urlscan.io logo urlscan.io
SecurityTrails logo

www.heraldsun.com.au Open in urlscan Pro
2.18.233.28  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://url4195.isentia.com/ss/c/_067YoyZ04BmDh2Q53dPZzcr6GGb_BdM2fKnQeXCBn2TDQFSQVujHtedB9mbxTE67SETOl7h0KNyXyHyTh1EAv7ZDxZ...
Effective URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae8184...
Submission: On October 27 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 101 IPs in 9 countries across 70 domains to perform 508 HTTP transactions. The main IP is 2.18.233.28, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.heraldsun.com.au. The Cisco Umbrella rank of the primary domain is 301614.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 7th 2022. Valid for: a year.
This is the only time www.heraldsun.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.118.52 11377 (SENDGRID)
1 54.153.213.250 16509 (AMAZON-02)
1 19 104.75.88.206 16625 (AKAMAI-AS)
4 71 2.18.233.28 16625 (AKAMAI-AS)
1 11 2.18.233.169 16625 (AKAMAI-AS)
1 151.101.2.217 54113 (FASTLY)
1 3.5.164.175 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
15 151.101.129.44 54113 (FASTLY)
2 151.101.193.44 54113 (FASTLY)
2 99.86.4.3 16509 (AMAZON-02)
1 2606:4700:e2:... 13335 (CLOUDFLAR...)
2 2600:1901:0:8... 15169 (GOOGLE)
17 2606:2800:234... 15133 (EDGECAST)
5 141.226.228.48 200478 (TABOOLA-AS)
3 23.205.241.50 16625 (AKAMAI-AS)
4 104.75.88.194 16625 (AKAMAI-AS)
17 2600:9000:214... 16509 (AMAZON-02)
2 23.35.237.37 16625 (AKAMAI-AS)
3 2600:9000:211... 16509 (AMAZON-02)
3 104.244.42.72 13414 (TWITTER)
1 142.250.186.134 15169 (GOOGLE)
1 2600:9000:205... 16509 (AMAZON-02)
1 99.86.4.121 16509 (AMAZON-02)
2 151.101.193.175 54113 (FASTLY)
1 21 2a00:1450:400... 15169 (GOOGLE)
3 13.32.28.197 16509 (AMAZON-02)
1 13.32.27.119 16509 (AMAZON-02)
2 2.16.186.25 20940 (AKAMAI-ASN1)
4 99.86.4.6 16509 (AMAZON-02)
3 2600:9000:214... 16509 (AMAZON-02)
1 2620:0:890::100 54113 (FASTLY)
1 12 34.248.152.242 16509 (AMAZON-02)
1 13.32.27.33 16509 (AMAZON-02)
10 2a00:1450:400... 15169 (GOOGLE)
1 172.217.18.98 15169 (GOOGLE)
7 54.87.198.241 14618 (AMAZON-AES)
1 2a04:4e42:400... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
10 35.244.232.184 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
6 151.101.130.27 54113 (FASTLY)
18 54.229.167.95 16509 (AMAZON-02)
1 9 2a00:1450:400... 15169 (GOOGLE)
1 2606:2800:134... 15133 (EDGECAST)
2 34.246.208.99 16509 (AMAZON-02)
1 2600:9000:205... 16509 (AMAZON-02)
2 63.32.119.144 16509 (AMAZON-02)
1 2600:9000:205... 16509 (AMAZON-02)
1 99.86.4.7 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a04:4e42:8d:... 54113 (FASTLY)
6 2606:2800:233... 15133 (EDGECAST)
1 35.156.94.146 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 23.206.209.192 16625 (AKAMAI-AS)
1 79.125.44.37 16509 (AMAZON-02)
6 15.236.176.210 16509 (AMAZON-02)
1 1 54.74.40.111 16509 (AMAZON-02)
1 2a04:4e42:600... 54113 (FASTLY)
2 65.9.65.116 16509 (AMAZON-02)
1 146.75.116.157 54113 (FASTLY)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.101.1.108 54113 (FASTLY)
1 2 142.250.186.102 15169 (GOOGLE)
2 142.250.181.226 15169 (GOOGLE)
1 35.227.202.26 15169 (GOOGLE)
2 4 37.252.173.215 29990 (ASN-APPNEX)
7 2a00:1450:400... 15169 (GOOGLE)
1 141.226.224.32 200478 (TABOOLA-AS)
1 104.244.42.69 13414 (TWITTER)
1 104.244.42.131 13414 (TWITTER)
1 3 37.252.172.249 29990 (ASN-APPNEX)
3 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 52.28.196.126 16509 (AMAZON-02)
1 3.208.54.167 14618 (AMAZON-AES)
10 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
3 3.33.220.150 16509 (AMAZON-02)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 35.241.45.82 15169 (GOOGLE)
2 69.173.144.138 26667 (RUBICONPR...)
1 2 142.250.74.194 15169 (GOOGLE)
1 1 88.221.168.201 16625 (AKAMAI-AS)
2 2 104.18.19.126 13335 (CLOUDFLAR...)
1 1 199.127.207.191 26120 (RHYTHMONE)
1 1 3.124.210.90 16509 (AMAZON-02)
1 1 34.193.47.24 14618 (AMAZON-AES)
1 18.202.59.106 16509 (AMAZON-02)
1 1 88.221.168.166 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 8 151.101.2.49 54113 (FASTLY)
24 2a00:1450:400... 15169 (GOOGLE)
1 185.80.39.216 27381 (CASALE-MEDIA)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.98.64.218 396982 (GOOGLE-CL...)
1 185.64.190.80 62713 (AS-PUBMATIC)
1 2 185.94.180.125 35220 (SPOTX-AMS)
1 2a03:2880:f12... 32934 (FACEBOOK)
2 52.95.132.103 16509 (AMAZON-02)
6 13.36.218.177 16509 (AMAZON-02)
1 213.19.147.44 3356 (LEVEL3)
52 2600:1f18:1ac... 14618 (AMAZON-AES)
11 172.217.16.194 15169 (GOOGLE)
2 216.239.32.3 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
9 184.24.77.198 20940 (AKAMAI-ASN1)
508 101
1    167.89.118.52 (Las Vegas, United States)

ASN11377 (SENDGRID, US)
PTR: o16789118x52.outbound-mail.sendgrid.net
url4195.isentia.com
1    54.153.213.250 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-153-213-250.ap-southeast-2.compute.amazonaws.com
content.isentia.io
19    104.75.88.206 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-206.deploy.static.akamaitechnologies.com
csp.newscdn.com.au
resourcesssl.newscdn.com.au
71    2.18.233.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-28.deploy.static.akamaitechnologies.com
www.heraldsun.com.au
content.api.news
mhr.talk.news.com.au
resources.newscdn.com.au
11    2.18.233.169 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-169.deploy.static.akamaitechnologies.com
tags.news.com.au
1    151.101.2.217 (United States)

ASN54113 (FASTLY, US)
cdn.speedcurve.com
1    3.5.164.175 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-southeast-2.amazonaws.com
news-networkeditorial.s3.ap-southeast-2.amazonaws.com
1    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
15    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
images.taboola.com
2    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
widget.perfectmarket.com
2    99.86.4.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-3.fra6.r.cloudfront.net
sb.scorecardresearch.com
1    2606:4700:e2::ac40:850f (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
2    2600:1901:0:809c::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)
bedsberry.com
17    2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
5    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-trc-events.taboola.com
3    23.205.241.50 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-241-50.deploy.static.akamaitechnologies.com
login.newscorpaustralia.com
subscriptions.heraldsun.com.au
4    104.75.88.194 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-194.deploy.static.akamaitechnologies.com
tags.tiqcdn.com
17    2600:9000:214f:2a00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
2    23.35.237.37 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-37.deploy.static.akamaitechnologies.com
players.brightcove.net
3    2600:9000:211e:b600:4:77d:a0c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.vidora.com
3    104.244.42.72 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    142.250.186.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net
ad.doubleclick.net
1    2600:9000:2057:ee00:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
1    99.86.4.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-121.fra6.r.cloudfront.net
au.tags.newscgp.com
2    151.101.193.175 (United States)

ASN54113 (FASTLY, US)
nebula-cdn.kampyle.com
21    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    13.32.28.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-28-197.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    13.32.27.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-119.fra56.r.cloudfront.net
ats-wrapper.privacymanager.io
2    2.16.186.25 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-25.deploy.static.akamaitechnologies.com
secure-ds.serving-sys.com
4    99.86.4.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-6.fra6.r.cloudfront.net
au-script.dotmetrics.net
3    2600:9000:214f:b800:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn-gl.imrworldwide.com
1    2620:0:890::100 (United States)

