7C1912%7C1913%7C1914%7C1a%7C1b11%7C1b12%7C1b13%7C1c1%7C1d%7C1e1%7C1f%7C1g%7C1h%7C1i11%7C1i12%7C1i13%7C1j%7C1k1%7C1l1%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s1%7C1s2%7C1s3%7C1t%7C1u1%7C1u2%7C1u3%7C1v1%7C1v2%7C1v3%7C1w*.10507%7C1w1%7C1w2%7C1w3%7C1w4%7C1x1%7C1x2%7C1x3%7C1y1%7C1y2%7C1y3,idMap:1w*,rmeas:1,rend:1,renddet:IMG.qs,siq:67,sis:91%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.71.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-71-247.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:43 GMT
server
nginx
x-server-name
dt42.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=380ce709-1371-956a-3b40-b2d254aa5329&tv=%7Bc:gpTQpQ,pingTime:1,time:2191,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:66%7D,%7Bpiv:100,vs:i,r:,t:1188%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1003,o:1188,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:66,wc:30.30.1600.1200,ac:1148.662.300.250,am:i,cc:1148.662.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1137~0,1~100%5D,as:%5B1138~300.250%5D%7D%7D,%7Bsl:i,t:1188,wc:30.30.1600.1200,ac:1148.618.300.250,am:i,cc:1148.618.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:294,fm:ugs1iR5+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911%7C1912%7C1913%7C1914%7C1a%7C1b11%7C1b12%7C1b13%7C1c1%7C1d%7C1e1%7C1f%7C1g%7C1h%7C1i11%7C1i12%7C1i13%7C1j%7C1k1%7C1l1%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s1%7C1s2%7C1s3%7C1t%7C1u1%7C1u2%7C1u3%7C1v1%7C1v2%7C1v3%7C1w*.10507%7C1w1%7C1w2%7C1w3%7C1w4%7C1x1%7C1x2%7C1x3%7C1y1%7C1y2%7C1y3,idMap:1w*,rmeas:1,rend:1,renddet:IMG.qs,siq:67,sis:91,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.71.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-71-247.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:43 GMT
server
nginx
x-server-name
dt38.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=380ce709-1371-956a-3b40-b2d254aa5329&tv=%7Bc:gpTQpR,pingTime:1,time:2192,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:66%7D,%7Bpiv:100,vs:i,r:,t:1188%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1004,o:1188,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:66,wc:30.30.1600.1200,ac:1148.662.300.250,am:i,cc:1148.662.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1137~0,1~100%5D,as:%5B1138~300.250%5D%7D%7D,%7Bsl:i,t:1188,wc:30.30.1600.1200,ac:1148.618.300.250,am:i,cc:1148.618.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1003~100%5D,as:%5B1003~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:294,fm:ugs1iR5+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911%7C1912%7C1913%7C1914%7C1a%7C1b11%7C1b12%7C1b13%7C1c1%7C1d%7C1e1%7C1f%7C1g%7C1h%7C1i11%7C1i12%7C1i13%7C1j%7C1k1%7C1l1%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s1%7C1s2%7C1s3%7C1t%7C1u1%7C1u2%7C1u3%7C1v1%7C1v2%7C1v3%7C1w*.10507%7C1w1%7C1w2%7C1w3%7C1w4%7C1x1%7C1x2%7C1x3%7C1y1%7C1y2%7C1y3,idMap:1w*,rmeas:1,rend:1,renddet:IMG.qs,siq:67,sis:91,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.71.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-71-247.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:43 GMT
server
nginx
x-server-name
dt32.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
rec
collector.bonzai.co/ Frame 474B 		43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZXYiOiJ2aWV3LTUxIiwiZXZuIjoidmlldy01MSIsImV2dCI6IkF1dG8iLCJmaSI6ZmFsc2UsIm8iOiJwb3J0cmFpdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzE5MDc5MjQzMzYxLCJtb2RlIjoibGl2ZSIsInRrIjoiNWQ3ZWE2Mjg3OWFkODc4NGE3ZGIxNWU3NGRiOGNkMTQiLCJhZCI6IjI2NjQ3Mjk3MTMyNDU0MDQ2NDkifQ==&etc=0.14339208784134194
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-26.syd3.r.cloudfront.net
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:43 GMT
via
1.1 c055c3339c284980acc0cc86a72891de.cloudfront.net (CloudFront)
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD3-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
x-amz-cf-id
DTNmHjkr_MzlvmkSNnc8Pm0DrGl5n0G6Mm9i5Fqmzrb2KN2jhrrPlg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
v.clarity.ms/ 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/x-clarity-gzip
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://www.heraldsun.com.au
Date
Sat, 22 Jun 2024 18:00:43 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
rec
collector.bonzai.co/ Frame 474B 		43 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZXYiOiJ2aWV3LTUxIiwiZXZuIjoidmlldy01MSIsImV2dCI6IkF1dG8iLCJmaSI6ZmFsc2UsIm8iOiJwb3J0cmFpdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzE5MDc5MjQzNTA0LCJtb2RlIjoibGl2ZSIsInRrIjoiNWQ3ZWE2Mjg3OWFkODc4NGE3ZGIxNWU3NGRiOGNkMTQiLCJhZCI6IjI2NjQ3Mjk3MTMyNDU0MDQ2NDkifQ==&etc=0.6533930541542341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-26.syd3.r.cloudfront.net
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:43 GMT
via
1.1 c055c3339c284980acc0cc86a72891de.cloudfront.net (CloudFront)
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD3-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
x-amz-cf-id
d8z9Rc1XDBB7AOp8GQB25ErbXIauWJMcFwWCkg8fXarl02603-g4lg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
rec
collector.bonzai.co/ Frame 474B 		43 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZWxlaWQiOiJCRWJOSHciLCJlbGVuIjoiU1ctVHJ1c2tpbi1BbmltYXRpb24tNC0zIDEiLCJlbGV0IjoiVklERU8iLCJldiI6InZpZGVvdGltZSIsImV2biI6IlZpZGVvIFRpbWUiLCJldnQiOiJBdXRvIiwiZmkiOmZhbHNlLCJwbiI6IkRlc2t0b3AgdHJ1U2tpbiBtYWluIiwicGlkIjoiZHRzTWFpbiIsInB0IjoiZHRzIiwiYnJrcCI6IkRlc2t0b3AgdHJ1U2tpbiBtYWluIiwiYnJrcGlkIjoiZHRzTWFpbiIsImF1dG8iOnRydWUsInZsZW4iOjgsInBvcyI6MS4wMDU0NDMsIndpZCI6MSwibyI6InBvcnRyYWl0IiwiY3R6IjotNDgwLCJjdHMiOjE3MTkwNzkyNDM2MzUsIm1vZGUiOiJsaXZlIiwidGsiOiI1ZDdlYTYyODc5YWQ4Nzg0YTdkYjE1ZTc0ZGI4Y2QxNCIsImFkIjoiMjY2NDcyOTcxMzI0NTQwNDY0OSJ9&etc=0.4810092415768157
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-26.syd3.r.cloudfront.net
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:43 GMT
via
1.1 c055c3339c284980acc0cc86a72891de.cloudfront.net (CloudFront)
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD3-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
x-amz-cf-id
s6e4N4d2kGIMNVN3l_0sr-hMlKMy4KpHQ325AcLE4XiAPLN8owmsVg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0
rec
collector.bonzai.co/ Frame 474B 		43 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZXYiOiJ2aWV3LTUxIiwiZXZuIjoidmlldy01MSIsImV2dCI6IkF1dG8iLCJmaSI6ZmFsc2UsIm8iOiJwb3J0cmFpdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzE5MDc5MjQ0MDc0LCJtb2RlIjoibGl2ZSIsInRrIjoiNWQ3ZWE2Mjg3OWFkODc4NGE3ZGIxNWU3NGRiOGNkMTQiLCJhZCI6IjI2NjQ3Mjk3MTMyNDU0MDQ2NDkifQ==&etc=0.19500588511464212
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-26.syd3.r.cloudfront.net
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:44 GMT
via
1.1 c055c3339c284980acc0cc86a72891de.cloudfront.net (CloudFront)
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD3-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
x-amz-cf-id
S2Y9iFqARPpK1_AocutFzSyTWfKT093bOiReuz11pbHMMl6Rjh-00Q==
expires
Thu, 01 Jan 1970 00:00:00 GMT
rec
collector.bonzai.co/ Frame 474B 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZXYiOiJ2aWV3LTUxIiwiZXZuIjoidmlldy01MSIsImV2dCI6IkF1dG8iLCJmaSI6ZmFsc2UsIm8iOiJwb3J0cmFpdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzE5MDc5MjQ0MjE2LCJtb2RlIjoibGl2ZSIsInRrIjoiNWQ3ZWE2Mjg3OWFkODc4NGE3ZGIxNWU3NGRiOGNkMTQiLCJhZCI6IjI2NjQ3Mjk3MTMyNDU0MDQ2NDkifQ==&etc=0.8290417934563015
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-26.syd3.r.cloudfront.net
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:44 GMT
via
1.1 c055c3339c284980acc0cc86a72891de.cloudfront.net (CloudFront)
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD3-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
x-amz-cf-id
-mUbrWLsG4HSfbN9cR-xSyuwdanTOe8xr8GTOU_tV-JZJHDCuX7GQw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
validate
assets.vidora.com/v1/ 		0
298 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://assets.vidora.com/v1/validate?api_key=heraldsun.2F8773CE626E38E3517E704E87B6D52D
Requested by
Host: assets.vidora.com
URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.244.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-244-94.syd3.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 22 Jun 2024 18:00:44 GMT
via
1.1 a7a7ee092ee4b4df82064022cbdb7e94.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SYD3-P1
x-cache
Miss from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
JZ6QQNayiKWfWH_yLOQaESEcK4gqTZyIotEMsKaz8NaTm2vv0JPahA==
expires
Sat, 22 Jun 2024 18:00:43 GMT
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=video%40heraldsun.com.au&g=36976&p=https%3A%2F%2Fmassets.bonzai.co%2Fmediaconvert%2Fccdb4925-e9b1-476a-87e1-610bbd0130e3_v1_5%2Fccdb4925-e9b1-476a-87e1-610bbd0130e3_v1_5_original.mp4%3Fngsw-bypass%3Dtrue&i=&g0=local%2Couter-east%2Cindex%2Cno_video&g1=hwt&u=Q64FoCf1y8DTPB4y&t=C_Xi6cC2Bi-CoSJZFC2zSAMCdCl9d&x=0&y=0&V=147&VS=H5&n=1&b=10625&r=&_vd=8000&_vi=Outer%20east%20%7C%20Leader%20Newspapers%20East%20Melbourne%20%7C%20Local%20Community%20News%20VIC%20%7C%20Knox%20Leader%20%7C%20Maroondah%20Leader%20%7C%20Lilydale%20%26%20Yarra%20Valley%20Leader%20%7C%20Free%20Press%20Leader%20%7C%20Herald%20Sun&_vp=heraldsun.com.au%2Fleader%2Fouter-east&_vh=heraldsun.com.au&_pu=BNVOU-BR9yyLB1YifI&_pt=xjYaHB4-MrsDzxoUaBGUcn0E1r4Q&_pr=&_vdd=heraldsun.com.au&_vt=ct&_vs=s2&_vcs=0&_vbr=-1&_vvs=0.004&_vpt=2649&_vtn=https%3A%2F%2Fmassets.bonzai.co%2Fmediaconvert%2Fccdb4925-e9b1-476a-87e1-610bbd0130e3_v1_5%2Fccdb4925-e9b1-476a-87e1-610bbd0130e3_v1_5_original.0000000.jpeg&_vaup=auto&_vce=0&c=0&W=0&R=1&I=0&E=0&j=20&tz=-480&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.253.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-253-44.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 22 Jun 2024 18:00:45 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
rec
collector.bonzai.co/ Frame 474B 		43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZWxlaWQiOiJCRWJOSHciLCJlbGVuIjoiU1ctVHJ1c2tpbi1BbmltYXRpb24tNC0zIDEiLCJlbGV0IjoiVklERU8iLCJldiI6InZpZGVvdGltZSIsImV2biI6IlZpZGVvIFRpbWUiLCJldnQiOiJBdXRvIiwiZmkiOmZhbHNlLCJwbiI6IkRlc2t0b3AgdHJ1U2tpbiBtYWluIiwicGlkIjoiZHRzTWFpbiIsInB0IjoiZHRzIiwiYnJrcCI6IkRlc2t0b3AgdHJ1U2tpbiBtYWluIiwiYnJrcGlkIjoiZHRzTWFpbiIsImF1dG8iOnRydWUsInZsZW4iOjgsInBvcyI6My4xMjg2NTksIndpZCI6MSwibyI6InBvcnRyYWl0IiwiY3R6IjotNDgwLCJjdHMiOjE3MTkwNzkyNDU3NTksIm1vZGUiOiJsaXZlIiwidGsiOiI1ZDdlYTYyODc5YWQ4Nzg0YTdkYjE1ZTc0ZGI4Y2QxNCIsImFkIjoiMjY2NDcyOTcxMzI0NTQwNDY0OSJ9&etc=0.6334127522729225
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-26.syd3.r.cloudfront.net
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:45 GMT
via
1.1 c055c3339c284980acc0cc86a72891de.cloudfront.net (CloudFront)
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD3-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
x-amz-cf-id
h_bXzIw4USoavbPeA3xLTeuDTZ0koOzYwV_JKyeS_EB_lSUBgcyl_g==
expires
Thu, 01 Jan 1970 00:00:00 GMT
rec
collector.bonzai.co/ Frame 474B 		43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZXYiOiJ2aWV3LTUxIiwiZXZuIjoidmlldy01MSIsImV2dCI6IkF1dG8iLCJmaSI6ZmFsc2UsIm8iOiJwb3J0cmFpdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzE5MDc5MjQ1NzU5LCJtb2RlIjoibGl2ZSIsInRrIjoiNWQ3ZWE2Mjg3OWFkODc4NGE3ZGIxNWU3NGRiOGNkMTQiLCJhZCI6IjI2NjQ3Mjk3MTMyNDU0MDQ2NDkifQ==&etc=0.8378961834153373
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-26.syd3.r.cloudfront.net
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:45 GMT
via
1.1 c055c3339c284980acc0cc86a72891de.cloudfront.net (CloudFront)
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD3-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
x-amz-cf-id