ASN54113 (FASTLY, US)
ts2020-indies-client.web.app
12    34.248.152.242 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-152-242.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    13.32.27.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-33.fra56.r.cloudfront.net
cdn.adsafeprotected.com
10    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
adservice.google.sk
1    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net
googleads4.g.doubleclick.net
7    54.87.198.241 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-198-241.compute-1.amazonaws.com
ping.chartbeat.net
1    2a04:4e42:400::729 (United States)

ASN54113 (FASTLY, US)
vjs.zencdn.net
2    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
10    35.244.232.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.232.244.35.bc.googleusercontent.com
metrics.brightcove.com
7    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
6    151.101.130.27 (United States)

ASN54113 (FASTLY, US)
edge.api.brightcove.com
manifest.prod.boltdns.net
18    54.229.167.95 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-167-95.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
9    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
news.google.com
1    2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)
cdn.syndication.twimg.com
2    34.246.208.99 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-208-99.eu-west-1.compute.amazonaws.com
secure-sdk.imrworldwide.com
1    2600:9000:2057:600:1d:667e:2a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
pgxiyq3qc93rfflxsmvfnm5qqxrzv1666883579.nuid.imrworldwide.com
2    63.32.119.144 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-119-144.eu-west-1.compute.amazonaws.com
secure-dcr.imrworldwide.com
1    2600:9000:2057:a200:1d:667e:2a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
hcs1tfauj8qi0uiicq7mte3jgp5gt1666883579.nuid.imrworldwide.com
1    99.86.4.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-7.fra6.r.cloudfront.net
cf-images.ap-southeast-2.prod.boltdns.net
1    2a00:1450:4001:809::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2a04:4e42:8d::159 (United States)

ASN54113 (FASTLY, US)
pbs.twimg.com
6    2606:2800:233:1ab3:789:1032:20e3:21 (United States)

ASN15133 (EDGECAST, US)
video.twimg.com
1    35.156.94.146 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-94-146.eu-central-1.compute.amazonaws.com
bs.serving-sys.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    23.206.209.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-209-192.deploy.static.akamaitechnologies.com
statsapi.foxsports.com.au
1    79.125.44.37 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-79-125-44-37.eu-west-1.compute.amazonaws.com
newscorpau.demdex.net
6    15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
metrics.heraldsun.com.au
1    54.74.40.111 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-40-111.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
2    65.9.65.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-65-116.fra56.r.cloudfront.net
js.adsrvr.org
1    146.75.116.157 (United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
2    2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    142.250.186.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net
8228261.fls.doubleclick.net
2    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
www.googleadservices.com
1    35.227.202.26 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 26.202.227.35.bc.googleusercontent.com
au-gmtdmp.mookie1.com
4    37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
7    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play.google.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
1    104.244.42.69 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.131 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
3    37.252.172.249 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    52.28.196.126 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-196-126.eu-central-1.compute.amazonaws.com
lm.serving-sys.com
1    3.208.54.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-54-167.compute-1.amazonaws.com
api.vidora.com
10    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
10    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
www.googletagservices.com
3    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
insight.adsrvr.org
match.adsrvr.org
1    2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
1    35.241.45.82 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com
udc-neb.kampyle.com
2    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
2    142.250.74.194 (Glen Cove, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
cm.g.doubleclick.net
1    88.221.168.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-201.deploy.static.akamaitechnologies.com
image5.pubmatic.com
2    104.18.19.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
ssum.casalemedia.com
1    199.127.207.191 (United States)

ASN26120 (RHYTHMONE, US)
dt.scanscout.com
1    3.124.210.90 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
ps.eyeota.net
1    34.193.47.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-47-24.compute-1.amazonaws.com
usermatch.krxd.net
1    18.202.59.106 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-59-106.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    88.221.168.166 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-166.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.sk
1    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
0660dee00155a668dad584718d1aab52.safeframe.googlesyndication.com
8    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
24    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
1    2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
m.doubleclick.net
1    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
marketingplatform.google.com
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
1    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    52.95.132.103 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-2.amazonaws.com
s3-ap-southeast-2.amazonaws.com
6    13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
newscorpau.hb.omtrdc.net
1    213.19.147.44 (Amsterdam, Netherlands)

ASN3356 (LEVEL3, US)
sync.1rx.io
52    2600:1f18:1aca:4282:74e5:b428:3504:8805 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
11    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net
pubads.g.doubleclick.net
2    216.239.32.3 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
redirector.gvt1.com
1    2a00:1450:4001:6c::7 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r2---sn-4g5ednsz.gvt1.com
9    184.24.77.198 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-24-77-198.deploy.static.akamaitechnologies.com
nws-bolt-amd-prod.akamaized.net
Apex Domain
Subdomains		 Transfer
88 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 594
cdn.adsafeprotected.com — Cisco Umbrella Rank: 3256
pixel.adsafeprotected.com — Cisco Umbrella Rank: 620
dt.adsafeprotected.com — Cisco Umbrella Rank: 546
797 KB
51 newscdn.com.au
csp.newscdn.com.au
resourcesssl.newscdn.com.au — Cisco Umbrella Rank: 98850
resources.newscdn.com.au — Cisco Umbrella Rank: 718964
2 MB
41 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 185
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 317
8228261.fls.doubleclick.net — Cisco Umbrella Rank: 199020
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
m.doubleclick.net — Cisco Umbrella Rank: 445213
pubads.g.doubleclick.net — Cisco Umbrella Rank: 446
213 KB
32 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
0660dee00155a668dad584718d1aab52.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 147
166 KB
31 heraldsun.com.au
www.heraldsun.com.au — Cisco Umbrella Rank: 301614
subscriptions.heraldsun.com.au — Cisco Umbrella Rank: 710381
metrics.heraldsun.com.au — Cisco Umbrella Rank: 892780
520 KB
30 google.com
news.google.com — Cisco Umbrella Rank: 5435
play.google.com — Cisco Umbrella Rank: 27
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 78
marketingplatform.google.com — Cisco Umbrella Rank: 19022
102 KB
22 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 865
trc.taboola.com — Cisco Umbrella Rank: 697
am-trc-events.taboola.com — Cisco Umbrella Rank: 17121
images.taboola.com — Cisco Umbrella Rank: 1714
pips.taboola.com — Cisco Umbrella Rank: 1560
cds.taboola.com — Cisco Umbrella Rank: 1451
259 KB
21 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 731
syndication.twitter.com — Cisco Umbrella Rank: 1061
analytics.twitter.com — Cisco Umbrella Rank: 547
712 KB
14 api.news
content.api.news — Cisco Umbrella Rank: 57967
478 KB
13 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 214
newscorpau.demdex.net — Cisco Umbrella Rank: 110192
17 KB
12 brightcove.com
metrics.brightcove.com — Cisco Umbrella Rank: 3985
edge.api.brightcove.com — Cisco Umbrella Rank: 5217
5 KB
12 news.com.au
tags.news.com.au — Cisco Umbrella Rank: 75850
mhr.talk.news.com.au — Cisco Umbrella Rank: 677032
263 KB
10 gstatic.com
www.gstatic.com
fonts.gstatic.com
csi.gstatic.com
159 KB
9 akamaized.net
nws-bolt-amd-prod.akamaized.net — Cisco Umbrella Rank: 285007
6 MB
9 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1073
sync-tm.everesttech.net — Cisco Umbrella Rank: 578
2 KB
9 twimg.com
cdn.syndication.twimg.com — Cisco Umbrella Rank: 2310
pbs.twimg.com — Cisco Umbrella Rank: 699
video.twimg.com — Cisco Umbrella Rank: 1306
437 KB
9 imrworldwide.com
cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 2418
secure-sdk.imrworldwide.com — Cisco Umbrella Rank: 6309
pgxiyq3qc93rfflxsmvfnm5qqxrzv1666883579.nuid.imrworldwide.com
secure-dcr.imrworldwide.com — Cisco Umbrella Rank: 2399
hcs1tfauj8qi0uiicq7mte3jgp5gt1666883579.nuid.imrworldwide.com
69 KB
8 adnxs.com
acdn.adnxs.com — Cisco Umbrella Rank: 618
secure.adnxs.com — Cisco Umbrella Rank: 438
ib.adnxs.com — Cisco Umbrella Rank: 232
10 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 193
326 KB
7 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1228
1 KB
6 omtrdc.net
newscorpau.hb.omtrdc.net — Cisco Umbrella Rank: 191788
648 B
5 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1436
insight.adsrvr.org — Cisco Umbrella Rank: 632
match.adsrvr.org — Cisco Umbrella Rank: 356
5 KB
5 boltdns.net
cf-images.ap-southeast-2.prod.boltdns.net — Cisco Umbrella Rank: 97585
manifest.prod.boltdns.net — Cisco Umbrella Rank: 4848
106 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 375
www.linkedin.com — Cisco Umbrella Rank: 591
px4.ads.linkedin.com — Cisco Umbrella Rank: 6090
4 KB
4 foxsports.com.au
statsapi.foxsports.com.au — Cisco Umbrella Rank: 546438
24 KB
4 dotmetrics.net
au-script.dotmetrics.net — Cisco Umbrella Rank: 48292
39 KB
4 serving-sys.com
secure-ds.serving-sys.com — Cisco Umbrella Rank: 1907
bs.serving-sys.com — Cisco Umbrella Rank: 1148
lm.serving-sys.com — Cisco Umbrella Rank: 1897
26 KB
4 vidora.com
assets.vidora.com — Cisco Umbrella Rank: 17468
api.vidora.com — Cisco Umbrella Rank: 22335
7 KB
4 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 968
24 KB
3 casalemedia.com
ssum.casalemedia.com — Cisco Umbrella Rank: 1347
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 542
2 KB
3 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 313
48 KB
3 kampyle.com
nebula-cdn.kampyle.com — Cisco Umbrella Rank: 4545
udc-neb.kampyle.com — Cisco Umbrella Rank: 2384
87 KB
3 amazonaws.com
news-networkeditorial.s3.ap-southeast-2.amazonaws.com
s3-ap-southeast-2.amazonaws.com
208 KB
2 gvt1.com
redirector.gvt1.com — Cisco Umbrella Rank: 3385
r2---sn-4g5ednsz.gvt1.com
15 KB
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 572
1 KB
2 google.sk
adservice.google.sk — Cisco Umbrella Rank: 105603
914 B
2 krxd.net
usermatch.krxd.net — Cisco Umbrella Rank: 1251
beacon.krxd.net — Cisco Umbrella Rank: 528
530 B
2 pubmatic.com
image5.pubmatic.com — Cisco Umbrella Rank: 53237
image2.pubmatic.com — Cisco Umbrella Rank: 894
799 B
2 rubiconproject.com
token.rubiconproject.com — Cisco Umbrella Rank: 682
pixel.rubiconproject.com — Cisco Umbrella Rank: 347
453 B
2 google.de
www.google.de — Cisco Umbrella Rank: 6045
612 B
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 131
32 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 742
4 KB
2 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 435
346 KB
2 brightcove.net
players.brightcove.net — Cisco Umbrella Rank: 3668
269 KB
2 newscorpaustralia.com
login.newscorpaustralia.com — Cisco Umbrella Rank: 137525
3 KB
2 bedsberry.com
bedsberry.com — Cisco Umbrella Rank: 76020
28 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 156
2 KB
2 perfectmarket.com
widget.perfectmarket.com — Cisco Umbrella Rank: 3561
32 KB
1 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 543
99 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
559 B
1 openx.net
us-u.openx.net — Cisco Umbrella Rank: 409
273 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 539
501 B
1 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1010
418 B
1 scanscout.com
dt.scanscout.com — Cisco Umbrella Rank: 30570
698 B
1 turn.com
d.turn.com — Cisco Umbrella Rank: 1096
402 B
1 t.co
t.co — Cisco Umbrella Rank: 483
378 B
1 mookie1.com
au-gmtdmp.mookie1.com — Cisco Umbrella Rank: 305755
640 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61
47 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 624
15 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 273
17 KB
1 zencdn.net
vjs.zencdn.net — Cisco Umbrella Rank: 4516
7 KB
1 web.app
ts2020-indies-client.web.app — Cisco Umbrella Rank: 182480
3 KB
1 privacymanager.io
ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 5842
27 KB
1 newscgp.com
au.tags.newscgp.com — Cisco Umbrella Rank: 119101
48 KB
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1323
24 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 931
12 KB
1 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 363
2 KB
1 speedcurve.com
cdn.speedcurve.com — Cisco Umbrella Rank: 5695
7 KB
1 isentia.io
content.isentia.io
592 B
1 isentia.com
url4195.isentia.com
442 B
508 70
Domain Requested by
52 dt.adsafeprotected.com
32 resources.newscdn.com.au
24 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
24 www.heraldsun.com.au 4 redirects content.isentia.io
www.heraldsun.com.au
21 securepubads.g.doubleclick.net 1 redirects tags.tiqcdn.com
securepubads.g.doubleclick.net
content.isentia.io
www.googletagservices.com
18 pixel.adsafeprotected.com cdn.adsafeprotected.com
www.heraldsun.com.au
static.adsafeprotected.com
18 resourcesssl.newscdn.com.au www.heraldsun.com.au
resourcesssl.newscdn.com.au
ts2020-indies-client.web.app
17 static.adsafeprotected.com bedsberry.com
resourcesssl.newscdn.com.au
pixel.adsafeprotected.com
www.heraldsun.com.au
17 platform.twitter.com www.heraldsun.com.au
platform.twitter.com
14 content.api.news www.heraldsun.com.au
resourcesssl.newscdn.com.au
12 dpm.demdex.net 1 redirects www.heraldsun.com.au
tags.news.com.au
11 pubads.g.doubleclick.net imasdk.googleapis.com
11 tags.news.com.au 1 redirects www.heraldsun.com.au