5oRzNEER0jK9S3ejCRFDlk6li-EdtD7-O4Cnui_XbU2RKFgEwL9qRA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=560ba54e-4242-c736-9b45-5cbdd24dab1f&tv=%7Bc:gpTR6D,pingTime:5,time:5515,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:386%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5516,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:386,wc:30.30.1600.1200,ac:30.30.970.250,am:i,cc:30.30.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5152~100%5D,as:%5B5152~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:214,fm:ugs1iGg+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911%7C1912%7C1913%7C1914%7C1a%7C1b11%7C1b12%7C1b13%7C1c1%7C1d%7C1e1%7C1f%7C1g%7C1h%7C1i11%7C1i12%7C1i13%7C1j%7C1k1%7C1l1%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s1%7C1s2%7C1s3%7C1t%7C1u*.10507%7C1u1%7C1u2%7C1v.10507%7C1v1%7C1v2%7C1w.10507%7C1x.10507%7C1x1%7C1x2%7C1y.10507%7C1y1%7C1y2,idMap:1u*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:388,sis:619%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.71.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-71-247.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:46 GMT
server
nginx
x-server-name
dt34.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=560ba54e-4242-c736-9b45-5cbdd24dab1f&tv=%7Bc:gpTR6E,pingTime:5,time:5516,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:386%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5516,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:386,wc:30.30.1600.1200,ac:30.30.970.250,am:i,cc:30.30.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5152~100%5D,as:%5B5152~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:214,fm:ugs1iGg+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911%7C1912%7C1913%7C1914%7C1a%7C1b11%7C1b12%7C1b13%7C1c1%7C1d%7C1e1%7C1f%7C1g%7C1h%7C1i11%7C1i12%7C1i13%7C1j%7C1k1%7C1l1%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s1%7C1s2%7C1s3%7C1t%7C1u*.10507%7C1u1%7C1u2%7C1v.10507%7C1v1%7C1v2%7C1w.10507%7C1x.10507%7C1x1%7C1x2%7C1y.10507%7C1y1%7C1y2,idMap:1u*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:388,sis:619%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.71.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-71-247.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:46 GMT
server
nginx
x-server-name
dt66.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
rec
collector.bonzai.co/ Frame 474B 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZXYiOiJ2aWV3LTUxIiwiZXZuIjoidmlldy01MSIsImV2dCI6IkF1dG8iLCJmaSI6ZmFsc2UsIm8iOiJwb3J0cmFpdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzE5MDc5MjQ1OTAwLCJtb2RlIjoibGl2ZSIsInRrIjoiNWQ3ZWE2Mjg3OWFkODc4NGE3ZGIxNWU3NGRiOGNkMTQiLCJhZCI6IjI2NjQ3Mjk3MTMyNDU0MDQ2NDkifQ==&etc=0.850786409068085
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-26.syd3.r.cloudfront.net
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:45 GMT
via
1.1 c055c3339c284980acc0cc86a72891de.cloudfront.net (CloudFront)
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD3-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
x-amz-cf-id
CGFYicD7H9LxXXg4jESmBIClGaglYyylwRf61sGfozWX1Tvz-8f79A==
expires
Thu, 01 Jan 1970 00:00:00 GMT
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2Fleader%2Fouter-east&u=BNVOU-BR9yyLB1YifI&d=heraldsun.com.au&g=36976&g0=local%2Couter-east%2Cindex%2Cno_video&g1=hwt&n=1&f=00001&c=0.18&x=0&m=0&y=7604&o=1600&w=1200&j=30&R=1&W=0&I=0&E=6&e=6&r=&PA=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&b=3281&t=xjYaHB4-MrsDzxoUaBGUcn0E1r4Q&V=147&tz=-480&_acct=anon&_vi=&_vp=https://massets.bonzai.co/mediaconvert/ccdb4925-e9b1-476a-87e1-610bbd0130e3_v1_5/ccdb4925-e9b1-476a-87e1-610bbd0130e3_v1_5_original.mp4?ngsw-bypass=true&_vdd=video%40heraldsun.com.au&_vs=s2&_vt=ct&_vap=&_vtn=https%3A%2F%2Fmassets.bonzai.co%2Fmediaconvert%2Fccdb4925-e9b1-476a-87e1-610bbd0130e3_v1_5%2Fccdb4925-e9b1-476a-87e1-610bbd0130e3_v1_5_original.0000000.jpeg&_vd=8000&sn=2&sv=aZVnzCyTkmHC_lfVdmdbGql_X9d&sr=external&sd=1&im=066b0f7a&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.253.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-253-44.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 22 Jun 2024 18:00:46 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&sst=1&wf=1&ra=1&sgs=3&vb=7&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=0&ni=1&ak=-&i=BONZAI1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.snxNz3%2B1bmlLntoDUj%7B!%3CFeid%5BOV%7C%2B2x%3D(%3Ce7%25tDkkcRYG%3EZcTOc9!x%5E%7D%2Cap.%3E%25.s)yeA1%7Cu%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ2M3%3C%2B%7BK%24%3D!%2509.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-53F%2B%2BNkZmb%2FPZE5huWvRGicZ6Z%2BcTnsOSyy9oU9P6JZYWukXqqJkIhT%2FncgZbY1D8fQ%3D&rs=1-OXHdlqV6USoP6g%3D%3D&sc=1&os=1-pA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3DI7ALTC%22%2FE&qc=30&qd=30&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=1195&w=1631&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=-409.59375&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&id=1&ii=4&f=0&j=&t=1719079241518&de=976545834293&cu=1719079241518&m=5077&ar=9cc5b3e58a7-clean&iw=65d8acd&cb=0&ym=0&ll=2&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7604&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=66&vx=66%3A67%3A-&pe=1%3A1861%3A1861%3A10651%3A1848&as=1&ag=5032&an=1214&gf=103&gg=103&ix=103&ic=103&ez=1&ck=1008&kw=830&aj=1&pg=98&pf=98&ib=0&cc=1&bw=5032&bx=1214&ci=1008&jz=830&dj=1&aa=1&ad=4929&cn=1111&gk=0&gl=0&ik=0&co=1111&cp=1035&cq=1&im=1&in=1&pd=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4859&cd=1035&ah=4859&am=1035&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=2664729713245404649%3A2663177152027522640%3Adesktop_truskin%3Aundefined&bo=dfp_pg&bp=wap&bd=undefined&gw=bonzai678688331786&zMoatOrigSlicer1=dfp_pg&zMoatOrigSlicer2=wap&hv=Bonzai&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=af&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=208210&na=1390745383&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.170.204 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-170-204.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:46 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 22 Jun 2024 18:00:46 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=380ce709-1371-956a-3b40-b2d254aa5329&tv=%7Bc:gpTRsl,pingTime:5,time:6190,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:66%7D,%7Bpiv:100,vs:i,r:,t:1188%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5002,o:1188,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:66,wc:30.30.1600.1200,ac:1148.662.300.250,am:i,cc:1148.662.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1137~0,1~100%5D,as:%5B1138~300.250%5D%7D%7D,%7Bsl:i,t:1188,wc:30.30.1600.1200,ac:1148.618.300.250,am:i,cc:1148.618.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:218,fm:ugs1iR5+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911%7C1912%7C1913%7C1914%7C1a%7C1b11%7C1b12%7C1b13%7C1c1%7C1d%7C1e1%7C1f%7C1g%7C1h%7C1i11%7C1i12%7C1i13%7C1j%7C1k1%7C1l1%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s1%7C1s2%7C1s3%7C1t%7C1u1%7C1u2%7C1u3%7C1v1%7C1v2%7C1v3%7C1w*.10507%7C1w1%7C1w2%7C1w3%7C1w4%7C1x1%7C1x2%7C1x3%7C1y1%7C1y2%7C1y3,idMap:1w*,rmeas:1,rend:1,renddet:IMG.qs,siq:67,sis:91%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.71.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-71-247.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:47 GMT
server
nginx
x-server-name
dt82.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=380ce709-1371-956a-3b40-b2d254aa5329&tv=%7Bc:gpTRsm,pingTime:5,time:6191,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:66%7D,%7Bpiv:100,vs:i,r:,t:1188%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5003,o:1188,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:66,wc:30.30.1600.1200,ac:1148.662.300.250,am:i,cc:1148.662.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1137~0,1~100%5D,as:%5B1138~300.250%5D%7D%7D,%7Bsl:i,t:1188,wc:30.30.1600.1200,ac:1148.618.300.250,am:i,cc:1148.618.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5002~100%5D,as:%5B5002~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:218,fm:ugs1iR5+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911%7C1912%7C1913%7C1914%7C1a%7C1b11%7C1b12%7C1b13%7C1c1%7C1d%7C1e1%7C1f%7C1g%7C1h%7C1i11%7C1i12%7C1i13%7C1j%7C1k1%7C1l1%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s1%7C1s2%7C1s3%7C1t%7C1u1%7C1u2%7C1u3%7C1v1%7C1v2%7C1v3%7C1w*.10507%7C1w1%7C1w2%7C1w3%7C1w4%7C1x1%7C1x2%7C1x3%7C1y1%7C1y2%7C1y3,idMap:1w*,rmeas:1,rend:1,renddet:IMG.qs,siq:67,sis:91%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.71.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-71-247.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:47 GMT
server
nginx
x-server-name
dt40.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
rec
collector.bonzai.co/ Frame 474B 		43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZXYiOiJ2aWV3LTUxIiwiZXZuIjoidmlldy01MSIsImV2dCI6IkF1dG8iLCJmaSI6ZmFsc2UsIm8iOiJwb3J0cmFpdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzE5MDc5MjQ3NDYwLCJtb2RlIjoibGl2ZSIsInRrIjoiNWQ3ZWE2Mjg3OWFkODc4NGE3ZGIxNWU3NGRiOGNkMTQiLCJhZCI6IjI2NjQ3Mjk3MTMyNDU0MDQ2NDkifQ==&etc=0.03446245548537874
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-26.syd3.r.cloudfront.net
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:47 GMT
via
1.1 c055c3339c284980acc0cc86a72891de.cloudfront.net (CloudFront)
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD3-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
x-amz-cf-id
EPj9cGQUItYLshM1XkJp4NnCG-_L8ArWpxNBTcO4b6g3VMTtdALfxQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
rec
collector.bonzai.co/ Frame 474B 		43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZXYiOiJ2aWV3LTUxIiwiZXZuIjoidmlldy01MSIsImV2dCI6IkF1dG8iLCJmaSI6ZmFsc2UsIm8iOiJwb3J0cmFpdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzE5MDc5MjQ3NjAxLCJtb2RlIjoibGl2ZSIsInRrIjoiNWQ3ZWE2Mjg3OWFkODc4NGE3ZGIxNWU3NGRiOGNkMTQiLCJhZCI6IjI2NjQ3Mjk3MTMyNDU0MDQ2NDkifQ==&etc=0.004742123261198605
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-26.syd3.r.cloudfront.net
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:47 GMT
via
1.1 c055c3339c284980acc0cc86a72891de.cloudfront.net (CloudFront)
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD3-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
x-amz-cf-id
82HWJd0UCfAavmtg6SNWxjq-6zEcZ58d0WmGC8PslEYJOirQnYvXoQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
rec
collector.bonzai.co/ Frame 474B 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZWxlaWQiOiJCRWJOSHciLCJlbGVuIjoiU1ctVHJ1c2tpbi1BbmltYXRpb24tNC0zIDEiLCJlbGV0IjoiVklERU8iLCJldiI6InZpZGVvdGltZSIsImV2biI6IlZpZGVvIFRpbWUiLCJldnQiOiJBdXRvIiwiZmkiOmZhbHNlLCJwbiI6IkRlc2t0b3AgdHJ1U2tpbiBtYWluIiwicGlkIjoiZHRzTWFpbiIsInB0IjoiZHRzIiwiYnJrcCI6IkRlc2t0b3AgdHJ1U2tpbiBtYWluIiwiYnJrcGlkIjoiZHRzTWFpbiIsImF1dG8iOnRydWUsInZsZW4iOjgsInBvcyI6NS4yNTM1NTIsIndpZCI6MSwibyI6InBvcnRyYWl0IiwiY3R6IjotNDgwLCJjdHMiOjE3MTkwNzkyNDc4ODMsIm1vZGUiOiJsaXZlIiwidGsiOiI1ZDdlYTYyODc5YWQ4Nzg0YTdkYjE1ZTc0ZGI4Y2QxNCIsImFkIjoiMjY2NDcyOTcxMzI0NTQwNDY0OSJ9&etc=0.5151739763209255
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-26.syd3.r.cloudfront.net
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:47 GMT
via
1.1 c055c3339c284980acc0cc86a72891de.cloudfront.net (CloudFront)
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD3-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
x-amz-cf-id
AXbM9cyUYwHSh0brV_nZ0HZ8ls59ufxwrZVWSoZj6hMZQgBcTc9kUQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
rec
collector.bonzai.co/ Frame 474B 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZXYiOiJ2aWV3LTUxIiwiZXZuIjoidmlldy01MSIsImV2dCI6IkF1dG8iLCJmaSI6ZmFsc2UsIm8iOiJwb3J0cmFpdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzE5MDc5MjQ5MTQ5LCJtb2RlIjoibGl2ZSIsInRrIjoiNWQ3ZWE2Mjg3OWFkODc4NGE3ZGIxNWU3NGRiOGNkMTQiLCJhZCI6IjI2NjQ3Mjk3MTMyNDU0MDQ2NDkifQ==&etc=0.6871943684510571