resourcesssl.newscdn.com.au
tags.tiqcdn.com
au.tags.newscgp.com
10 www.google.com www.heraldsun.com.au
securepubads.g.doubleclick.net
tpc.googlesyndication.com
10 metrics.brightcove.com www.heraldsun.com.au
9 nws-bolt-amd-prod.akamaized.net players.brightcove.net
9 news.google.com 1 redirects subscriptions.heraldsun.com.au
news.google.com
content.isentia.io
www.gstatic.com
8 sync-tm.everesttech.net 8 redirects
7 www.googletagservices.com securepubads.g.doubleclick.net
7 play.google.com www.gstatic.com
7 www.gstatic.com players.brightcove.net
www.gstatic.com
news.google.com
7 ping.chartbeat.net www.heraldsun.com.au
7 pagead2.googlesyndication.com ad.doubleclick.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
6 newscorpau.hb.omtrdc.net tags.news.com.au
6 metrics.heraldsun.com.au tags.news.com.au
6 video.twimg.com platform.twitter.com
6 images.taboola.com www.heraldsun.com.au
6 cdn.taboola.com www.heraldsun.com.au
cdn.taboola.com
5 am-trc-events.taboola.com www.heraldsun.com.au
4 manifest.prod.boltdns.net players.brightcove.net
4 secure.adnxs.com 2 redirects www.heraldsun.com.au
4 statsapi.foxsports.com.au resourcesssl.newscdn.com.au
4 au-script.dotmetrics.net tags.news.com.au
www.heraldsun.com.au
au-script.dotmetrics.net
4 tags.tiqcdn.com www.heraldsun.com.au
tags.tiqcdn.com
3 adservice.google.com 8228261.fls.doubleclick.net
securepubads.g.doubleclick.net
imasdk.googleapis.com
3 ib.adnxs.com 1 redirects www.heraldsun.com.au
3 cdn-gl.imrworldwide.com tags.news.com.au
cdn-gl.imrworldwide.com
3 c.amazon-adsystem.com tags.tiqcdn.com
c.amazon-adsystem.com
3 syndication.twitter.com platform.twitter.com
www.heraldsun.com.au
3 assets.vidora.com resourcesssl.newscdn.com.au
assets.vidora.com
3 trc.taboola.com cdn.taboola.com
2 csi.gstatic.com imasdk.googleapis.com
2 s3-ap-southeast-2.amazonaws.com resourcesssl.newscdn.com.au
2 sync.search.spotxchange.com 1 redirects
2 adservice.google.sk securepubads.g.doubleclick.net
imasdk.googleapis.com
2 ssum.casalemedia.com 2 redirects
2 cm.g.doubleclick.net 1 redirects
2 insight.adsrvr.org js.adsrvr.org
2 www.google.de www.heraldsun.com.au
2 googleads.g.doubleclick.net www.googleadservices.com
2 px.ads.linkedin.com 2 redirects
2 www.googleadservices.com secure-ds.serving-sys.com
www.googletagmanager.com
2 8228261.fls.doubleclick.net 1 redirects content.isentia.io
2 snap.licdn.com content.isentia.io
snap.licdn.com
2 js.adsrvr.org secure-ds.serving-sys.com
2 pbs.twimg.com www.heraldsun.com.au
2 secure-dcr.imrworldwide.com www.heraldsun.com.au
2 secure-sdk.imrworldwide.com www.heraldsun.com.au
2 edge.api.brightcove.com players.brightcove.net
2 imasdk.googleapis.com players.brightcove.net
imasdk.googleapis.com
2 secure-ds.serving-sys.com tags.tiqcdn.com
secure-ds.serving-sys.com
2 nebula-cdn.kampyle.com tags.tiqcdn.com
nebula-cdn.kampyle.com
2 players.brightcove.net resourcesssl.newscdn.com.au
2 login.newscorpaustralia.com www.heraldsun.com.au
login.newscorpaustralia.com
2 bedsberry.com www.heraldsun.com.au
bedsberry.com
2 sb.scorecardresearch.com cdn.taboola.com
www.heraldsun.com.au
2 widget.perfectmarket.com cdn.taboola.com
widget.perfectmarket.com
1 r2---sn-4g5ednsz.gvt1.com
1 redirector.gvt1.com 1 redirects
1 sync.1rx.io
1 www.facebook.com
1 image2.pubmatic.com
1 us-u.openx.net
1 marketingplatform.google.com www.heraldsun.com.au
1 m.doubleclick.net 1 redirects
1 dsum-sec.casalemedia.com
1 pixel.rubiconproject.com
1 0660dee00155a668dad584718d1aab52.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 tags.bluekai.com 1 redirects
1 beacon.krxd.net
1 usermatch.krxd.net 1 redirects
1 ps.eyeota.net 1 redirects
1 dt.scanscout.com 1 redirects
1 image5.pubmatic.com 1 redirects
1 match.adsrvr.org
1 token.rubiconproject.com
1 udc-neb.kampyle.com nebula-cdn.kampyle.com
1 d.turn.com 1 redirects
1 api.vidora.com resourcesssl.newscdn.com.au
1 lm.serving-sys.com secure-ds.serving-sys.com
1 px4.ads.linkedin.com www.heraldsun.com.au
1 www.linkedin.com 1 redirects
1 analytics.twitter.com www.heraldsun.com.au
1 t.co www.heraldsun.com.au
1 cds.taboola.com cdn.taboola.com
1 au-gmtdmp.mookie1.com www.heraldsun.com.au
1 acdn.adnxs.com content.isentia.io
1 www.googletagmanager.com secure-ds.serving-sys.com
1 static.ads-twitter.com content.isentia.io
1 pips.taboola.com cdn.taboola.com
1 cm.everesttech.net 1 redirects
1 newscorpau.demdex.net tags.news.com.au
1 fonts.gstatic.com news.google.com
1 bs.serving-sys.com secure-ds.serving-sys.com
1 s0.2mdn.net imasdk.googleapis.com
1 cf-images.ap-southeast-2.prod.boltdns.net www.heraldsun.com.au
1 hcs1tfauj8qi0uiicq7mte3jgp5gt1666883579.nuid.imrworldwide.com www.heraldsun.com.au
1 pgxiyq3qc93rfflxsmvfnm5qqxrzv1666883579.nuid.imrworldwide.com www.heraldsun.com.au
1 cdn.syndication.twimg.com platform.twitter.com
1 vjs.zencdn.net players.brightcove.net
1 googleads4.g.doubleclick.net ad.doubleclick.net
1 cdn.adsafeprotected.com tags.news.com.au
1 subscriptions.heraldsun.com.au www.heraldsun.com.au
1 ts2020-indies-client.web.app www.heraldsun.com.au
1 ats-wrapper.privacymanager.io tags.tiqcdn.com
1 au.tags.newscgp.com tags.tiqcdn.com
1 static.chartbeat.com tags.tiqcdn.com
1 ad.doubleclick.net tags.tiqcdn.com
1 use.fontawesome.com cdn.taboola.com
1 mhr.talk.news.com.au www.heraldsun.com.au
1 cdn.ampproject.org www.heraldsun.com.au
1 news-networkeditorial.s3.ap-southeast-2.amazonaws.com www.heraldsun.com.au
1 cdn.speedcurve.com www.heraldsun.com.au
1 csp.newscdn.com.au 1 redirects
1 content.isentia.io
1 url4195.isentia.com 1 redirects
508 126
Subject Issuer Validity Valid
prod.k8sinternal.com
Amazon		 2022-06-10 -
2023-07-09		 a year crt.sh
news.com.au
DigiCert SHA2 Secure Server CA		 2022-02-07 -
2023-02-06		 a year crt.sh
*.speedcurve.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-07-16 -
2023-08-17		 a year crt.sh
*.s3-ap-southeast-2.amazonaws.com
Amazon		 2021-12-15 -
2022-12-14		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
widget.perfectmarket.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-09-27 -
2023-10-29		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
bedsberry.com
R3		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-06 -
2023-11-06		 a year crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
players.brightcove.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-28 -
2023-07-28		 a year crt.sh
*.vidora.com
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
au.tags.newscgp.com
Amazon		 2022-01-11 -
2023-02-08		 a year crt.sh
*.kampyle.com
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-22 -
2023-03-26		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.privacymanager.io
Amazon		 2022-08-26 -
2023-09-24		 a year crt.sh
secure-ds.serving-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-05 -
2023-03-08		 a year crt.sh
*.dotmetrics.net
Amazon		 2022-09-23 -
2023-10-21		 a year crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-04 -
2023-02-03		 a year crt.sh
web.app
GTS CA 1D4		 2022-10-19 -
2023-01-17		 3 months crt.sh
*.adsafeprotected.com
Amazon		 2022-06-21 -
2023-07-20		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
vjs.zencdn.net
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-08-30 -
2023-10-01		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
metrics.brightcove.com
GTS CA 1D4		 2022-10-08 -
2023-01-06		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
brightcove.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-06-08 -
2023-07-10		 a year crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
*.news.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.nuid.imrworldwide.com
Amazon		 2022-05-12 -
2023-06-10		 a year crt.sh
*.prod.boltdns.net
Amazon		 2022-10-19 -
2023-11-18		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
bs.serving-sys.com
Amazon		 2022-04-10 -
2023-05-09		 a year crt.sh
statsapi.foxsports.com.au
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-05-08 -
2023-05-09		 a year crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
metrics.heraldsun.com.au
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-17 -
2023-07-18		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2022-03-01 -
2023-03-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-24 -
2023-03-27		 a year crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
lm.serving-sys.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
vidora.com
R3		 2022-10-09 -
2023-01-07		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.google.sk
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.hb.omtrdc.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-02 -
2023-01-02		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2022-06-28 -
2023-07-29		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2022-04-10 -
2023-05-08		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh

This page contains 46 frames:

Primary Page: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd&nk=4266bc4de45aa575d451af048646f817-1666883571
Frame ID: 500F3793BC3ED589F1F40DFC73F944AF
Requests: 325 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=j5DzYNJJ6.HhVPc20dSS-I3npCrlV5h_&nonce=QB_UcEaV5nGF60qvVLHf9nm7B4Ji9_kP&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xOS4wIn0%3D
Frame ID: 7D88389590DD6F6F5F1D7A9F3A49A79E
Requests: 3 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fwww.heraldsun.com.au
Frame ID: 2274C76EFEDB63CB6235A6EA885EF7EF
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1585360307102552064&lang=en&origin=https%3A%2F%2Fwww.dailytelegraph.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805&sessionId=3eec8549e14dc9d59d52e9ccc7a1f5679cdad095&siteScreenName=theheraldsun&theme=light&widgetsVersion=1c23387b1f70c%3A1664388199485&width=550px
Frame ID: 2EB9832E5AE94FD6F686F1D29106E452
Requests: 25 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: FB02631CE6FBC7F4C7DD08EBBA20D1D9
Requests: 5 HTTP requests in this frame

Frame: https://news.google.com/swg/ui/v1/serviceiframe?_=463023&publicationId=heraldsun.com.au
Frame ID: 17D2018B6C0F1968E5633D57AED130BA
Requests: 13 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.541.0_en.html
Frame ID: F416C07D256FA82487F3A3B69812E50C
Requests: 16 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: 2CC32727C40A38F9D3814EC1A36AD8C8
Requests: 22 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: E8099470E29D192380C820F25A70A4B2
Requests: 1 HTTP requests in this frame

Frame: https://static.ads-twitter.com/uwt.js
Frame ID: FD0ACD52A26168EB4C582A1F8D1B9B66
Requests: 3 HTTP requests in this frame

Frame: https://snap.licdn.com/li.lms-analytics/insight.min.js
Frame ID: 4505BBD8BF415B0BE3837CC67F61B19B
Requests: 3 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Frame ID: 38F6A570A3A12E8A29E54ACE437B64CC
Requests: 5 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: AF9C4B5B20E4265066D29D215AE8FA18
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/up/pixie.js
Frame ID: F3D28247DB3B036A9B0FFA853E1BA161
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CMT86J3ZgPsCFZXFsgodr68FwA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4164349175988.6377
Frame ID: 4227F8F318A041BFB6DF8200C581B5C2
Requests: 2 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/conversion.js
Frame ID: 1A0DAEFB1341971F3FBF70B7F462F164
Requests: 4 HTTP requests in this frame

Frame: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296557&src.rand=[timestamp]
Frame ID: 671C48F9BF7D3982FC46A16F4929A23D
Requests: 1 HTTP requests in this frame

Frame: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Frame ID: 0F18BDC9AA78C9E3170BE7D50E7F32AF
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&upid=trk7f24&upv=1.1.0
Frame ID: 0ED70A438807A9A134F4BBCD3B112A1D
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&upid=ekg5qxt&upv=1.1.0
Frame ID: 1AEA96B2EA6F6CDFEAB7098903B6210D
Requests: 1 HTTP requests in this frame

Frame: https://0660dee00155a668dad584718d1aab52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 397C8362F1F9DAD7A999360AB2300CB3
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBZg6-ASfPKrLpP-hyj-dGc5ojszYMWBWsXp9Vp8rB2RKS3Je1DiFpi8k2Tb5yvNk39aYKqnTWraVar6bl32JlC7qbpUd9xS1rhkB9pSX09HqRw3lFS_BollpNoO4xC-ZL4v_Z0CUdhfypbeNF_yiIdbkILJIzdm3VRypA6kk5icRZ18orCS3Dhc3MAFwEZ1J-Pe4TGhS4mW4VFYk2lqOiPjSvVjSRf0zH_NqqN2JR-4G4DfJ1i1GTwEDagUkQmaQ1T72Sn-JYxbv58ckX2iZnHMnATquBjKaa6IWadGGT6HdG-5-HfCUrCHw3n0Mgj3St4nJ_w-MftIMEDw&sai=AMfl-YS1hsHwSxWxCA2F8ggnsLvVMURIubYT2ucajHAagHDjiFH3ch7q7GY9_sTOBWXFcA0gxe0_-sNGgW4Vaf1LgAhafXAbD_X8dTGTuCOjkWdgyBOlgMfP8XDKMb_vt6R-rw&sig=Cg0ArKJSzKHTLRiiwxFwEAE&uach_m=[UACH]&adurl=
Frame ID: 563AD63AA55B8499052DEDD2FDACF556
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv-Uv3aznd1Qgs6eVkxaV73XYIhx3ruYwVbUgQSoXaKX3saAlIQuUTC2bmPspnulYg1AK_0MGGcTaONfYNsJSmbNIcoZaWuSf2uKkslGoAA68FD175Sxmk8lpSYsjTH3p3v2T6QXfZuvnjxpqH8QbWgDjfYYaHXN_P2nW5uEY5enAlb1YqaCTzg9f16mW22M-4gjhm2luFyVNBqbFX95bjVvlsi4tOMzDMrkDLczyswg7RltsRmIjz7QubR-zGchNUu6OdCrd0gGE8ZeMuhPB8B7j3GMbXUiI8HM7EPm8Wl3sXNYjf22N_D2dEZzyiNIwzIPkYXBwQltmotmg&sai=AMfl-YRyMNBKYxRI5XFfe7CfdxF0Py0KDth5sb6EQDm5WcRT8D-zajMmBIXCRvUCqQgJVFczqS2MvcndiLHgxtGM7do2j8M6CwJDapXostVzsNW7yof5VXrY1-MhoRstVcQiPw&sig=Cg0ArKJSzE_S-0pZegMBEAE&uach_m=[UACH]&adurl=
Frame ID: 4E5F8AE576C76A908698F1BEB69FB964
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssr1HKfGxsXj5JDz9BhKdFtgcM-KIpzrDRW9gv6PjWvHy0B9_Ju6pI6TPFq4TwvoHXeo--70ppnNck4ZES24yER1zecb45_GMIGKKkDbtRebovsRuFnN8zZf01HKSKgVfZb4VXygI2qXcyWo_3alQABumP-78T5d85IHcirzMaC3UsnciJgg9boCdnHofVb747OAUZiOBcIclgn9E7nnl8sB2oiUe0wxOs6yzVCnSGRUvpEWomUYI51h8NAxmdVTosP1QpQlybvDvxhlz_Zx6LSUfVy--LzvysPx6w5LU0UkZROyOgMdLU7vn4IgJwpxfzccdOEuhCiidTHWQ&sai=AMfl-YR-jjrf0dmVaD8DMOkxm2CEjs_Os8Sd64Qd59uEefrM_RNQGpT55lmE6-hYA-MGObOWBODvZxokKeAsKZ9y6vSbXllK_8IksP-bWtgvi3x3oR0GDIsd0o8iNia_CnLIKA&sig=Cg0ArKJSzEjSscfeEjgvEAE&uach_m=[UACH]&adurl=
Frame ID: 2C5B06103E6B9E5B20E62F390164393F
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv2-blxlyLVQrOTrMVl62aqy1F-viWxyHdDGDpEpHRHfsBiFsgZ0bXk9GcGXY08FRV9fXbK-7Rs2UTdg2_1qAOiohDc1hMdeKvDeWPLaGfQpzA_1t5ewul2HAaUwZDuBcVahv_Lmr3tG8xVw-N7zB1AMLj4_fpCJUZ5HMsOnF0Uy1wSOzot_-NCCb8bF-v5NKM937SJLi7E1dnUlEjFFCbB7crHgV96waV_nehhqvuD5O8hYamQ_wVcFvGjbhsF-EUToG06H4kw5zaZNkPyACdP15L49Y2JMW5DuCnhgnYXYyqXvIaji2MD4shtUxVk8lq4HiMcL9SUDc1GBw&sai=AMfl-YSlnCTIF3WRMGDl-yBMWTF-lWny1wW1DUSOOW9dMIfFkie6DzoYQrOFEujjdFPI_GLNjsvP00wwHFaCGP2_AfNo-uAptXmiejM80PTsN5-aENh6Jnjai_KG3L0usAKHHQ&sig=Cg0ArKJSzN1La3waeHa1EAE&uach_m=[UACH]&adurl=
Frame ID: 7895ADDB0E8DE6E5DBE0A70822EF2A09
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssFey0OiK4ibw_8l4QIvb5DVijnHmTi6Bo_OKmxD3PPm3ueeSNr-lWOAYM0CeSSAZohTnfuPLjWYrZIDmeD2V0pZtvnjM-PsWWOoauRQ4l_1l7xpD4utigd1zGhgfd_hUcpzwgnfVrgBWKKvvpgwvYOnfvbH1VdJPEBqhSx-JNwgXIEybZAqiFjSMdoa1nHvZ-iIdLXJ_iJ9T3FuZDinyNmvZC8eSAy0pq1cTO62JzmVmLoruAPFrscSlbTyBTjbbNlImrI_lwRPssDVmqKnLP2FT9o6u58hEBCk1N4NY3VUDhz8PFYsHHzz3ihjxSdull9K3457i7g4otN3g&sai=AMfl-YRY0Lln6HaQixve-kb8-T4CNQ0hOuyGY4MmpXcEjwFDwNi_hC-8lEZcpL5Mg8KkP9MibexXaytpsimBxMTTuGE2-0bp4qsJbKiCBvOrKpkVfR8jgAJgp5DkHCVge_RVQw&sig=Cg0ArKJSzMU4AXnDoq14EAE&uach_m=[UACH]&adurl=
Frame ID: 844409FC74635909BE7DA9B058444207
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst1pvxjj0PnrNXEU1HoR6J72RupDtkpUQgAbcULoUeaZ49d21EymXiwNDmh0WHlxbDuOpuT4I6q12O2oTlMvEIz8mAY504S0dBW_KqhNbcHG143N5TMakascovKBxXLYj3GHIQqQwiW1ekh8WHAPqcEqNxwr_djD_pC3Ta0UHz5kDTQG5UOJclu1T2QqfA-V6Ywxx5Fr5PO1fWLwSdFLi1GYpvz2Ce2aZ3ass9FgHHmuWrWCqy4wNbnGnM_EG8CChN0AOQ0ioa1DXKVE5-b4o-ix0_3LC1lN8CjirCfgbcnLinJFt_LKPhBFKbQ3QjKUhMd3eFEX6eaJM_eOw&sai=AMfl-YRerpdmi-LVqUzqGEkWJoRFhLmfYqOW0d_7_jPMcP2xu0xbNmK9YoIRVfUrPQoeZQSW-k4R3fX89Mjh8f9KldqFwb_AORf_7kZdeoPzwgfKFugW-SpkyhfzmS_aVEOQVQ&sig=Cg0ArKJSzPMmp3HzPQjkEAE&uach_m=[UACH]&adurl=
Frame ID: 06303A1BF198CE6CC93198DCC253B124
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstsSCUK-k9gAcDyHHHXCY0TBQJ_XaBLYa-a02_nYTm5iAUVu0uhNxGsFe1ZLBR3gNOxNTa5HHUMYC6bBbWv8-QzTyQkXOAMP31cyT4qBIvsQiRWPDdgF_HQeuEMSdIGPL0LLYnnD0risMmmVlzxM92QRFDNwnwxkVrKuqj1w7tmbzUDNMkJlSzKjU8QUY3TkBH94Hs0z_1bJtr9Mb-nsXG-F3shupO4RjFONdC4Tje-uReUPx9S7ntP5_BdHKTH8Yp5Ch4ETGh3HQo0IL9kDw7x_vkCDWA-P_vk1YLSoi1zvix8cDJtYAYaOkvX2LKrg3dwnb5OJ2MvyYcIgA&sai=AMfl-YSGWwJt9QlFhzVPOgrAyzs3-eZHcZfsltkEoG6DsI1WRSIL3r-MgQI9Qa-jDhXVg7mSz9N5fvG4R13Cb3MDD-R8uZ5umeC4SPj09yOk001lcFrRcNZ7qLfXzAYm7u6i5A&sig=Cg0ArKJSzN0naLZEGhMYEAE&uach_m=[UACH]&adurl=
Frame ID: B4FF4353C27F9046797EE761BDAECC1F
Requests: 9 HTTP requests in this frame