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-26.syd3.r.cloudfront.net
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:49 GMT
via
1.1 c055c3339c284980acc0cc86a72891de.cloudfront.net (CloudFront)
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD3-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
x-amz-cf-id
FE8gVmZNa2V2GlUVBjiZSs1fepJ37nkXrxKQRzCOmAZSFLpqpEefAg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
rec
collector.bonzai.co/ Frame 474B 		43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZXYiOiJ2aWV3LTUxIiwiZXZuIjoidmlldy01MSIsImV2dCI6IkF1dG8iLCJmaSI6ZmFsc2UsIm8iOiJwb3J0cmFpdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzE5MDc5MjQ5MjkxLCJtb2RlIjoibGl2ZSIsInRrIjoiNWQ3ZWE2Mjg3OWFkODc4NGE3ZGIxNWU3NGRiOGNkMTQiLCJhZCI6IjI2NjQ3Mjk3MTMyNDU0MDQ2NDkifQ==&etc=0.7782601021273385
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-26.syd3.r.cloudfront.net
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:49 GMT
via
1.1 c055c3339c284980acc0cc86a72891de.cloudfront.net (CloudFront)
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD3-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
x-amz-cf-id
W9YkVV1DQqacpDkSrMtxED8kNF35Lcy-490xWfJ1gbuvbtSbDQ51jA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
rec
collector.bonzai.co/ Frame 474B 		43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZWxlaWQiOiJCRWJOSHciLCJlbGVuIjoiU1ctVHJ1c2tpbi1BbmltYXRpb24tNC0zIDEiLCJlbGV0IjoiVklERU8iLCJldiI6InZpZGVvdGltZSIsImV2biI6IlZpZGVvIFRpbWUiLCJldnQiOiJBdXRvIiwiZmkiOmZhbHNlLCJwbiI6IkRlc2t0b3AgdHJ1U2tpbiBtYWluIiwicGlkIjoiZHRzTWFpbiIsInB0IjoiZHRzIiwiYnJrcCI6IkRlc2t0b3AgdHJ1U2tpbiBtYWluIiwiYnJrcGlkIjoiZHRzTWFpbiIsImF1dG8iOnRydWUsInZsZW4iOjgsInBvcyI6Ny4xMTQwMjUsIndpZCI6MSwibyI6InBvcnRyYWl0IiwiY3R6IjotNDgwLCJjdHMiOjE3MTkwNzkyNDk3NDQsIm1vZGUiOiJsaXZlIiwidGsiOiI1ZDdlYTYyODc5YWQ4Nzg0YTdkYjE1ZTc0ZGI4Y2QxNCIsImFkIjoiMjY2NDcyOTcxMzI0NTQwNDY0OSJ9&etc=0.06326156523966464
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-26.syd3.r.cloudfront.net
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:49 GMT
via
1.1 c055c3339c284980acc0cc86a72891de.cloudfront.net (CloudFront)
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD3-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
x-amz-cf-id
8tuQSa4uagt4sY7QlegeYFsRfclJjhvt90aEo5-0IA-IBluPYkTNJg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2Fleader%2Fouter-east&u=BNVOU-BR9yyLB1YifI&d=heraldsun.com.au&g=36976&g0=local%2Couter-east%2Cindex%2Cno_video&g1=hwt&n=1&f=00001&c=0.25&x=0&m=0&y=7604&o=1600&w=1200&j=30&R=1&W=0&I=0&E=9&e=3&r=&PA=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&b=3281&t=xjYaHB4-MrsDzxoUaBGUcn0E1r4Q&V=147&tz=-480&_acct=anon&_vi=&_vp=https://massets.bonzai.co/mediaconvert/ccdb4925-e9b1-476a-87e1-610bbd0130e3_v1_5/ccdb4925-e9b1-476a-87e1-610bbd0130e3_v1_5_original.mp4?ngsw-bypass=true&_vdd=video%40heraldsun.com.au&_vs=s2&_vt=ct&_vap=&_vtn=https%3A%2F%2Fmassets.bonzai.co%2Fmediaconvert%2Fccdb4925-e9b1-476a-87e1-610bbd0130e3_v1_5%2Fccdb4925-e9b1-476a-87e1-610bbd0130e3_v1_5_original.0000000.jpeg&_vd=8000&sn=3&sv=aZVnzCyTkmHC_lfVdmdbGql_X9d&sr=external&sd=1&im=066b0f7a&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.253.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-253-44.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 22 Jun 2024 18:00:50 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=video%40heraldsun.com.au&g=36976&p=https%3A%2F%2Fmassets.bonzai.co%2Fmediaconvert%2Fccdb4925-e9b1-476a-87e1-610bbd0130e3_v1_5%2Fccdb4925-e9b1-476a-87e1-610bbd0130e3_v1_5_original.mp4%3Fngsw-bypass%3Dtrue&i=&g0=local%2Couter-east%2Cindex%2Cno_video&g1=hwt&u=Q64FoCf1y8DTPB4y&t=C_Xi6cC2Bi-CoSJZFC2zSAMCdCl9d&x=0&y=0&V=147&VS=H5&n=1&b=10625&_vd=8000&_vi=Outer%20east%20%7C%20Leader%20Newspapers%20East%20Melbourne%20%7C%20Local%20Community%20News%20VIC%20%7C%20Knox%20Leader%20%7C%20Maroondah%20Leader%20%7C%20Lilydale%20%26%20Yarra%20Valley%20Leader%20%7C%20Free%20Press%20Leader%20%7C%20Herald%20Sun&_vp=heraldsun.com.au%2Fleader%2Fouter-east&_vh=heraldsun.com.au&_pu=BNVOU-BR9yyLB1YifI&_pt=xjYaHB4-MrsDzxoUaBGUcn0E1r4Q&_pr=&_vdd=heraldsun.com.au&_vt=ct&_vs=s2&_vcs=1&_vbr=-1&_vvs=5.004&_vpt=7652&_vtn=https%3A%2F%2Fmassets.bonzai.co%2Fmediaconvert%2Fccdb4925-e9b1-476a-87e1-610bbd0130e3_v1_5%2Fccdb4925-e9b1-476a-87e1-610bbd0130e3_v1_5_original.0000000.jpeg&_vaup=auto&_vce=5&c=0.08&W=0&R=1&I=0&E=5&j=20&tz=-480&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.253.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-253-44.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 22 Jun 2024 18:00:50 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
rec
collector.bonzai.co/ Frame 474B 		43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZWxlaWQiOiJCRWJOSHciLCJlbGVuIjoiU1ctVHJ1c2tpbi1BbmltYXRpb24tNC0zIDEiLCJlbGV0IjoiVklERU8iLCJldiI6InZpZGVvY21wbCIsImV2biI6IlZpZGVvIENvbXBsZXRlIiwiZXZ0IjoiQXV0byIsImZpIjpmYWxzZSwicG4iOiJEZXNrdG9wIHRydVNraW4gbWFpbiIsInBpZCI6ImR0c01haW4iLCJwdCI6ImR0cyIsImJya3AiOiJEZXNrdG9wIHRydVNraW4gbWFpbiIsImJya3BpZCI6ImR0c01haW4iLCJhdXRvIjp0cnVlLCJ2bGVuIjo4LCJwb3MiOjgsIndpZCI6MSwibyI6InBvcnRyYWl0IiwiY3R6IjotNDgwLCJjdHMiOjE3MTkwNzkyNTA2MjUsIm1vZGUiOiJsaXZlIiwidGsiOiI1ZDdlYTYyODc5YWQ4Nzg0YTdkYjE1ZTc0ZGI4Y2QxNCIsImFkIjoiMjY2NDcyOTcxMzI0NTQwNDY0OSJ9&etc=0.4345990085502067
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-26.syd3.r.cloudfront.net
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:50 GMT
via
1.1 c055c3339c284980acc0cc86a72891de.cloudfront.net (CloudFront)
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD3-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
x-amz-cf-id
GTy2G3CooABjdXWu1VJtjm-6gZ4REGuz5OBh9hTSds1YQSIL1_aIZQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
full_screen.svg
s.bzcdn.co/canvas/ca/video/raw-lib/ 		306 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.bzcdn.co/canvas/ca/video/raw-lib/full_screen.svg
Requested by
Host: s.bzcdn.co
URL: https://s.bzcdn.co/canvas/ca/video/raw-lib/ce-video-new-min-fd8262ba53.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-116.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d66b1c8cdd2c10175167c9e567530e99178b6a0d913ece33cdf184e7bb94bb9e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://s.bzcdn.co/canvas/ca/video/raw-lib/ce-video-new-min-fd8262ba53.css
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 03:04:45 GMT
via
1.1 332185989ef2da97d1a56bdaee204b78.cloudfront.net (CloudFront)
last-modified
Fri, 14 Jun 2024 09:50:36 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
53766
x-amz-server-side-encryption
AES256
etag
"f7b773f738ab6cf94164887fd9012da7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=86400
accept-ranges
bytes
content-length
306
x-amz-cf-id
8GlBilTcAuZVvh4pT3dCTUhDzitSwVaMOex4-1Bt0f77DgJwcn6deQ==
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&sst=1&wf=1&ra=1&sgs=3&vb=7&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=0&ni=1&ak=-&i=BONZAI1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.snxNz3%2B1bmlLntoDUj%7B!%3CFeid%5BOV%7C%2B2x%3D(%3Ce7%25tDkkcRYG%3EZcTOc9!x%5E%7D%2Cap.%3E%25.s)yeA1%7Cu%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ2M3%3C%2B%7BK%24%3D!%2509.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-53F%2B%2BNkZmb%2FPZE5huWvRGicZ6Z%2BcTnsOSyy9oU9P6JZYWukXqqJkIhT%2FncgZbY1D8fQ%3D&rs=1-OXHdlqV6USoP6g%3D%3D&sc=1&os=1-pA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3DI7ALTC%22%2FE&qc=30&qd=30&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&h=1195&w=1631&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=-409.59375&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&id=1&ii=4&f=0&j=&t=1719079241518&de=976545834293&cu=1719079241518&m=10095&ar=9cc5b3e58a7-clean&iw=65d8acd&cb=0&ym=0&ll=2&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7604&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=66&vx=66%3A67%3A-&pe=1%3A1861%3A1861%3A10651%3A1848&as=1&ag=10050&an=5032&gf=103&gg=103&ix=103&ic=103&ez=1&ck=1008&kw=830&aj=1&pg=98&pf=98&ib=0&cc=1&bw=10050&bx=5032&ci=1008&jz=830&dj=1&aa=1&ad=9947&cn=4929&gk=0&gl=0&ik=0&co=1111&cp=1035&cq=1&im=1&in=1&pd=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=9876&cd=4859&ah=9876&am=4859&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=2664729713245404649%3A2663177152027522640%3Adesktop_truskin%3Aundefined&bo=dfp_pg&bp=wap&bd=undefined&gw=bonzai678688331786&zMoatOrigSlicer1=dfp_pg&zMoatOrigSlicer2=wap&hv=Bonzai&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=af&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=208210&na=2132813540&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.170.204 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-170-204.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:51 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 22 Jun 2024 18:00:51 GMT
rec
collector.bonzai.co/ Frame 474B 		43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZXYiOiJ2aWV3LTUxIiwiZXZuIjoidmlldy01MSIsImV2dCI6IkF1dG8iLCJmaSI6ZmFsc2UsIm8iOiJwb3J0cmFpdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzE5MDc5MjUyMTczLCJtb2RlIjoibGl2ZSIsInRrIjoiNWQ3ZWE2Mjg3OWFkODc4NGE3ZGIxNWU3NGRiOGNkMTQiLCJhZCI6IjI2NjQ3Mjk3MTMyNDU0MDQ2NDkifQ==&etc=0.327327987521034
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-26.syd3.r.cloudfront.net
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:52 GMT
via
1.1 c055c3339c284980acc0cc86a72891de.cloudfront.net (CloudFront)
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD3-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
x-amz-cf-id
2AamTOVBHrSnpCnGo-PdEArIT7HNXeE3n6v__WQ5TwrkaUv9sFrPDQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
rec
collector.bonzai.co/ Frame 474B 		43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZXYiOiJ2aWV3LTUxIiwiZXZuIjoidmlldy01MSIsImV2dCI6IkF1dG8iLCJmaSI6ZmFsc2UsIm8iOiJwb3J0cmFpdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzE5MDc5MjUyMzE0LCJtb2RlIjoibGl2ZSIsInRrIjoiNWQ3ZWE2Mjg3OWFkODc4NGE3ZGIxNWU3NGRiOGNkMTQiLCJhZCI6IjI2NjQ3Mjk3MTMyNDU0MDQ2NDkifQ==&etc=0.07076647067148034
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-26.syd3.r.cloudfront.net
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:52 GMT
via
1.1 c055c3339c284980acc0cc86a72891de.cloudfront.net (CloudFront)
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD3-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
x-amz-cf-id
4D85ndsSVrnWsDWxHgio0OosE4OGV7egicfu-pNUWE93ewCilh2tZA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
rec
collector.bonzai.co/ Frame 474B 		43 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZXYiOiJ2aWV3LTUxIiwiZXZuIjoidmlldy01MSIsImV2dCI6IkF1dG8iLCJmaSI6ZmFsc2UsIm8iOiJwb3J0cmFpdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzE5MDc5MjUzNjQ2LCJtb2RlIjoibGl2ZSIsInRrIjoiNWQ3ZWE2Mjg3OWFkODc4NGE3ZGIxNWU3NGRiOGNkMTQiLCJhZCI6IjI2NjQ3Mjk3MTMyNDU0MDQ2NDkifQ==&etc=0.9028844418740762
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-26.syd3.r.cloudfront.net
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:53 GMT
via
1.1 c055c3339c284980acc0cc86a72891de.cloudfront.net (CloudFront)
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD3-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
x-amz-cf-id
-aJCHXz5Pcuf0YbDVx6A18BhnNRaEmeLbnDsGkslon_h-S13Q2FS5A==
expires
Thu, 01 Jan 1970 00:00:00 GMT
rec
collector.bonzai.co/ Frame 474B 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZXYiOiJ2aWV3LTUxIiwiZXZuIjoidmlldy01MSIsImV2dCI6IkF1dG8iLCJmaSI6ZmFsc2UsIm8iOiJwb3J0cmFpdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzE5MDc5MjUzNzg4LCJtb2RlIjoibGl2ZSIsInRrIjoiNWQ3ZWE2Mjg3OWFkODc4NGE3ZGIxNWU3NGRiOGNkMTQiLCJhZCI6IjI2NjQ3Mjk3MTMyNDU0MDQ2NDkifQ==&etc=0.34271080909309815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-26.syd3.r.cloudfront.net