Frame: data://truncated
Frame ID: F3C1E55AF1F90821D71362064C1FB7EB
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3828675D37543D95B00EA3BB1EFC5759
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0E451FFE659FE5ED91106D49DC0FFCD4
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171498791&placementId=4682990628&pubCreative=138234092474&pubOrder=305536031&cb=116793390&custom=video,comments,story,mc_widget&custom3=168400391&adsafe_par&impId=d82f34b9-5609-11ed-bf76-0a8b1a8f9703
Frame ID: 02AF8962C7D09676B1EF0B8DCD5A3F20
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x90|1&pubId=36557831&chanId=171498791&placementId=5969529023&pubCreative=138409518499&pubOrder=3004275014&cb=48380703&custom=video,comments,story,mc_widget&custom3=168400391&adsafe_par&impId=d82f34bf-5609-11ed-bf76-0a8b1a8f9703
Frame ID: 62CB87E9ECB63523BE96DC4F1B4DA698
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171498791&placementId=4682990628&pubCreative=138234025461&pubOrder=305536031&cb=691231990&custom=video,comments,story,mc_widget&custom3=168400391&adsafe_par&impId=d82f34ba-5609-11ed-bf76-0a8b1a8f9703
Frame ID: 76C8D01E9A3F98D43F21F3051AD22E60
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171498791&placementId=4682990628&pubCreative=138234143368&pubOrder=305536031&cb=407886589&custom=video,comments,story,mc_widget&custom3=168400391&adsafe_par&impId=d82f34bb-5609-11ed-bf76-0a8b1a8f9703
Frame ID: 67E133E8EF1DC0352212D264C8951F24
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171498791&placementId=4682990628&pubCreative=138234025548&pubOrder=305536031&cb=549720203&custom=video,comments,story,mc_widget&custom3=168400391&adsafe_par&impId=d82f34bc-5609-11ed-bf76-0a8b1a8f9703
Frame ID: 67E546B951EBD934A5BBCBD8E16384D8
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171498791&placementId=4682990628&pubCreative=138386539437&pubOrder=305536031&cb=933584361&custom=video,comments,story,mc_widget&custom3=168400391&adsafe_par&impId=d82f34be-5609-11ed-bf76-0a8b1a8f9703
Frame ID: 61134770D4526FBDD3B5342470A069C4
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=171498791&placementId=4682990628&pubCreative=138234082439&pubOrder=305536031&cb=1847994274&custom=video,comments,story,mc_widget&custom3=168400391&adsafe_par&impId=d82f34bd-5609-11ed-bf76-0a8b1a8f9703
Frame ID: 899B17B27FF275EA542D371614254EE3
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: CAA0499CA8A2A54D5732E225FEEEDFEE
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 8D8BE36650E64863DA3A3AE635BC3AB9
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: AE36563423849DF09771DFAEFAB09051
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: CBDF22D85A619E66CF03DE0C68999DF2
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 6E0DE107653B23B851419B95ECA92023
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: EE4D2A232F52A39DD4D3E1122F54C9C9
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 2A28CB0FCB12D865CE1D4F3C79D10797
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: EEDDD7B259605AF2A8926FD82B1BE887
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

FIFA World Cup Qatar: Socceroos protest human rights abuses | Herald Sun

Page URL History Show full URLs

  1. http://url4195.isentia.com/ss/c/_067YoyZ04BmDh2Q53dPZzcr6GGb_BdM2fKnQeXCBn2TDQFSQVujHtedB9mbxTE67SETOl7... HTTP 302
    https://content.isentia.io/?url=https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-pr... Page URL
  2. https://csp.newscdn.com.au/trustedreferrercheck.esi?url=https://www.heraldsun.com.au/sport/football/fif... HTTP 302
    https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar... HTTP 302
    https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fsport%2ffo... HTTP 302
    https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar... HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fspor... HTTP 302
    https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • serving-sys\.com/
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