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:53 GMT
via
1.1 c055c3339c284980acc0cc86a72891de.cloudfront.net (CloudFront)
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD3-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
x-amz-cf-id
CcrzmdniXuVFcDIxkJ2_nmeEIk8MbC9WAfM-LpTZl9fvFNr3AEVDXQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=video%40heraldsun.com.au&g=36976&p=https%3A%2F%2Fmassets.bonzai.co%2Fmediaconvert%2Fccdb4925-e9b1-476a-87e1-610bbd0130e3_v1_5%2Fccdb4925-e9b1-476a-87e1-610bbd0130e3_v1_5_original.mp4%3Fngsw-bypass%3Dtrue&i=&g0=local%2Couter-east%2Cindex%2Cno_video&g1=hwt&u=Q64FoCf1y8DTPB4y&t=C_Xi6cC2Bi-CoSJZFC2zSAMCdCl9d&x=0&y=0&V=147&VS=H5&n=1&b=10625&_vd=8000&_vi=Outer%20east%20%7C%20Leader%20Newspapers%20East%20Melbourne%20%7C%20Local%20Community%20News%20VIC%20%7C%20Knox%20Leader%20%7C%20Maroondah%20Leader%20%7C%20Lilydale%20%26%20Yarra%20Valley%20Leader%20%7C%20Free%20Press%20Leader%20%7C%20Herald%20Sun&_vp=heraldsun.com.au%2Fleader%2Fouter-east&_vh=heraldsun.com.au&_pu=BNVOU-BR9yyLB1YifI&_pt=xjYaHB4-MrsDzxoUaBGUcn0E1r4Q&_pr=&_vdd=heraldsun.com.au&_vt=ct&_vs=s2&_vcs=1&_vbr=-1&_vvs=10.004&_vpt=4608&_vtn=https%3A%2F%2Fmassets.bonzai.co%2Fmediaconvert%2Fccdb4925-e9b1-476a-87e1-610bbd0130e3_v1_5%2Fccdb4925-e9b1-476a-87e1-610bbd0130e3_v1_5_original.0000000.jpeg&_vaup=auto&_vce=10&c=0.17&W=0&R=1&I=0&E=10&j=20&tz=-480&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.253.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-253-44.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 22 Jun 2024 18:00:55 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
rec
collector.bonzai.co/ Frame 474B 		43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZXYiOiJ2aWV3LTUxIiwiZXZuIjoidmlldy01MSIsImV2dCI6IkF1dG8iLCJmaSI6ZmFsc2UsIm8iOiJwb3J0cmFpdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzE5MDc5MjU1NTQ0LCJtb2RlIjoibGl2ZSIsInRrIjoiNWQ3ZWE2Mjg3OWFkODc4NGE3ZGIxNWU3NGRiOGNkMTQiLCJhZCI6IjI2NjQ3Mjk3MTMyNDU0MDQ2NDkifQ==&etc=0.2899514411739377
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-26.syd3.r.cloudfront.net
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:55 GMT
via
1.1 c055c3339c284980acc0cc86a72891de.cloudfront.net (CloudFront)
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD3-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
x-amz-cf-id
htadsZPA3FA_5e9hRi-SIwSbJ7C8fCmJDy51UXJlNCFVVh2h93wBcw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
rec
collector.bonzai.co/ Frame 474B 		43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZXYiOiJ2aWV3LTUxIiwiZXZuIjoidmlldy01MSIsImV2dCI6IkF1dG8iLCJmaSI6ZmFsc2UsIm8iOiJwb3J0cmFpdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzE5MDc5MjU1Njg0LCJtb2RlIjoibGl2ZSIsInRrIjoiNWQ3ZWE2Mjg3OWFkODc4NGE3ZGIxNWU3NGRiOGNkMTQiLCJhZCI6IjI2NjQ3Mjk3MTMyNDU0MDQ2NDkifQ==&etc=0.8550544713606592
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-26.syd3.r.cloudfront.net
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:55 GMT
via
1.1 c055c3339c284980acc0cc86a72891de.cloudfront.net (CloudFront)
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD3-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
x-amz-cf-id
7fi5Jal6SrL8hDTx0UeL8dIuBvAXDVBzMAxk1OjPoQqx2Ll9L9Y-yg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=560ba54e-4242-c736-9b45-5cbdd24dab1f&tv=%7Bc:gpTTHM,pingTime:15,time:15506,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:386%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:15506,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:386,wc:30.30.1600.1200,ac:30.30.970.250,am:i,cc:30.30.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B15142~100%5D,as:%5B15142~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:216,fm:ugs1iGg+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911%7C1912%7C1913%7C1914%7C1a%7C1b11%7C1b12%7C1b13%7C1c1%7C1d%7C1e1%7C1f%7C1g%7C1h%7C1i11%7C1i12%7C1i13%7C1j%7C1k1%7C1l1%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s1%7C1s2%7C1s3%7C1t%7C1u*.10507%7C1u1%7C1u2%7C1v.10507%7C1v1%7C1v2%7C1w.10507%7C1x.10507%7C1x1%7C1x2%7C1y.10507%7C1y1%7C1y2,idMap:1u*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:388,sis:619%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.71.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-71-247.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:55 GMT
server
nginx
x-server-name
dt66.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=560ba54e-4242-c736-9b45-5cbdd24dab1f&tv=%7Bc:gpTTHO,pingTime:15,time:15508,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:386%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:15508,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:386,wc:30.30.1600.1200,ac:30.30.970.250,am:i,cc:30.30.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B15144~100%5D,as:%5B15144~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:216,fm:ugs1iGg+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911%7C1912%7C1913%7C1914%7C1a%7C1b11%7C1b12%7C1b13%7C1c1%7C1d%7C1e1%7C1f%7C1g%7C1h%7C1i11%7C1i12%7C1i13%7C1j%7C1k1%7C1l1%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s1%7C1s2%7C1s3%7C1t%7C1u*.10507%7C1u1%7C1u2%7C1v.10507%7C1v1%7C1v2%7C1w.10507%7C1x.10507%7C1x1%7C1x2%7C1y.10507%7C1y1%7C1y2,idMap:1u*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:388,sis:619%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.71.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-71-247.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:56 GMT
server
nginx
x-server-name
dt68.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&sst=1&wf=1&ra=1&sgs=3&vb=7&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=0&ni=1&ak=https%3A%2F%2Fwww.heraldsun.com.au%2F%2Fleader%2F-&i=BONZAI1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.snxNz3%2B1bmlLntoDUj%7B!%3CFeid%5BOV%7C%2B2x%3D(%3Ce7%25tDkkcRYG%3EZcTOc9!x%5E%7D%2Cap.%3E%25.s)yeA1%7Cu%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ2M3%3C%2B%7BK%24%3D!%2509.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-53F%2B%2BNkZmb%2FPZE5huWvRGicZ6Z%2BcTnsOSyy9oU9P6JZYWukXqqJkIhT%2FncgZbY1D8fQ%3D&rs=1-OXHdlqV6USoP6g%3D%3D&sc=1&os=1-pA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3DI7ALTC%22%2FE&qc=30&qd=30&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&vf=1&vg=100&bq=0&g=6&h=1195&w=1631&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=-409.59375&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fouter-east&id=1&ii=4&f=0&j=&t=1719079241518&de=976545834293&cu=1719079241518&m=15115&ar=9cc5b3e58a7-clean&iw=65d8acd&cb=0&ym=0&ll=2&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7604&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=66&vx=66%3A67%3A-&pe=1%3A1861%3A1861%3A10651%3A1848&as=1&ag=15070&an=10050&gf=103&gg=103&ix=103&ic=103&ez=1&ck=1008&kw=830&aj=1&pg=98&pf=98&ib=0&cc=1&bw=15070&bx=10050&ci=1008&jz=830&dj=1&aa=1&ad=14967&cn=9947&gk=0&gl=0&ik=0&co=1111&cp=1035&cq=1&im=1&in=1&pd=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=14897&cd=9876&ah=14897&am=9876&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=2664729713245404649%3A2663177152027522640%3Adesktop_truskin%3Aundefined&bo=dfp_pg&bp=wap&bd=undefined&gw=bonzai678688331786&zMoatOrigSlicer1=dfp_pg&zMoatOrigSlicer2=wap&hv=Bonzai&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=af&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=208210&na=1255402867&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.170.204 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-170-204.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.heraldsun.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 18:00:56 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 22 Jun 2024 18:00:56 GMT
dt
dt.adsafeprotected.com/ 		0
0
dt
dt.adsafeprotected.com/ 		0
0
rec
collector.bonzai.co/ Frame 474B 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
content.api.news
URL
https://content.api.news/v3/images/bin/b311b8d2f9bb1b5c17318961448a2797?width=150
Domain
content.api.news
URL
https://content.api.news/v3/images/bin/6e1a233de7e069128a82f4d6c88a1ce0?width=150
Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/csp-reports
Domain
lb.eu-1-id5-sync.com
URL
https://lb.eu-1-id5-sync.com/lb/v1
Domain
www.google.com
URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTbXUztPH_YrzwJzYKC4MVt0KVHgrqwRwj0cjHAJ4Ne73O9rvxeITrYckz0q_UhsRKdMpqcIiC0g-sVc7XzRJy-FAL5Kg
Domain
www.google.com
URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSHhhC4uYsMEwHcRBPFRhk-q87F33JwFsfGhadUrySXwBpSR6vPYwnmyJMWfQfSc01qlBZU6erSt_GT4OvJWGA1kuDqPA
Domain
www.google.com
URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTODspk6xQ7pfbjlKjpJyGO387gDJbbTsjuD5DNkyHp3iK2towMhT6A04KkQr7RiX1BuIfjXQXsKfrPKDiVfNrqaDOYtA
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202406170101&jk=2963332978068749&bg=!BQalBknNAAb64txl2uI7ADQBe5WfOG_qE-9Dm8j0hzi7tBkv8vapaHY61EkITNRNueK9x5Dl5ql4WJ11DKMu0LCpAIFqAgAAAEtSAAAAAmgBB34ANmmZHPK1EqDg4IpfQcU8WF-DpPUgsTpQllRSqExlMr6e6ewoYz_GifuI-EOd8jlnut_BL9xU0QoAGTliY9YiCgWdwRsx-rUw25UHCHxerZhQSeaZAtIHHu38tuCusJZcgQdASSS_WcMgxCUXYiHgt2G27vL3eRxjrQQr6NAD3MjMTAZu8F4nGrS0MIDtQy1p4zbc2Zi_gsDofM2gxepxzhMLnQOze6U5voQisLdelCpWpmjCkLKc9fiI4FFd9ZViyJ1tOqGLiaexsBlLRfRmiQFANMVotdYA0PIevv80-AFk6RwkP4SRmB9LnziSMLOroi4nSHwNwwz3raVC_ZDOfsTqR6TTEDA-OUOOynnSO33IgNH1k2obRUFoE3IRVEiu_8ktjrtMDPEXGkxP2n6DbLeENf2QjSD8Ad-yFodzvME2EWKwRG7eZXLbjX8ZqvL-BNmKOOyLU_g9cj7ba2CicMetyORU1rwAYK1Dh-H78Nhz8KE7JZ_-4GIsdvSgb40pL8q4xcCH8gKUyYp5NaTmgqmLojxsB9ja8B1skVCIXemb8e9fVGSRW6JBLm7Zd6wdJTqoA4r31NBXAdLKsFMa070lF0qxLeoBzfO5nnhoARw0XJtChxeW64kwxyuYet6-xqC7qvKNmWjLN50hEVGlY_wQwNkYt0rqbqA3L8WgSxueGZgDPBamS6Lq7RHI0eWXdNukJHImXYT1mBjAdi_9YiS0ued8ZT68_u6XaommFsVOumNi0zTbKWDfaGgEt5q2ZaYvRw64xtCOY-S6utoiORknOL05HBevHXQ5u1WzyDn0mm1kQBREUey5CyO3gILXSSlp5gXmG8sG3Wbh69L-1sFO91-zo2KeVcRxLRfk913T10ZQlW8FYpPjctbyJn-jAomYslewqoN5xqaDInqCwP-8bQO5eYEJui_ZA37sjUPKloZNj4sfXk25gg4Fjyr0cmXUQQc_ibuKsQlhHTXbNLQkWx1k6KcOKoaerwDq-ul00DKDTss9gnM2Q_aeYd_n74cwDj7f-2FvSug0ubrYMes8GlwfSovWzZ-QgoQw0cOOB5kdQQLiBA
Domain
dt.adsafeprotected.com
URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=380ce709-1371-956a-3b40-b2d254aa5329&tv=%7Bc:gpTU5f,pingTime:15,time:16290,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:66%7D,%7Bpiv:100,vs:i,r:,t:1188%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:15102,o:1188,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:66,wc:30.30.1600.1200,ac:1148.662.300.250,am:i,cc:1148.662.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1137~0,1~100%5D,as:%5B1138~300.250%5D%7D%7D,%7Bsl:i,t:1188,wc:30.30.1600.1200,ac:1148.618.300.250,am:i,cc:1148.618.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B15101~100%5D,as:%5B15101~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:212,fm:ugs1iR5+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911%7C1912%7C1913%7C1914%7C1a%7C1b11%7C1b12%7C1b13%7C1c1%7C1d%7C1e1%7C1f%7C1g%7C1h%7C1i11%7C1i12%7C1i13%7C1j%7C1k1%7C1l1%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s1%7C1s2%7C1s3%7C1t%7C1u1%7C1u2%7C1u3%7C1v1%7C1v2%7C1v3%7C1w*.10507%7C1w1%7C1w2%7C1w3%7C1w4%7C1x1%7C1x2%7C1x3%7C1y1%7C1y2%7C1y3,idMap:1w*,rmeas:1,rend:1,renddet:IMG.qs,siq:67,sis:91%7D&br=c
Domain
dt.adsafeprotected.com
URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=380ce709-1371-956a-3b40-b2d254aa5329&tv=%7Bc:gpTU5f,pingTime:15,time:16290,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:66%7D,%7Bpiv:100,vs:i,r:,t:1188%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:15102,o:1188,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:66,wc:30.30.1600.1200,ac:1148.662.300.250,am:i,cc:1148.662.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1137~0,1~100%5D,as:%5B1138~300.250%5D%7D%7D,%7Bsl:i,t:1188,wc:30.30.1600.1200,ac:1148.618.300.250,am:i,cc:1148.618.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B15101~100%5D,as:%5B15101~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:212,fm:ugs1iR5+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C1911%7C1912%7C1913%7C1914%7C1a%7C1b11%7C1b12%7C1b13%7C1c1%7C1d%7C1e1%7C1f%7C1g%7C1h%7C1i11%7C1i12%7C1i13%7C1j%7C1k1%7C1l1%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r%7C1s1%7C1s2%7C1s3%7C1t%7C1u1%7C1u2%7C1u3%7C1v1%7C1v2%7C1v3%7C1w*.10507%7C1w1%7C1w2%7C1w3%7C1w4%7C1x1%7C1x2%7C1x3%7C1y1%7C1y2%7C1y3,idMap:1w*,rmeas:1,rend:1,renddet:IMG.qs,siq:67,sis:91%7D&br=c