508
Requests

94 %
HTTPS

35 %
IPv6

70
Domains

126
Subdomains

101
IPs

9
Countries

14296 kB
Transfer

28418 kB
Size

95
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://url4195.isentia.com/ss/c/_067YoyZ04BmDh2Q53dPZzcr6GGb_BdM2fKnQeXCBn2TDQFSQVujHtedB9mbxTE67SETOl7h0KNyXyHyTh1EAv7ZDxZCTeLZgSutXrYKH6WkiraHCaqO8c3cbtv5hFJHxGQlSFsohLyq7kUDKnpJfxzgVaJL2Fv0kZHYk_kQs79bHUbeaDUv-QCClQkZdwDf4o-_Ho0S2FJ6MLGYvg1ypxKx98mH9lSw20eec2H-dQf9RvWlokZtrhJzQkaA-auZqjkRm7gxXDskviILLaSf3lRdxUOgH77aERDjdmlEhP6s7dw--0Orm5c1ifJILlcXDiB5BFC077_ou81uVMxTFA/3qm/KexAtGpSQJOYjSHzlLl__g/h2/YeZI3rRNHYzELE3H6frJReXik1ewx0QGXNAOE9Q84mw HTTP 302
    https://content.isentia.io/?url=https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805&key=a477a53a6df01a2147d2836d6031617c&ver=1&mid=881687832 Page URL
  2. https://csp.newscdn.com.au/trustedreferrercheck.esi?url=https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805&csp=ca352e585286b2d23cd55c4a307bba01 HTTP 302
    https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd HTTP 302
    https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fsport%2ffootball%2ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2fnews-story%2f06ae81845d541688c402efd2ac9e7805%3fbtr%3d23e3f2c389fc12ce08c4a6d59e7c39dd HTTP 302
    https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fsport%2ffootball%2ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2fnews-story%2f06ae81845d541688c402efd2ac9e7805%3fbtr%3d23e3f2c389fc12ce08c4a6d59e7c39dd&16668835711616615229 HTTP 302
    https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd&nk=4266bc4de45aa575d451af048646f817-1666883571 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://url4195.isentia.com/ss/c/_067YoyZ04BmDh2Q53dPZzcr6GGb_BdM2fKnQeXCBn2TDQFSQVujHtedB9mbxTE67SETOl7h0KNyXyHyTh1EAv7ZDxZCTeLZgSutXrYKH6WkiraHCaqO8c3cbtv5hFJHxGQlSFsohLyq7kUDKnpJfxzgVaJL2Fv0kZHYk_kQs79bHUbeaDUv-QCClQkZdwDf4o-_Ho0S2FJ6MLGYvg1ypxKx98mH9lSw20eec2H-dQf9RvWlokZtrhJzQkaA-auZqjkRm7gxXDskviILLaSf3lRdxUOgH77aERDjdmlEhP6s7dw--0Orm5c1ifJILlcXDiB5BFC077_ou81uVMxTFA/3qm/KexAtGpSQJOYjSHzlLl__g/h2/YeZI3rRNHYzELE3H6frJReXik1ewx0QGXNAOE9Q84mw HTTP 302
  • https://content.isentia.io/?url=https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805&key=a477a53a6df01a2147d2836d6031617c&ver=1&mid=881687832
Request Chain 70
  • https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd HTTP 302
  • https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805&memtype=anonymous&mode=premium&v21=dynamic-groupb-control-noscore&V21spcbehaviour=append
Request Chain 104
  • https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1666883579346 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1666883579346
Request Chain 161
  • https://news.google.com/swg/_/ui/v1/serviceiframe?_=463023&publicationId=heraldsun.com.au HTTP 301
  • https://news.google.com/swg/ui/v1/serviceiframe?_=463023&publicationId=heraldsun.com.au
Request Chain 195
  • https://cm.everesttech.net/cm/dd?d_uuid=44641758690432309162611042459969887008 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y1qf-AAAAIVXwANn
Request Chain 204
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4164349175988.6377 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CMT86J3ZgPsCFZXFsgodr68FwA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4164349175988.6377
Request Chain 207
  • https://secure.adnxs.com/px?id=879166&seg=9702347&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Request Chain 208
  • https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1
Request Chain 223
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1666883581004&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26time%3D1666883581004%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fsport%252Ffootball%252Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%252Fnews-story%252F06ae81845d541688c402efd2ac9e7805%253Fbtr%253D23e3f2c389fc12ce08c4a6d59e7c39dd%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1666883581004&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1666883581004&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&liSync=true&e_ipv6=AQKKoaGYKh637AAAAYQaAPhD-b_gBcfVvGxl5sTEC7J13vnV5Lb1W6v36WpurBi5pkNr7eM4EimMRflfIhSiXhpG8JVemg
Request Chain 247
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=7337932381638733622
Request Chain 249
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=4331909082144440366
Request Chain 252
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDQ2NDE3NTg2OTA0MzIzMDkxNjI2MTEwNDI0NTk5Njk4ODcwMDg= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIZQ8kSm0VhVxPt55iHskFY&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 254
  • https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=19566&dpuuid=%s
Request Chain 255
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__ HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y1qf-zKXGgP48xwlsZrpJAAA%265168
Request Chain 256
  • https://dt.scanscout.com/ssframework/uid?UIAA=44641758690432309162611042459969887008&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-74aa78b14504c4740dc728ec6bbc460a
Request Chain 257
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=44641758690432309162611042459969887008&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Request Chain 265
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=44641758690432309162611042459969887008 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=44641758690432309162611042459969887008
Request Chain 266
  • https://tags.bluekai.com/site/43981?id=44641758690432309162611042459969887008&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
Request Chain 272
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTFxZi1BQUFBSVZYd0FObg==
Request Chain 273
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y1qf-AAAAIVXwANn&expires=90
Request Chain 275
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y1qf-AAAAIVXwANn
Request Chain 319
  • https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvOdj2GZCzoo_nx0puu7NC-TndcHbXKE-nfRxVV0kCUjJNWuFErMkYpySPBxLWtHDpHl807GKp2lzENS9pUH6bGxAcPtRaAKDwYYMDa0a_-xvJ4YeInLxC0GHa15A7Ce_4MTNnaDNpTYyf6A1VVVNn0lzthU0AQQrGgYaXvtU2uZtBBQ5vPNsR_ruDArsFvp_6YDe8Rd1-j2W0j08VxegdX7NUwgpvKiTQ3lNi4yCBH4iHrq-J0K3cwBCBHERObqjp_0AXoMgkiQaVgQIDKR1n6OGK5-hSweUE_VJmgey4VKbZf2Cnzr0Q4c6iR3SWc91aiqVpkksPKUnQZLw&sai=AMfl-YS69n7phMVx2seOpg8ynvu0Y93tg9F40WzNuTxxIqlted_nfa8tY5s4BqVJ4U2Kg7jYTw4vCzztzsNuhgVR836qMXQkHboTduKWrvsnUp-2WfhYbBA0q4wLOUXIU-dBZQ&sig=Cg0ArKJSzDSRvjAxx9dfEAE&uach_m=[UACH]&urlfix=1&adurl=http://m.doubleclick.net HTTP 302
  • https://m.doubleclick.net/ HTTP 301
  • https://marketingplatform.google.com/about/enterprise/
Request Chain 320
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=Y1qf-AAAAIVXwANn
Request Chain 328
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y1qf-AAAAIVXwANn
Request Chain 335
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y1qf-AAAAIVXwANn
Request Chain 348
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y1qf-AAAAIVXwANn&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y1qf-AAAAIVXwANn&img=1&__user_check__=1&sync_id=db33f081-5609-11ed-9b89-10a0cca80106
Request Chain 352
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y1qf-AAAAIVXwANn&t=2592000&o=0
Request Chain 447
  • https://redirector.gvt1.com/videoplayback/id/79243673d2a75171/itag/18/source/gfp_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1666905186/sparams/ip,ipbits,expire,id,itag,source,requiressl,acao,mime,ctier/signature/585C48510B6577CA9B4B83A4BD1EAD0E522155FA.9203E03CCC3EECCC4C9EFD65A93EB7CAD680A3AB/key/ck2/file/file.mp4 HTTP 302
  • https://r2---sn-4g5ednsz.gvt1.com/videoplayback/id/79243673d2a75171/itag/18/source/gfp_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1666905186/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/0686CC0BA9BFD04555C05BC11DD2280583B09A91.262F3F01B9CE674A1AE8F1577918BF8B62E9EBFC/key/cms1/cms_redirect/yes/mh/Bl/mip/2001:1b60:1010:2:1011:fbc1:ce7e:9f47/mm/28/mn/sn-4g5ednsz/ms/nvh/mt/1666882855/mv/u/mvi/2/pl/36/file/file.mp4

508 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
content.isentia.io/
Redirect Chain
  • http://url4195.isentia.com/ss/c/_067YoyZ04BmDh2Q53dPZzcr6GGb_BdM2fKnQeXCBn2TDQFSQVujHtedB9mbxTE67SETOl7h0KNyXyHyTh1EAv7ZDxZCTeLZgSutXrYKH6WkiraHCaqO8c3cbtv5hFJHxGQlSFsohLyq7kUDKnpJfxzgVaJL2Fv0kZHYk...
  • https://content.isentia.io/?url=https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805&key=a477a53a6df...
407 B
592 B 		Document
General
Check archive.org
Download Go to
Full URL
https://content.isentia.io/?url=https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805&key=a477a53a6df01a2147d2836d6031617c&ver=1&mid=881687832
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.153.213.250 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-153-213-250.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
407
content-type
text/html
date
Thu, 27 Oct 2022 15:12:49 GMT
x-amz-apigw-id
aq3trFNmywMF02w=
x-amzn-requestid
7ff4ffa1-5d52-4d45-bb43-15f06cd5e1b5
x-amzn-trace-id
Root=1-635a9ff0-0306d49e0a97c4e904604726;Sampled=0