Domain
collector.bonzai.co
URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZXYiOiJ2aWV3LTUxIiwiZXZuIjoidmlldy01MSIsImV2dCI6IkF1dG8iLCJmaSI6ZmFsc2UsIm8iOiJwb3J0cmFpdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzE5MDc5MjU3MzY4LCJtb2RlIjoibGl2ZSIsInRrIjoiNWQ3ZWE2Mjg3OWFkODc4NGE3ZGIxNWU3NGRiOGNkMTQiLCJhZCI6IjI2NjQ3Mjk3MTMyNDU0MDQ2NDkifQ==&etc=0.4638655066395636

Verdicts & Comments Add Verdict or Comment

318 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 undefined| event object| fence object| sharedStorage object| LongTaskObserver object| LUX object| LUX_ae object| LUX_al object| newscorpau object| utag_data object| newskey object| bruce_rtget string| bazadebezolkohpepadr function| admiral object| googletag function| _typeof function| loadjs boolean| isLoadedIndiesJs string| urhehlevkedkilrobacf object| fakeAd number| x_width object| OBR string| OB_releaseVer object| OBREvents function| OBR$ function| _outbrain object| OB_PROXY object| outbrain object| outbrain_rater object| ads_api function| algoliasearch function| webpackHotUpdate object| regeneratorRuntime function| Rampart object| loginStatusPromise object| nb function| 4dm1r11545242527 object| app object| __svelte object| indieApps object| auth object| optimizely object| utag_err boolean| utag_condload object| domains object| parts string| p object| versaTag object| wut object| abtest number| num string| val number| itr number| maxval object| utag number| _sf_startpt object| _sf_async_config object| _cbq function| _tealium_old_error boolean| __tealium_twc_switch object| utag_cfg_ovrd object| m object| vidora_ns object| vidora object| utag_cfg object| uetq function| fbq function| _fbq object| __alloyMonitors object| __alloyNS function| alloy number| gptPluginLoaded object| apstag number| gcTicker function| twq boolean| cb_ad_run number| _sf_endpt object| nn object| NOLBUNDLE object| __ni0 number| nielsenSinglePageEvent object| webpackChunk function| rdt object| ncg_data object| GlobalSnowplowNamespace function| _ncg_snowplow object| Snowplow string| matchId object| KAMPYLE_EMBED number| interval function| GeaLoader object| ads_core object| ads_extra object| apsPlayerSize string| nk function| ad_tl_cb number| PREBID_CONV_RATE number| PREBID_TIMEOUT object| massConfig object| adUnits object| pbjs object| __iasPET object| apstagShared object| kw_ignore object| mready function| UET function| UET_init function| UET_push object| ueto_2075465a2e object| _aps boolean| apstagLOADED object| apscustom object| pbjsChunk object| _pbjsGlobals object| apsUnits function| clsn object| dicnf object| google_js_reporting_queue number| google_srt function| btrp function| pdib3 function| vv function| sasrc object| google_tag_data function| stcc object| nca_ipsos object| dm object| ipsos_ready function| clearImmediate function| setImmediate object| atsdetectionmodule object| atsenvelopemodule object| ats object| twttr object| ggeac object| __id5_finalization_registry object| ID5 boolean| isAlloyConfigured function| DIL object| adobe function| Visitor object| mconfig undefined| google_measure_js_timing boolean| hasApsUnits object| ads_ready object| google_reactive_ads_global_state object| google_tag_topics_state object| versaTagObj object| EBG object| EBGVT object| EBGUIP string| EBservingMode object| gEBMainWindow object| $this object| providersData object| Criteo object| diagPixSentCodes object| __iasAdRefreshConfig boolean| DotMetricsInitScript undefined| _ object| brandmetrics function| __assign function| omrhp object| DotMetricsSettings object| npt function| lintrk boolean| _already_called_lintrk string| _linkedin_partner_id object| _linkedin_data_partner_ids object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL function| redditNormalizeEmail string| redditId object| $jscomp object| DotmetricsJSON object| DotMetricsObj function| __spreadArray object| _brandmetrics object| ns object| paramsPassed object| stateObject object| errorState string| BUILDVERSION object| stateEvents boolean| envelopeModuleReady object| SUBSCRIPTIONS object| SWG string| account_suffix function| AppMeasurement_Module_Media function| AppMeasurement_Module_AudienceManagement number| s_objectID number| s_giq function| AppMeasurement function| AppMeasurement_Module_ActivityMap object| s_c_il number| s_c_in object| s object| visitor object| lastException boolean| explicitPageView object| nr object| metrics string| CE_USER_COMMON_SCRIPT_URL undefined| CE_USER_THIRDPARTY_SCRIPT_URL object| ORIBILI function| clarity object| clarityuetq undefined| oneTagObj function| ebDecode object| bsResponseObj object| categoryData number| google_unique_id object| gaGlobal object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_139 object| Criteo_prebid_139 function| cookieWrite function| cookieRead function| formatTime string| pageName function| p_fo boolean| ppvChange string| ppvID object| __fo object| s_i_newscorpau-hsweb_newscorpau-global object| googDdmPs object| __IntegralASExec undefined| GLOBAL_VAR undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| Moat#PML#26#1.2 boolean| Moat#EVA object| mejs function| MediaElement object| HtmlMediaElement function| onYouTubePlayerAPIReady function| MediaElementPlayer function| vidoraTrackExtraElements object| vidoraHelper object| MDIGITAL object| KAMPYLE_CONSTANT object| KAMPYLE_FUNC object| KAMPYLE_DATA object| KAMPYLE_TARGETING object| KAMPYLE_ANIMATION object| KAMPYLE_VIEW object| KAMPYLE_MESSAGE object| KAMPYLE_UTILS object| KAMPYLE_EVENT_DISPATCHER object| MDIGITAL_ELEMENT_BUILDER object| COOLADATA_CODE object| KAMPYLE_COOLADATA object| KAMPYLE_COMMON object| KAMPYLE_SCREEN_CAPTURE object| KAMPYLE_ONSITE_SDK object| KAMPYLE_INTEGRATION object| cooladata object| GoogleGcLKhOms object| google_image_requests

212 Cookies

Domain/Path Name / Value
.heraldsun.com.au/leader Name: nk
Value: 351c958114b7447c954c1d04cd30a0ed
.heraldsun.com.au/ Name: n_regis
Value: 123456789
.news.com.au/ Name: nk
Value: 351c958114b7447c954c1d04cd30a0ed
.heraldsun.com.au/ Name: nk_debug
Value: nk_set
.heraldsun.com.au/ Name: nk_ts
Value: 1719079233
.heraldsun.com.au/ Name: nk
Value: 351c958114b7447c954c1d04cd30a0ed
.heraldsun.com.au/ Name: bm_mi
Value: AC7A0D5EE104F6F978F2D12589E7F970~YAAQdAUgF4ycYjyQAQAAVmgbQRh5JzO3IQNNZLK3qaeekMONA5m4rhXV8Rwjp2sEf1SsWPQsES7UgJJwH48Mjc0LJlmyiya6nXyNLF4+GIHEhM0W//Y2hD2impfxD0CfsoIMtSXlYfyqT/SvD1Kf19L2vdRdu7LM2zZEWMT6BAKzlFE+de4OxB0qUvO/utMjhFbHv3DbfcpcWI+UvrtS+hOiF85QAhXIFITKW6Tt6I0wRwLzBuqR4LelHOpUNgmIjqxt/tYuvx73NA0P3IfZDqsevEFXDowR9MT2uIam735ltPymUFgD9BDNXeM9MW4bify94VcWntMvTe84M60yhA==~1
www.heraldsun.com.au/ Name: lux_uid
Value: 171907923386552846
.heraldsun.com.au/ Name: bm_sv
Value: 635BAB0309B1E840523286F9EA186949~YAAQdAUgF6GcYjyQAQAA02kbQRgYSy5K1AS6yvIJyEFoD/mxXS54+Ep+d0HyVjQ6DjOhQPpUpoMiDNe6MGZ1kpVxLVMt8Z+ohlVtF1ogsj9OEsZu6Wjtv5USEpozGSMP2N1VmOXfBkDR3To7xVPZZrdh7d69erospz/JfpMqi3GADcj2+w96Q/ZC+9Na+GUSaJ7s+VEwNor9/AK1jP4ljdsLkCR03ot1GtfvwQ/HqoqC0cT5IdobAXUcNhpPpZ5L112L9hG9~1
login.newscorpaustralia.com/ Name: did
Value: s%3Av0%3A146de46a-8e15-4fbe-ac55-ee81cdf45c09.pCrct9aom29vKlnDGNukH5n28aspm6HG%2FseMpQ0Pwa0
.heraldsun.com.au/ Name: utag_main
Value: v_id:0190411b6b4f00863f56ec2089e80506f002e06700b08$_sn:1$_se:1$_ss:1$_st:1719081034386$ses_id:1719079234386%3Bexp-session$_pn:1%3Bexp-session
.heraldsun.com.au/ Name: nearSessionCookie
Value: 0.0016116391537925878
.heraldsun.com.au/ Name: _ncg_sp_ses.ff50
Value: *
.heraldsun.com.au/ Name: _ncg_sp_id.ff50
Value: 7e10ad2b-2c1d-41fa-9be4-74f5baa5f6af.1719079235.1.1719079235.1719079235.302756e9-e12a-4e3b-b14e-6133a40bb153
.newscgp.com/ Name: sp
Value: 4f2aa652-00a0-4f70-8cf4-603e0f596789
.heraldsun.com.au/ Name: _uetsid
Value: 52be8bc030c111ef93af07fcbccf257e
.heraldsun.com.au/ Name: _uetvid
Value: 52bf6f8030c111ef9cde25ae3d1c729d
.doubleclick.net/ Name: APC
Value: AfxxVi7GStiS8l6V6LZCWkARRMQxo0Bb586KRR8lv7v_pI2KTc5QBw
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
www.heraldsun.com.au/ Name: AWSALB
Value: 5UDjSu/OsRjOWXlE58gFpOC9p/aT7445Bes58LhxsibYKJoPkdaRmOSuUVVgDGTTOqyF/KOjqvbxwF5RWUjG3+4aby8A1h1eMaAUKbcexU99NXuiCqlf3eupJaVT
www.heraldsun.com.au/ Name: AWSALBCORS
Value: 5UDjSu/OsRjOWXlE58gFpOC9p/aT7445Bes58LhxsibYKJoPkdaRmOSuUVVgDGTTOqyF/KOjqvbxwF5RWUjG3+4aby8A1h1eMaAUKbcexU99NXuiCqlf3eupJaVT
.heraldsun.com.au/ Name: ak_bmsc
Value: BDE0C0EE33E495FB226E03119DD59AA9~000000000000000000000000000000~YAAQdAUgF7mcYjyQAQAA2GwbQRjYl6XI4At248FeaCxWVILCN16pml96Sm3MMxiGhZ5NvbQtQHiddnm9BcUlx5Hw0PXvGnV2X4zXOtBEkYZ8vuBxhc6qM6PbKOqe1sqzOqo2lqlD88wfRyTvK88Bs/BQV2Csa8t0UodevWI5eoJ7iPLqzqCi6M+Al9Yjnrsldw0+EOY0EODCx+Ht2N7xfz4yIKA5eKzCsfVbjTmbSi2u8EtOn5BJjfyDhpMCxpgi9MQrXXv19ApEJgf8EVWGjb0Y9c9THzRYYbUL9ZghrhII67KY+ZisXKWhYUWMU66odZWtW2QN3je7uw28aJbcAdWu6sCXoKJ52DDetSlr8+UTe7esHdl/KnIOh9fePZBNchzZiHYihbPmIM8UXVT+DpNPzpNhqZWRMjWe6eWS78D9ucO0BP+gEvGpydJKSlyBzoEFGALoDkyS3bKtoszJDmDBIY2HYvoiZUJLRR3/RERDA9TTSUUTHo9NvFwG0WRMlQU=
www.heraldsun.com.au/ Name: _lr_retry_request
Value: true
www.heraldsun.com.au/ Name: _lr_env_src_ats
Value: false
.bing.com/ Name: MUID
Value: 0B711CBE08FE6A912E480818096E6B90
.bat.bing.com/ Name: MR
Value: 0
.heraldsun.com.au/ Name: _fbp
Value: fb.2.1719079234926.276806625240280607
.doubleclick.net/ Name: IDE
Value: AHWqTUl41x9XmVdCB1t_pDlE4ty145ZNPOKG85bgaB8CrlylsGdxZcXqxl_AcugTD5k
.dotmetrics.net/ Name: DotMetrics.DeviceKey
Value: DeviceID=
.dotmetrics.net/ Name: DotMetrics.UniqueUserIdentityCookie
Value: UserID=89b9de4b-4a1a-42ff-a641-19be9964b463&Created=06/22/2024 18:00:35&UserMode=0&guid=e05954f0-ec43-4021-a6e9-ec560b67d27e&ver=1
.heraldsun.com.au/ Name: optimizelyEndUserId
Value: oeu1719079235189r0.5262609269735521
.t.co/ Name: muc_ads
Value: 85838037-e5a8-45f9-af2e-9d55f41933f1
ads.playground.xyz/ Name: connect.sid
Value: s%3ASM_JuT1wcYqyj3qYUvSIKNLtleKf-Oul.qvr59v%2BkqDe%2BKePeyvmkxNKLlFCgmObJHDby3GuAd%2Fw
.heraldsun.com.au/ Name: _ncid
Value: f8c16e972450c2e03cad1bd465e9f76c
.heraldsun.com.au/ Name: _cb
Value: BNVOU-BR9yyLB1YifI
.heraldsun.com.au/ Name: _chartbeat2
Value: .1719079235255.1719079235255.1.aZVnzCyTkmHC_lfVdmdbGql_X9d.1
.heraldsun.com.au/ Name: _cb_svref
Value: external
.teads.tv/ Name: tt_viewer
Value: c7119bea-b688-4b62-bbae-a996da23d089
.teads.tv/ Name: receive-cookie-deprecation
Value: 1
.heraldsun.com.au/ Name: _rdt_uuid
Value: 1719079235290.a9bbe022-a981-4e01-940a-2a2f4a6db27e
.heraldsun.com.au/ Name: _awl
Value: 3.1719079235.5-0d2abf72b7c5dc8526b06d194ac05d31-6763652d617369612d6561737431-0
.heraldsun.com.au/ Name: nol_fpid
Value: kte67j17f1pvwo2yeeavcoufqsi831719079235|1719079235323|1719079235323|1719079235323
.casalemedia.com/ Name: receive-cookie-deprecation
Value: 1
www.heraldsun.com.au/ Name: _lr_geo_location_state
Value: NSW
www.heraldsun.com.au/ Name: _lr_geo_location
Value: AU
www.heraldsun.com.au/ Name: DM_SitId1557
Value: 1
www.heraldsun.com.au/ Name: DM_SitId1557SecId13214
Value: 1
.pubmatic.com/ Name: receive-cookie-deprecation
Value: 1
www.heraldsun.com.au/ Name: metrics_pcsid
Value: not set
.gumgum.com/ Name: cs
Value: true
.adnxs.com/ Name: XANDR_PANID
Value: 5YaOcC35ke7ffxH4vXuL3bhpNMKwqP7hc1wwwVV1FhPfq9QDNOtcvBGwL6745s_4PlECKmdZB9WeWZsy2fufiZIquj4Y9TdcpJQs8x8CZ_I.
.adnxs.com/ Name: icu
Value: ChgIzrIrEAoYASABKAEww6LcswY4AUABSAEQw6LcswYYAA..
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 5067895556725147321
.gumgum.com/ Name: vst
Value: a_2c320161-faa4-4046-8540-723f30111fbe
.twitter.com/ Name: guest_id_marketing
Value: v1%3A171907923546511752
.twitter.com/ Name: guest_id_ads
Value: v1%3A171907923546511752
.twitter.com/ Name: personalization_id
Value: "v1_jpChG1K/ADlWTtwVw9H3pQ=="
.twitter.com/ Name: guest_id
Value: v1%3A171907923546511752
.imrworldwide.com/ Name: IMRID
Value: 53573420-30c1-11ef-8b38-47a7a792bd62
.linkedin.com/ Name: bcookie
Value: "v=2&dd4d5652-a746-482d-8df8-bd78628b1c2e"
.linkedin.com/ Name: lidc
Value: "b=TGST06:s=T:r=T:a=T:p=T:g=2943:u=1:x=1:i=1719079235:t=1719165635:v=2:sig=AQF2eVTSiw79YAIdd5Cch1oZ9CaKOekB"
www.clarity.ms/ Name: CLID
Value: 8b94e197d68d47b485e1fde2386a82ed.20240622.20250622
.heraldsun.com.au/ Name: _clck
Value: gwl64k%7C2%7Cfmu%7C0%7C1634
bs.serving-sys.com/ Name: OT_6630
Value: 1
.serving-sys.com/ Name: ActivityInfo2
Value: 004c3mG820_
.serving-sys.com/ Name: G4
Value: 0009fM00S4_
.serving-sys.com/ Name: OT2
Value: 0001DC1u+y
.serving-sys.com/ Name: u2
Value: ce4c0bff-0b8b-422e-a904-7b00c6c58ad24SU050
.adnxs.com/ Name: anj
Value: dTM7k!M4/8D>6NRF']wIg2HaMJR<KH!EKw)06K+2*qF1`*bdGb%d14x
.demdex.net/ Name: demdex
Value: 81064975311639868421758173671427053711
.heraldsun.com.au/ Name: AMCVS_5FE61C8B533204850A490D4D%40AdobeOrg
Value: 1
.rubiconproject.com/ Name: khaos
Value: LXQFE3SW-E-3MQN
.amazon-adsystem.com/ Name: ad-id
Value: AxR4JK0xm0vzpFsqgbtzrC8
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.heraldsun.com.au/ Name: _pin_unauth
Value: dWlkPU1XSXhNVEpqWVRFdE0ySm1aUzAwWVRVMkxXRTVZbVV0TWpVeE1qQmhaR1UzTWpFeg
.adsrvr.org/ Name: TDID
Value: 3c11f741-f0ab-480c-9b29-71a07ca98de7
.doubleclick.net/ Name: ar_debug
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZncRRwAAAFv0vQMg
.casalemedia.com/ Name: CMPS
Value: 4724
.heraldsun.com.au/ Name: _clsk
Value: gg9wyz%7C1719079239772%7C1%7C0%7Cv.clarity.ms%2Fcollect
.pinterest.com/ Name: ar_debug
Value: 1
.ct.pinterest.com/ Name: _pinterest_ct_ua
Value: "TWc9PSZBclMzY3kzWHhpZk02NFRpRFBNWnBMWExTd1NxaHFHVU5PZ2UybXBnT3l2bDRtb0pTUE0weWRxbE1UQitudU9yN0VSVGxvK3owV2RhNW01SDBRVm1jcTlMdVhPb25WTmcxekl2OVlZRG0vST0mdmFrU3RSbFF0SGFEY3QrejRFYi9nM1VPZ0ZVPQ=="
www.heraldsun.com.au/ Name: _lr_sampling_rate
Value: 100
.casalemedia.com/ Name: CMID
Value: ZncRR4sFVsIAACPBAWckggAA
.casalemedia.com/ Name: CMPRO
Value: 4724
.pubmatic.com/ Name: KADUSERCOOKIE
Value: A16E393F-6407-463B-962E-813DFBC6408F
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-3c11f741-f0ab-480c-9b29-71a07ca98de7&KRTB&22918-3c11f741-f0ab-480c-9b29-71a07ca98de7&KRTB&22926-3c11f741-f0ab-480c-9b29-71a07ca98de7&KRTB&23031-3c11f741-f0ab-480c-9b29-71a07ca98de7
.dpm.demdex.net/ Name: dpm
Value: 81064975311639868421758173671427053711
.heraldsun.com.au/ Name: _gcl_au
Value: 1.1.1514358757.1719079240
.heraldsun.com.au/ Name: __gads
Value: ID=a7a54c5a635f3eae:T=1719079239:RT=1719079239:S=ALNI_MaganH-hQZF7XZju2xc16sS4RZlEQ
.heraldsun.com.au/ Name: __gpi
Value: UID=00000e5d3219b784:T=1719079239:RT=1719079239:S=ALNI_MbmEfvc6fbpU1CAnPyiLUguzMoRLA
.heraldsun.com.au/ Name: __eoi
Value: ID=fb8da935045121d2:T=1719079239:RT=1719079239:S=AA-Afjb9Xsh1f2k7-_wg2iSIq2Cy
www.heraldsun.com.au/ Name: cbd
Value: 001001
.tapad.com/ Name: TapAd_TS
Value: 1719079239982
.tapad.com/ Name: TapAd_DID
Value: 568aef74-0a9d-4511-b74d-9d94cca32331
.kargo.com/ Name: ktcid
Value: 78550808-c207-0f28-5719-b38de7f75104
.heraldsun.com.au/ Name: s_nr30
Value: 1719079240184-New
.heraldsun.com.au/ Name: s_tslv
Value: 1719079240185
.heraldsun.com.au/ Name: s_inv
Value: 0
.heraldsun.com.au/ Name: s_ips
Value: 1200
.heraldsun.com.au/ Name: s_ppv
Value: hs%257Clocal%257Cindex%257Couter-east%2C16%2C16%2C1200%2C1%2C6
.heraldsun.com.au/ Name: s_ppn
Value: hs%7Clocal%7Cindex%7Couter-east
.ambientdsp.com/ Name: _aGeoIp
Value: AU-Sydney
.ambientdsp.com/ Name: _aUID
Value: 152qatrfzp87
.heraldsun.com.au/ Name: s_cc
Value: true
.heraldsun.com.au/ Name: AMCV_5FE61C8B533204850A490D4D%40AdobeOrg
Value: -637568504%7CMCIDTS%7C19897%7CMCMID%7C81089046183746668801760561004942051733%7CMCAAMLH-1719684040%7C7%7CMCAAMB-1719684040%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C-636710551%7CMCOPTOUT-1719086440s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19904%7CvVersion%7C5.1.1
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_1290
Value: 23368-152qatrfzp87
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: 2ea149073905ec2f9d4685456e37f1e2
.semasio.net/ Name: SEUNCY
Value: DE9F98EC9C76660B
.creativecdn.com/ Name: g
Value: xfAnCqX60DXP0qxRAUzs_1719079240183
.creativecdn.com/ Name: ts
Value: 1719079240
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESECOwTHzi1QGlkHtI0eHiEVc&KRTB&23025-CAESECOwTHzi1QGlkHtI0eHiEVc&KRTB&23386-CAESECOwTHzi1QGlkHtI0eHiEVc
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!4194
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z8~2j55
.simpli.fi/ Name: suid
Value: 072ED296478C4D6F929DD8276825024D
.yahoo.com/ Name: A3
Value: d=AQABBEgRd2YCEMC7Q1Pb6hqA1mI_5EJ7-yAFEgEBAQFieGaAZgAAAAAA_eMAAA&S=AQAAAiyIoyivxEbjx5ayBbDZHkQ
.mathtag.com/ Name: uuid
Value: b72e6677-1148-4900-af79-7ef524d8adbd
.adform.net/ Name: C
Value: 1
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsIxoOTpui7iT0QBRIWCgdydWJpY29uEgsI4JeKqui7iT0QBRIXCghwdWJtYXRpYxILCKjJ0KXou4k9EAUSFAoFdGFwYWQSCwjSs7So6LuJPRAFEhIKA2FhbRILCKjdkqzou4k9EAUYASABKAIyCwi-05XZ_ruJPRAFOAFaA2FhbWAC
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:072ED296478C4D6F929DD8276825024D&KRTB&23486-uid:072ED296478C4D6F929DD8276825024D&KRTB&23489-uid:072ED296478C4D6F929DD8276825024D&KRTB&23539-uid:072ED296478C4D6F929DD8276825024D
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:b72e6677-1148-4900-af79-7ef524d8adbd
.adform.net/ Name: uid
Value: 3693845104559126511
.sharethrough.com/ Name: stx_user_id
Value: 5c0e3312-2bfb-4b5f-b608-5ba773a8aefd
.zemanta.com/ Name: zuid
Value: MZ-BreqAj3jAu-3wlvHo
.socdm.com/ Name: SOC
Value: ZncRSMCo8XwAAFFDuJsAAAAA
.bidr.io/ Name: bito
Value: AAL4YU7M7iMAABUjFFKWWw
.bidr.io/ Name: bitoIsSecure
Value: ok
.eyeota.net/ Name: mako_uid
Value: 190411b8533-51c90000010d42b0
.eyeota.net/ Name: SERVERID
Value: 17072~DM
.heraldsun.com.au/ Name: nc_aam_segs
Value: asgmnt%3D16675898
.heraldsun.com.au/ Name: aam_uuid
Value: 81064975311639868421758173671427053711
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-8155666027573145430&KRTB&23150-8155666027573145430&KRTB&23527-8155666027573145430
.turn.com/ Name: uid
Value: 3473479228227506333
.lijit.com/ Name: ljt_reader
Value: I3r4AQZHobyc2bEJR7ONE83L
.bluekai.com/ Name: bku
Value: pSL99WAH5tjAJzT7
.bluekai.com/ Name: bkpa
Value: KJy9CxObd02pSUHknpxpmEQhwtkAwEQh1eR6mEzN1pWhBM18meRTBe/hBpDT1EzpBMzhBe/l1eDpBpWhJ7Jkjsk0wVC65cOpJEBOJEJsJEJsjcO+nZHkqVHkKY8rjUxk1AjoR71k16aAzskAJEBW1E161eAtJE/tjcON5VkAJEBWJE/6U6JnUNPPuDxe9e30Jn9=
.lijit.com/ Name: _ljtrtb_80
Value: LXQFE3SW-E-3MQN
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMI9OGG4eJz5G2svGr/qdDoV4nx3CK2C5DBkim3dkpXs6Py0CWNKbNS1tT8h2DZUn+pumcZlz7yr2AsEy1bQpUAe/CJdOGVheLg=
.id5-sync.com/ Name: id5
Value: 6ef4cf99-77ef-7b97-844a-dce394feac2d#1719079240226#3
.id5-sync.com/ Name: 3pi
Value:
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 22978-ZncRRwAAAFv0vQMg&KRTB&23194-ZncRRwAAAFv0vQMg&KRTB&23244-ZncRRwAAAFv0vQMg
.heraldsun.com.au/ Name: kndctr_5FE61C8B533204850A490D4D_AdobeOrg_identity
Value: CiY4MTA4OTA0NjE4Mzc0NjY2ODgwMTc2MDU2MTAwNDk0MjA1MTczM1IQCKSR7oiEMhgBKgNWQTYwA_ABpJHuiIQy
.heraldsun.com.au/ Name: kndctr_5FE61C8B533204850A490D4D_AdobeOrg_cluster
Value: va6
.demdex.net/ Name: dextp
Value: 358-1-1719079240180|470-1-1719079240281|481-1-1719079240382|771-1-1719079240482|903-1-1719079240583|19566-1-1719079240684|23728-1-1719079240785|30432-1-1719079240886|30064-1-1719079240987|66757-1-1719079241088|134096-1-1719079241188|144230-1-1719079241289|144231-1-1719079241389|144232-1-1719079241501|144233-1-1719079241604|144234-1-1719079241705|144235-1-1719079241810|144236-1-1719079241911|144237-1-1719079242015|147592-1-1719079242116|461447-1-1719079242217
.heraldsun.com.au/ Name: s_tp
Value: 7604
www.heraldsun.com.au/ Name: mdLogger
Value: false
www.heraldsun.com.au/ Name: kampyle_userid
Value: 99c9-503f-106a-0671-aa3d-5e71-2f2a-aeb3
www.heraldsun.com.au/ Name: kampyleUserSession
Value: 1719079242680
www.heraldsun.com.au/ Name: kampyleUserSessionsCount
Value: 1
www.heraldsun.com.au/ Name: kampyleSessionPageCounter
Value: 1
www.heraldsun.com.au/ Name: kampyleUserPercentile
Value: 56.38540650631292
.pubmatic.com/ Name: DPSync3
Value: 1719100800%3A248%7C1720224000%3A197_201_245_226%7C1719619200%3A164
.bidswitch.net/ Name: tuuid
Value: afd775e9-df6b-4b71-ba30-c3f20b5f393d
.bidswitch.net/ Name: c
Value: 1719079242
.bidswitch.net/ Name: tuuid_lu
Value: 1719079242
.pubmatic.com/ Name: pi
Value: 156011:4
.ctnsnet.com/ Name: cid_f20315e283f44f01ac34282f29f66b0c
Value: 1
.ctnsnet.com/ Name: cid_3a06b7e6ad6844329401daf7b132ea74
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-3693845104559126511&KRTB&23263-3693845104559126511&KRTB&23481-3693845104559126511
.pubmatic.com/ Name: KRTBCOOKIE_1159
Value: 23138-f20315e283f44f01ac34282f29f66b0c&KRTB&23427-f20315e283f44f01ac34282f29f66b0c&KRTB&23445-f20315e283f44f01ac34282f29f66b0c
.pubmatic.com/ Name: KRTBCOOKIE_632
Value: 23041-DZE4CCclNht9BV4-xUF5qMgXgdtWJeeH5jSDmhh12SM&KRTB&23047-DZE4CCclNht9BV4-xUF5qMgXgdtWJeeH5jSDmhh12SM&KRTB&23234-DZE4CCclNht9BV4-xUF5qMgXgdtWJeeH5jSDmhh12SM&KRTB&23361-DZE4CCclNht9BV4-xUF5qMgXgdtWJeeH5jSDmhh12SM
.rlcdn.com/ Name: rlas3
Value: m15KPUJ23fCz9dXP2yvyr+p0pc5rpCcEPJwNG549Pnc=
.rlcdn.com/ Name: pxrc
Value: CMui3LMGEgUI6AcQABIFCOhHEAA=
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 0B711CBE08FE6A912E480818096E6B90
.criteo.com/ Name: uid
Value: 85fe1df7-33f5-48bd-9775-db86762ff2cc
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.heraldsun.com.au/ Name: cto_bundle
Value: RIqAQV90eVM1R0lwUURGUExGQ0xFOUpTSU9ZbzdEMGIxMzNuZEkwSW44QWY5NTclMkZ4VXFxMW9xJTJGUXNTZnprcW1sT2gzR1dtRDN6Rk9NNVR5aURXc0Jlak9rcDcwdURhUXpoWURJSjRlYlpSMzF2TWQlMkZKQURCYVdHVnY1UVRKUTc5JTJCb21yNyUyQk9yRW1rNFh1TGpqVyUyRnB4bWk3T01kZm04JTJGbERyZHdIR09MS3dXcGt4MCUzRA
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 0B711CBE08FE6A912E480818096E6B90
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.quantserve.com/ Name: d
Value: EP8BCwGTLPijAA
.quantserve.com/ Name: mc
Value: 6677114b-51962-eea20-6a330
.pippio.com/ Name: did
Value: uzioFdRqRoBp8MiK
.pippio.com/ Name: didts
Value: 1719079243
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CAA=
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 19420-thl39rEedKOtGnH4th1tpOVOcvGtGSHysx_ikntr&KRTB&22979-thl39rEedKOtGnH4th1tpOVOcvGtGSHysx_ikntr&KRTB&23462-thl39rEedKOtGnH4th1tpOVOcvGtGSHysx_ikntr
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-ce3f5fd1-a381-553e-7201-11f5c9df6f60.UtomOk8G4UAXJZ1VCpYn9vrdEOr90WMMwkKhCALt9BU
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-ce3f5fd1-a381-553e-7201-11f5c9df6f60.UtomOk8G4UAXJZ1VCpYn9vrdEOr90WMMwkKhCALt9BU
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Azj9f0aOBVT5yARH1yd9vYELLcKI.pE2h3XUqYpD7iUCyGOfOkquyPwmQpY%2BpdehsjbOPYxI
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Azj9f0aOBVT5yARH1yd9vYELLcKI.pE2h3XUqYpD7iUCyGOfOkquyPwmQpY%2BpdehsjbOPYxI
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKINQg467dMy_ak8tHN7qd7eoUVdzBS2FT1D2FgFpZzMrGEGcYBCDLotyzBjABOgTwTC9rQgQdZrQ7.rzejWg8E%2FD6ZlPAD0W%2B%2BZsTh3li%2FwDD0NNXp8b50lTQ
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKINQg467dMy_ak8tHN7qd7eoUVdzBS2FT1D2FgFpZzMrGEGcYBCDLotyzBjABOgTwTC9rQgQdZrQ7.rzejWg8E%2FD6ZlPAD0W%2B%2BZsTh3li%2FwDD0NNXp8b50lTQ
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-zj9f0aOBVT5yARH1yd9vYELLcKI&KRTB&23334-zj9f0aOBVT5yARH1yd9vYELLcKI&KRTB&23417-zj9f0aOBVT5yARH1yd9vYELLcKI&KRTB&23426-zj9f0aOBVT5yARH1yd9vYELLcKI
.adx.opera.com/ Name: UID
Value: OPU2cf30c7174ba43fe80d2da95c840586a
.adgrx.com/ Name: ADGRX_UID
Value: 581ee8f4-30c1-11ef-a113-d7667b5594ca
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPU2cf30c7174ba43fe80d2da95c840586a&KRTB&23485-OPU2cf30c7174ba43fe80d2da95c840586a&KRTB&23524-OPU2cf30c7174ba43fe80d2da95c840586a&KRTB&23575-OPU2cf30c7174ba43fe80d2da95c840586a
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
pool.admedo.com/ Name: tuuid
Value: c3147c4d-1809-40f3-82e4-eac5cb1ca86b
pool.admedo.com/ Name: c
Value: 1719079243
pool.admedo.com/ Name: tuuid_lu
Value: 1719079243
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-581ee8f4-30c1-11ef-a113-d7667b5594ca&KRTB&23275-581ee8f4-30c1-11ef-a113-d7667b5594ca
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 23554-6RNDp0FtDyWpbVSYSxF3Zg&KRTB&23557-6RNDp0FtDyWpbVSYSxF3Zg&KRTB&23586-6RNDp0FtDyWpbVSYSxF3Zg
.dotomi.com/ Name: DotomiTest
Value: 660cafccd8ee1edf
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AQAKVOM0liJuNwJT0rQ0AQEBAQEBAQCRQBqQnwEBAJFAGpCf&KRTB&22715-AQAKVOM0liJuNwJT0rQ0AQEBAQEBAQCRQBqQnwEBAJFAGpCf&KRTB&23519-AQAKVOM0liJuNwJT0rQ0AQEBAQEBAQCRQBqQnwEBAJFAGpCf
.pubmatic.com/ Name: SPugT
Value: 1719079244
.heraldsun.com.au/ Name: _v__chartbeat3
Value: Q64FoCf1y8DTPB4y
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
.pubmatic.com/ Name: SyncRTB3
Value: 1720224000%3A231_3_21_7_264_96_176_179_233_107_99_71_209_165_13_220_238_5_247_22_266_214_254_8_56_54_234%7C1719619200%3A15_2_223%7C1719878400%3A63%7C1720310400%3A35
.tribalfusion.com/ Name: ANON_ID
Value: amntuJy4ZawFBA9MAIAno8SuBErUBMD65BfEIMKSmiE1DfNjyrtEFOjVtPixyZcTaTnoshZbKchfB1pOESdhkZcPZdgfl
.w55c.net/ Name: wfivefivec
Value: N4H1A6Sw1Sl52C5
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-OPTOUT&KRTB&17107-OPTOUT
.pubmatic.com/ Name: PugT
Value: 1719079245
.w55c.net/ Name: matchpubmatic
Value: 5
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:N4H1A6Sw1Sl52C5&KRTB&23421-uid:N4H1A6Sw1Sl52C5
.csync.loopme.me/ Name: viewer_token
Value: 5ca39234-78e2-4ceb-be71-6116fcc9227a

5 Console Messages

Source Level URL
Text
security error
Message:
[Report Only] Refused to frame 'https://login.newscorpaustralia.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=511134399154.9879?
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=511134399154.9879?(Line 145)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=511134399154.9879?(Line 145)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://www.heraldsun.com.au/leader/outer-east
Message:
The resource https://massets.bonzai.co/c2/jd/desktop_truskinwww.heraldsun.com.au.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8228261.fls.doubleclick.net
8c4bca762e9251116806171d7fbf4fe1.safeframe.googlesyndication.com
a.teads.tv
a20352597942.cdn.optimizely.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ads.playground.xyz
ads.pubmatic.com
alb.reddit.com
analytics.twitter.com
api.rlcdn.com
assets.vidora.com
ats-wrapper.privacymanager.io
au-script.dotmetrics.net
au.audience.newscgp.com
au.pixel.newscgp.com
au.tags.newscgp.com
bat.bing.com
bedsberry.com
bid.g.doubleclick.net
bidder.criteo.com
bs.serving-sys.com
c.amazon-adsystem.com
c.bing.com
c.clarity.ms
c0.eu-3-id5-sync.com
c0.eu-4-id5-sync.com
c1.eu-3-id5-sync.com
c1.eu-4-id5-sync.com
c2.eu-3-id5-sync.com
c2.eu-4-id5-sync.com
c3.eu-3-id5-sync.com
c3.eu-4-id5-sync.com
c4.eu-3-id5-sync.com
c4.eu-4-id5-sync.com
c5.eu-3-id5-sync.com
c5.eu-4-id5-sync.com
c6.eu-3-id5-sync.com
c6.eu-4-id5-sync.com
c7.eu-3-id5-sync.com
c7.eu-4-id5-sync.com
cdn-gl.imrworldwide.com
cdn.adsafeprotected.com
cdn.brandmetrics.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.optimizely.com
cdn.speedcurve.com
cdn1.adoberesources.net
check.analytics.rlcdn.com
client.api.news
cm.everesttech.net
collector.bonzai.co
config.aps.amazon-adsystem.com
connect.facebook.net
content.api.news
creativecdn.com
ct.pinterest.com
dcollector.bonzai.co
dpm.demdex.net
dt.adsafeprotected.com
edge.adobedc.net
eus.rubiconproject.com
fastlane.rubiconproject.com
g2.gumgum.com
geo.privacymanager.io
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
insight.adsrvr.org
invoke.bonzai.co
js-sec.indexww.com
js.adsrvr.org
lb.eu-1-id5-sync.com
lm.serving-sys.com
login.newscorpaustralia.com
logx.optimizely.com
massets.bonzai.co
match.adsrvr.org
metrics.heraldsun.com.au
mhr.talk.news.com.au
ncg.tags.news.com.au
nebula-cdn.kampyle.com
news-networkeditorial.s3-ap-southeast-2.amazonaws.com
news.google.com
newscorpau.demdex.net
newscorpau.sc.omtrdc.net
pagead2.googlesyndication.com
ping.chartbeat.net
pixel-config.reddit.com
pixel.adsafeprotected.com
pixel.mediaiqdigital.com
pixel.zprk.io
px.ads.linkedin.com
px.moatads.com
resourcesssl.newscdn.com.au
rm-script.dotmetrics.net
s.amazon-adsystem.com
s.bzcdn.co
s.pinimg.com
s0.2mdn.net
script.crazyegg.com
secure-ds.serving-sys.com
secure-sdk.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
snap.licdn.com
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
subscriptions.heraldsun.com.au
t.co
tags.news.com.au
tags.tiqcdn.com
topics.authorizedvault.com
tpc.googlesyndication.com
udc-neb.kampyle.com
usersync.gumgum.com
v.clarity.ms
widget-pixels.outbrain.com
widgets.outbrain.com
www.clarity.ms
www.facebook.com
www.google.com
www.google.com.au
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.heraldsun.com.au
www.knoxleader.com.au
www.redditstatic.com
z.moatads.com
collector.bonzai.co
content.api.news
dt.adsafeprotected.com
lb.eu-1-id5-sync.com
login.newscorpaustralia.com
pagead2.googlesyndication.com
www.google.com
103.43.90.179
104.18.24.111
104.19.148.8
104.244.42.131
104.99.59.34
108.158.14.99
108.158.20.73
108.158.20.97
108.158.21.125
108.158.32.100
108.158.32.127
108.158.32.26
108.158.32.28
108.158.32.72
108.158.35.170
117.18.232.195
13.107.246.31
13.107.42.14
13.215.133.30
13.239.71.82
13.35.147.66
141.95.33.120
142.250.204.1
142.250.204.6
142.250.204.8
142.250.66.194
142.250.66.206
142.250.66.226
142.250.71.65
142.250.71.67
142.250.76.102
142.250.76.98
142.251.221.66
142.251.221.70
143.244.62.6
151.101.1.108
151.101.129.140
151.101.130.217
151.101.193.140
151.101.28.157
151.101.65.140
151.101.65.175
151.101.65.229
157.240.8.23
157.240.8.35
162.19.138.119
165.69.249.4
172.217.167.100
172.217.167.66
172.64.149.180
172.64.151.101
172.67.38.106
172.67.69.191
18.155.192.52
18.214.152.138
18.244.214.42
18.65.244.42
18.65.244.78
18.65.244.94
18.65.248.189
18.67.175.108
18.67.93.116
18.67.93.29
18.67.93.52
18.67.93.53
182.161.73.129
182.161.73.136
182.161.73.145
185.184.8.90
20.114.189.135
204.79.197.237
207.65.33.78
23.202.168.183
23.202.168.218
23.202.168.24
23.202.168.6
23.202.169.3
23.202.169.80
23.202.169.82
23.202.170.204
23.202.170.229
23.202.170.44
23.202.170.74
23.221.20.194
23.48.96.232
3.1.236.181
3.105.186.250
3.105.193.112
3.219.253.44
3.25.27.9
3.77.62.68
3.94.71.247
34.102.253.54
34.149.26.226
34.194.73.13
34.49.241.189
35.241.45.82
35.71.131.137
51.75.88.178
51.75.88.190
51.75.89.127
51.75.89.188
51.75.92.187
51.75.92.250
51.75.92.37
51.75.93.98
51.75.95.152
52.231.230.148
52.46.128.147
52.76.196.116
52.95.129.122
54.169.185.174
54.169.230.26
54.174.127.4
63.140.39.117
63.140.39.130
63.140.39.248
69.173.158.65
74.125.24.156
00532d00ca338495060a9ed85b8ae63e8fb96dcca402c76b82a9ec05366cc01c
0061754f19243844ed8ede72b4150a852ddd8accbf33f905662ece0d4f4f168c
01714f3ed03025b847151d23307d073adb01b9753030bf9081ceb0f006276d50
017ed3a3015deeaaeadc08a4d8dcde59e102fb6838ab0df6b89ff4aee77ec196
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
021b7fd0e5a9e5eedd0b4ba14bb5888fcc74c32282456676a31d80b2bd0b8b22
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
035675399800e3ae1f674fa492c731a97d18c40358fd47ccee65ffe31d5b3455
0391712fd65f73f0612120aace259e117e49499d59ca8249ec8aeb313f12b716
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
073d99e2dfc572a8f40b011f5b99d8065e5a63b28ff344f1bfbadd40223d3f21
0d2958bf681f9132b5e41b0e2e09408c043e8c135240bb94ddddf699e8b539cd
0e53454a6a3599c9e3c46ed4eb2132a19bd03b72d6be5282a2d4fb093249751f
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030
0ec7a098b21e2eed1af069df21bc8338486ac5a110f377766e0ed4aafa95ae0c
0f3d3de29efe7b0bdefe3544c804f55226718d227256bfb31f8c052d62c0b9bf
11a0269f73c210d9f0b452d4ac2c3e5c5c2dbc643c6a1858118c5bf204e3f97e
126f63e28c1510f168d1b6860230a8c09fdb973dfef391171d3fd7ec8e614fda
13b551721642a807ddde89b108759c65f676cb22c95d3e07e79e9f853c004f34
17882276150f09461415088bd161e0242ce0327673dc9233e11bf1f7cbe28762
18adb42d8090a13c0c22990962d0e5a2b4166c8d58550abf3e7130ac85205c7d
18c54fdefb6751daf143fd6c63b4f2153f2df222eda828a5ec2f10ab8c410f59
19414408923a4e6661887770667450797f70a55b378bbc2f24c4be6c99f7ff95
1a47ead49140e73c028c919046ded88bfc28ba6df562b021eab8cf78917270fd
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971
1f8f56e666725ca5b77858cecf753aaa846da7ed8cd76435dc4010bcbf8b5d65
22ecd1f215d5f0de2519192fc103cd507c676366ac23924cf9bd7d1252477670
23cc7d08b970adbf51b1c9676f85738c7e3cb015b514f807158347f5b51e5ebd
24f376aa0e71af1f39162dbcbe514f7327b57f0fa2f49dcab7a7a570a4ba60bf
258bef069d94720184bd38d532c14db4a65115e7b1af1ef036c45330580719e5
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27074e6240ca22f6d5a7cc51ee8cd8a0f091080ca80e6a1bea1c624e1cb40341
2761a6698395fb13fd3785c16dd380ec5d618de2abcc28eeaffe090b46a51fc4
27b65c06fcf400e92c162ef2a8497cc573468ed0904d1a4c92119344c9997313
2935e77ba4a31d658633687964df779e6a6acd911252186240c22eafeba8bc36
29a87db3f1d7967d183df115a6a9c96b89665cfd8c142f35946b93d13ee30246
2a87d4a1a57b451f38f414bf07b4133c45b9f2cfaaa51a84459db56bf63bffae
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2c5660f641ca8b2a795f976360ed032a7226aa4aee2ac8cad40723938f824790
2e5ae2206d0d20bab9706afc6abf0e2e8b85b5a2661d6c58bca7756accc3bd5a
31a99710be2b5535462523388150dd1b6c0a9fb21dc918e09f7047942efa7d40
331eea02700a60142c405b554de57beda94ef4055cda42f09b6d72c16720c4f2
3382e9b566f20f8fd9bb2848ddc7fa62d1a84f0acc82ae1c1d8ba545083269ce
33a858d8d6a87bf8221230d1c629f77b63830e08e02159a4684e19ec4a94f6e5
356322604fbc9c9013286da1789adb77aed4b56febcdb8742e4cc9d7e7e275c0
35f4108ae4ee8a216ba179119f2d4dc2b020947c23a5455cf90472f2f40432f5
364e39d99dfeb63e27a5361e117d335031b5c50ac54e8298f42f6cfde929552a
3736174bd93368317845a36471f58335f9d5cc7650d6655f8b4c6a97b8b61d61
37aecf271104d82b08a37f728d1fa944186e171022182474646e138a9f497816
3ccff908ec46787430c5320de8d33089bc88edb634a5b769e2d6fd3fe4916bb5
3d239318f5ae741505d6c4f3a5af36d3dfd38e0bc792a46430af382b0c0f029f
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ed27a757d8722de804e7d1eeb03c104d6e30d4e0e9646fbffce003866f8b94b
3f39d5c348e5b79d06e842c114e6cc571583bbf44e4b0ebfda1a01ec05745d43
3f8608cc5e6106316da165ef5db6c8faeb20a5275c65481d832b87ba1b6cb1ed
4177211ae6a76aaf0d782dbf3eb19d46bd1af28fee17a5ce688caecc062072fc
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44e414287a54d03da7c4799f09955eabad87654d2392974a7f396d0d65325c08
45b153799eb787b9caa787af34c9c908c8d35e2a7aa791df44a3471aff55a47b
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9
47866b8d2915779096be19131efecce0297c2a0c37f581c4e6ee187b13ebb8ea
49b59ff5d1d0d95a2fe715ee59642d2497d4336c89d09378f5834a31dd982b37
49e9cfbdb05da39825185826f751b72504d3fc8e27395b817c815aa0d3c0083d
4ad68c8b729e22717f327f8d8a5465366772f15b18a479115b0e71a450f790bd
4c2e03d0e2d3f21d25a50ac39491f5124a03d778da219ccb65801c522201a370
4c2f5cd0422450482b4fb5d3db0e7e9e4aff59e97e1b2a2067787db9114022e3
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4d5c96576576b23f4b0283ddebc1db70a08d0db936de0257589431ad81e954a2
4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce
51106a0fd4a78fe6895f3b0ce981574db437e75827b5da2ef6c2e003c0fe685a
54643154b0dc318f58cc2b4703dec5732ede406a4573e2fcb31abb2a387dd5b4
54c52f631c5934d45b061a2923b0cd195d55507bba8c064aec5a619a6110f52e
552606b059b9ce152808b2d5e18a34ca9cbca8ee769aeba9301cc77c5072d641
559aead08264d5795d3909718cdd05abd49572e84fe55590eef31a88a08fdffd
57089380c612ffe4aa8f0b17c7b11166ab1b85d88806520d6dd56fc2f0cf291d
586a0247aa4df4b84c9fd3ef7f408a0a560d42cb2276ab38a35cd49fe959801a
5a19086382425f58019956ce628a50bc42ee510ded15179dc00fd5d99478fc11
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
5e505a4a1902bb022a5057e7b68df700a11c5f29ea579a431aa23b6e3f17f0e8
5e75e655fc9163baefbb62bd90fbdf915510d7b3329d692b362d39c2b19b6093
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5ffaa38b1eb97aa761378ac0ab66b43d92aa9a5706b465e5dc99ae2007b440ec
61394c221efbec7de2cb8f578511ae888b85c92b4de6ef650e0a994e858edf20
61507cdab5a0804a59e5dcd7b66ad959e74328f568cd8e04ef1986eba5a14902
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64103c9e658f8e56f943e877ab995afec836bae86f75f05c986eb38f806593b3
65d0ee95aa02438b70f870b09db5d41c4ce2b7faa5e9af574cd30b552773f986
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9
67b9635b38d68a49ad3296f4157106c75441565293192bf1bd251dac723dc72f
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf
695427dd1c627f38f177c2c15c74185f2130a6cb8390d86560714a6e31fa07bc
6a65eace2559ec202c492352c43458f34f2aef234377022205d0c6f83526b0f3
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6b23c0d5f35d1b11f9b683f0b0a617355deb11277d91ae091d399c655b87940d
6c3c03076ad818221def01363b401daf30656eb7e32179843f4d8653c01f227d
6d5e34467a6d401ae3532c2d2ab29a44ca4deb174d59d0fdf9ae91541f80567f
6fb048b529862aa820b01dc3d122f0de2a3b145b79bc6eb281d4bdf96fd27141
74ee962f2cc00beb2f14ca673a94d19a5cc4982deaba4c5773d287172a488302
758401fc1325218e9ba871e8899b74b2cbf4b3c109099b2f3ec1b35ee6dcf189
7599c46da6981cb8cdc36a0eceae82661ac3bfeb55c1cccb2445eabeff8b9e53
75cfff2f889e56a283381fe76a99ce4c4266d0853d60a72a28fe73704cfa5800
7811b1a9863b6c85b3aecb0bed54bd852ea6455e72cbd7db1b5435fcd1dc460b
789cef1d152ee1d8dc3c3234738490db2fac14775dda9d5bea9988f93b891878
78e48c662aca86e80ff17fe9783e2efd6806a47419ade2e80469ebe7f32cf7f5
7902699be42c8a8e46fbbb4501726517e86b22c56a189f7625a6da49081b2451
7b152261e1c57453fc67ef715778608859c6c09a2a50affc25d99e0bb0742380
7c61d3cd5f1d1a0da72baa1d689daf48efcab2d735d0644e8d569bab2347233e
7cfd22d1b534c60d556df0cd25ed8bb26ac967b62c44d03a33f70fbb3e80b166
7edf60ffc2c899e99085f8a6d1f1734e7b039f63cbc45db115177a4d79b63a61
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
81a00b1621a7d0e8d61753424a0d60b13bd66c5e43c5fdabe9e41912097abf43
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84fd7e843252d85427bcdfda13e2a3adc9345d1ef378532c1db85eb6a8ee4db2
875e2dbb46ed3ac5de6ffb948be3670674574c75bf0c963ad68edb8832f06d44
8889e713fb02218efc4b6bbfb619a4285db459243e8cb82167fe47b4753e0257
88c21e8752f97350e83ffe0610ab69e7d9aeb87b2507db99cc9ecb8419ee6ddf
89417b7e7e602e0e469946d8971f4a48d69e6511d2755b5933d95260f9771529
89b0b3f3ff210a3f74e23c972eb9e702fe969dd53ef3082e39af55000d7f964f
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8bf092972215c021e0646f00b32e7dc936d42bd9d4513d460c7c122fc6924284
8cc560d86a801a19e4c59e07b7988df6835c06e7b2708fb1e96b984b775d25b9
8f92f9cb1a5ec54c42398b05555be2920e647a348da21b20f453df8f650a5a67
90261fd791d03b4ded9cdaca7a48e1e47df8ba6fd2145299070e6c03f61f55f4
9390e0bd210ec383a4f0f0fda09113612b26b68580d93d24c3473122b350caf2
93fc7be37b0e024c26ba8c6a61c53775013e93d85b384a2356115146b6a37f67
942a9ba1fe78b402e8b52b83058dbbabde8db6b4d1debf960d6d5afe5192db52
94ccf9b12044666534ed3c190b46629b5b21e03d948f9663e9d7fe7b0b92f6ec
94f88ed2b636a66000b1a1f2480244e4641529f9e4303dd6497941d22dc525c8
95252cdc8b9d80ea5522ccb5fe532bee6582a8546304f12e04da3c57eb13af60
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
995bfdc3e828bb7e8fb8d12d0726a6564a6189fbb33938eab3a2aa1badd0e5e8
99740307ed5cfa3bfd0c6d068d455e4c76d3328c7262599434f41754fd6165c7
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c68b2aacc269439681b9a0d2624d2473595c07e5a2500f191b9517f6a2aac24
9d1f5f10251473408b36b13fd07ba0785e50a37835c5f1c94ebf9b64729c3c1a
9eaf90e659bcc9d1601ec7efab451b80efb2ba9c7d80d13f31ee63bbdf63bcf4
9efe4da49ff47e7c3c7b1cf8e5adbafe5fcf002c65dfe27d4321a79c9f6f1b56
9f483078c90dbea0366d1be1fc3f69897e892b585f9ead431c07995c7f6d6ad8
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1685107a06548dbd7623b6ebb6a7550715582e15583ad9c02efb8ae1e378dc6
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a5826e1fb3d64cb71a6365b8083d2ed04d8f4787336c8fa4f53c07469be84a82
a5e7c34aec0e889999b403e3564af3fb42ccfcfd456c53188cc55f6aa4a45c39
a87eb841c49cd41d211959d4f39954e4f4ade1a6918c31def10c2268d86fe7b0
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
a9f51566bd6705f7ea6ad54bb9deb449f795582d6529a0e22207b8981233ec58
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aaab512678133fbf81f6a2965984e651bce4e4b28c43625e8fbebaf2bbf62a86
abacf250d50fb0fcb7d95bf85146ce5ef54ac8954c2a0a0f1810339bbab63f00
ac42cf20760d5b0f71be7a0391c76020002aa1dcfc75bae782360bf2761db29f
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5
adfb5ae2c0f62d3a5b035d61ab7bfc8213a8a2da65d0cb8505be548957195458
aeefdb59a530585244dd2afbbaec040f62d5e5de3789294c478c2d6e9bb647ea
af1ad7576a229075bd9d98c276e7e0506ef7e7fe063771ec2c4a6e126f6b1797
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b53acde6ee5936604a574611a278809d3217e40da07239621646232c90de706d
b693ff17985bc54be8d357b5ac2ddc78e06c64df046d38aadad3d9bee7ec2439
b8464dcb7e2e01bf45bea28cd900120b54874408b41a83ccd573931cae12fac8
bc353d5f2bd23f85503b65e78790c88810351709d9e80c82559cec22ae460398
bf503a23e4e0eba3b3bf84282a360bf0c1664232cffb781aae272e8e77f2c63d
c34a591607f8416f5c97bfafc5f18d15868de7b201bc575f28a8aa483210132b
c399b7bdfe397ba580791d798d7e570fc6a4fe438105d0a8401348d15c085c90
c4317b85ce58155bd79c593334b5d1b79f6b23664a529820db132d5e695497fb
c5479429cf03c62393df0e79e6ad5f626153798b7339ff83af1a1a8495824f2e
c6e21fbff981fbf42e4461b47d5aae7d7fe029f6b5635a8057da4fe71b53a1cd
c7af010c2b83ac5659c8756eb83f6e2ee70bcff49f6c5cdb676883e33ec879c7
c7f9261566de1c9e35469441d0d5fad75180ce66a37cd7a02ac3a607b89f257b
ca2bb4adf6785222084c9f5389ff48014df44c1422ab6da0f21c2fbac3f1de34
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca40f6cbbf38d34bcdbd7727249fd016b7bc8aac6e117adcb82d3792e76f9860
ca57f9be9ac3f1773fd7124d2f8a714d5da594ccd7f7619a18f9e2260d60f03f
cb22ac2eb64428554e29d75e579378d09510484bc9c7d91902596945cbae538f
cb93dbbcd184de53a80ef373c6f565601b15b1cbb59a87e61b2633b3b373a1c2
cb9f9571cacb0007e70d914cc7c6e151b637adc3c29ac406420030bb2fb0a210
cccaedb13f2aa38970538b043bfd16b0fa24e6a6a386833059595fd0a408e105
cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202
cde7739645c43a15add992b842ad5f092005d0f8b5d2272e4de839114aedc894
ce13d5d11a2c8a21612d2eae7a1732f20ca5a38daf0be8af6aaeef64e07d75e4
ce9ed20b25b23b0b635f8ec6a6745662a5fddd444ce19886e4762c26a3a3aea9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d1b1e45484b0508ebff571852b5bb7ecd6a19d496131f8702ab3e6408da63592
d34690509ba18bff561f4b93e18d84fe930c5aba8cfea8cb53cf5311b07923fd
d3fef0dd4e13de28612152d4f378c223a3855b1e55d13013fb6db028e5ac95d8
d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35
d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2
d66b1c8cdd2c10175167c9e567530e99178b6a0d913ece33cdf184e7bb94bb9e
d98cc6e770bf9c71b8758a040222960e918adb20cc1f71f2296ae4f70256d510
d9f5945e80f23ab8addc1908230c8aa3ffabffd8aaa4827fa91afa5785a64169
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0
dadc6ca0e3869997ce4d2f4f0870391b922900baad7ad28398e6b7eae5131f33
dae0c648fcc7058056917eea46f03a7bfc31125134a87b066797f649c2ae5dac
db66bcc0be3d8c0ebef24695348e506fc4e08e1da99455465f097bd34f9a7424
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b9a4d34a563158069f54e72a34585d7a2a25f753b9b30220d429d2bc8624b8
e4d91306b7a0d556e8333a647a2069cdfaa281567fc9919b804e6678f78e4a7d
e62d4215000c609cb37a09aee086661e70b0726223049384ea35b159970578ac
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596
e745fd04b3660338e575422753f485d606dc732ef86fd366601483f65ab97744
e75c17ffe0601df51d177a986651e002410b4de78b2f14ac88f7f2e0cd81c220
e7f2e652e3bb49d2bf387a7967a031d21dbc1e1512bfbca90d0577af65292c96
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683
e8416f0a3c819cb3f382ba003986fbdb59f453a2e2d89c7e5215d1badaee637c
e8578396b1b92c9c86641ef39b7ee6f7c675d2f6fd2127cb3a1d7b518aa7eb6d
e93a01db6e00b75aa75701b2981a4bac3aee9e166bf25ca0c3125087c4fb14c6
e9632017fc5e1d005631debbcc1b45afcd01834266a49cf8f22bce3140555249
ec6f6c224861139b1b2bef82a122478b9b56082eeb485d7558113bb8624a8fc6
ee82d6ed020210bbdfd5f7b56201bc3e8e07e42cc5bc357a06b3fc37a35945e3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2d127de37b942baad06145e54b0c619a1f22327b2ebbcfbec78f5564afe39d
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f02596f4c2790583794bff119ca9bf6a1ba579ca4479f0721b742aba4bbf8273
f0af53a1ec82b356c4ce2c4c5445d2549cd8a828ba7161df04ed2270d4ede463
f1e0a4f3d202b8b9b6404c93af0b9d2bb0ff769a8dcac6f15cfe8c4ae7495461
f37029cd1328cc940ac5b59fd0b6757d86deadfc703b7e086ad4d9adfd9bde99
f4d1e641d47b4af1b6cb7936c59626f4dbab3933473009b447406034c34facb5
f52d7d932f200d7684a36f57e1b6ca147cfc0f8d4bb366d8b5e60879cf35c63b
f5647c47fb1b581202f34328775140b59a860d678f541caf98adf2e3d48900f2
f7560f0d976a76740f76c0a8dd3483820ca48331df9b902c6acf39b6230bafd2
f7f52a081c58a6959f3097f6d22dd94771cf7d1addc6291b5a190f162c16b3b4
fdba8926b943ef611fc6efc98f34bf6b946006bca29a6ca711c03f94e9b770ba