Redirect headers

Connection
keep-alive
Content-Length
273
Content-Type
text/html; charset=utf-8
Date
Thu, 27 Oct 2022 15:12:48 GMT
Location
https://content.isentia.io/?url=https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805&key=a477a53a6df01a2147d2836d6031617c&ver=1&mid=881687832
Server
nginx
X-Robots-Tag
noindex, nofollow
Primary Request 06ae81845d541688c402efd2ac9e7805
www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/
Redirect Chain
  • https://csp.newscdn.com.au/trustedreferrercheck.esi?url=https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2...
  • https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
  • https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fsport%2ffootball%2ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2fnews-story%2f06ae81...
  • https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
  • https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fsport%2ffootball%2ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2fnews-story%2f06ae...
  • https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd&nk=4266bc4...
286 KB
64 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd&nk=4266bc4de45aa575d451af048646f817-1666883571
Requested by
Host: content.isentia.io
URL: https://content.isentia.io/?url=https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805&key=a477a53a6df01a2147d2836d6031617c&ver=1&mid=881687832
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
d2db0db76655fac76eeafe98a1f5421ae65c0443a9bb7044b25f3ac7d59a92e9
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://content.isentia.io/?url=https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805&key=a477a53a6df01a2147d2836d6031617c&ver=1&mid=881687832
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

blaizehappened
true
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
text/html; charset=UTF-8
date
Thu, 27 Oct 2022 15:12:57 GMT
expires
Thu, 27 Oct 2022 15:12:57 GMT
host-header
a9130478a60e5f9135f765b23f26593b
is-https
true
pragma
no-cache
server
nginx
vary
User-Agent Accept-Encoding
x-akamai-transformed
9 292481 0 pmb=mTOE,2
x-arrrg4
https://content.isentia.io/
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fsport%2ffootball%2ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2fnews-story%2f06ae81845d541688c402efd2ac9e7805%3fbtr%3d23e3f2c389fc12ce08c4a6d59e7c39dd%26nk%3d4266bc4de45aa575d451af048646f817-1666883571&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=06ae81845d541688c402efd2ac9e7805&btr=23e3f2c389fc12ce08c4a6d59e7c39dd&session=4266bc4de45aa575d451af048646f817
x-bpath
OLD
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-type-options
nosniff
x-opw
4
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
sin1 0 2 9980
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-xss-protection
1

Redirect headers

cache-control
max-age=3458
content-length
154
content-type
text/html
date
Thu, 27 Oct 2022 15:12:51 GMT
etag
"33ff9d0c67eb5d47fbc47cd4b02fa26c:1652934576.471666"
location
https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd&nk=4266bc4de45aa575d451af048646f817-1666883571
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
server
AkamaiNetStorage
3db86cc719a23fa42ff177391a2d6c95
content.api.news/v3/images/bin/ 		148 KB
149 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/3db86cc719a23fa42ff177391a2d6c95
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd&nk=4266bc4de45aa575d451af048646f817-1666883571
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
a45a83e695c2ab5af8780b36fd34fdef226fbc7711a66ecd1f33fff39406a1c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:12:58 GMT
x-check-cacheable
YES
edge-cache-tag
3db86cc719a23fa42ff177391a2d6c95
content-length
151435
last-modified
Wed, 26 Oct 2022 20:39:49 GMT
server
Akamai Image Manager
x-serial
1574
etag
398e4793e581cc2fded7f3cabb551916-3db86cc719a23fa42ff177391a2d6c95-0
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5117093
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sun, 25 Dec 2022 20:37:51 GMT
charter_bold.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd&nk=4266bc4de45aa575d451af048646f817-1666883571
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-206.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

unused62
8096267
date
Thu, 27 Oct 2022 15:12:57 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
03A09A05F9B00284
etag
"c4ced7adf03d84494a6c1da275896d38"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=273914
accept-ranges
bytes
content-length
11472
x-amz-id-2
7SgQOtE5DXd+yw+muGSpBKQgUFNdC0N34VLuVoyrpGsNX+GQQMChOOxitD5N1YsghRlU3RgeUFw=
expires
Sun, 30 Oct 2022 19:18:11 GMT
charter_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_italic.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd&nk=4266bc4de45aa575d451af048646f817-1666883571
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-206.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5ffaa38b1eb97aa761378ac0ab66b43d92aa9a5706b465e5dc99ae2007b440ec

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

unused62
8096267
date
Thu, 27 Oct 2022 15:12:57 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
D2D8C5FED1731C4D
etag
"ad24be3fafec705de20c00e56afe05ae"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=110487
accept-ranges
bytes
content-length
12052
x-amz-id-2
F9ZHKgAnBk09tWfFGtJVkR2NpeEYeYl5A6ryw0e+c/gLQAp04Rx16nC+dsFJTTAPIb4D0qyY0Bg=
expires
Fri, 28 Oct 2022 21:54:24 GMT
charter_bold_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold_italic.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd&nk=4266bc4de45aa575d451af048646f817-1666883571
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-206.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

unused62
8096267
date
Thu, 27 Oct 2022 15:12:57 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
EE3D21683166F96F
etag
"da48b0752549dabb4675d82412c9cd2d"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=470435
accept-ranges
bytes
content-length
12440
x-amz-id-2
BGzA4H6MhiNFsVMRHnDid7w0RneCV9f+L69FdEMmbqtC5J6BXqShCVeo7uP6Jum7BVtWfb2VAeI=
expires
Wed, 02 Nov 2022 01:53:32 GMT
charter_regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_regular.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd&nk=4266bc4de45aa575d451af048646f817-1666883571
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-206.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

unused62
8096267
date
Thu, 27 Oct 2022 15:12:57 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
4N2W2Y6HDY8Z3Q2W
etag
"29e85ea235248e0a7761df4fe6643e1a"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=602785
accept-ranges
bytes
content-length
11372
x-amz-id-2
Z1HhaEEhR+4SW45rFV+SZJ/QiklrgDUhrbvWmFxzzpa1Kifm2MvbbI9Ateo09sYRHNLYlfgsmGM=
expires
Thu, 03 Nov 2022 14:39:22 GMT
lux.js
cdn.speedcurve.com/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.speedcurve.com/js/lux.js?id=338391603
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd&nk=4266bc4de45aa575d451af048646f817-1666883571
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
3ee455138c5a2ac218dfaef865fb6e8131490ad85d6d63492cebc49a2b335c85

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cache-hits
2
date
Thu, 27 Oct 2022 15:12:57 GMT
via
1.1 vegur, 1.1 varnish
content-encoding
gzip
age
113
x-cache
HIT
content-length
7152
x-served-by
cache-hhn4052-HHN
last-modified
Thu, 27 Oct 2022 15:11:04 GMT
server
Apache
x-timer
S1666883578.840934,VS0,VE0
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 03 Nov 2022 15:11:04 GMT
ipad-interface.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ipad-interface.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd&nk=4266bc4de45aa575d451af048646f817-1666883571
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
655f567855330a0a417f686c22d98611aa83374d3af5cf92fffdc208af48004c
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd&nk=4266bc4de45aa575d451af048646f817-1666883571
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Thu, 27 Oct 2022 15:13:09 GMT
date
Thu, 27 Oct 2022 15:12:58 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
958
x-rq
bom1 0 2 9980
last-modified
Thu, 27 Oct 2022 03:03:56 GMT
server
nginx
etag
W/"6359f51c-879"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=11
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
js-critical-desktop.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd&nk=4266bc4de45aa575d451af048646f817-1666883571
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
15eb9d05a562830f6ba89ae001b779fae5cc312c0b8b040ceda4f1f7200ea60b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd&nk=4266bc4de45aa575d451af048646f817-1666883571
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Thu, 27 Oct 2022 15:13:55 GMT
date
Thu, 27 Oct 2022 15:12:58 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
2968
x-rq
bom1 0 2 9980
last-modified
Thu, 27 Oct 2022 03:03:56 GMT
server
nginx
etag
W/"6359f51c-1dbd"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=57
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
1778f567
www.heraldsun.com.au/akam/13/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/akam/13/1778f567
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd&nk=4266bc4de45aa575d451af048646f817-1666883571
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
259e943bcf0f08b93e70dfbf8dd15025b0767564c9dee7ee2e8c9db6f73d0ab6
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd&nk=4266bc4de45aa575d451af048646f817-1666883571
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Thu, 27 Oct 2022 15:12:58 GMT
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
date
Thu, 27 Oct 2022 15:12:58 GMT
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-arrrg4
https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd&nk=4266bc4de45aa575d451af048646f817-1666883571
x-opw
4
content-length
8823
pragma
no-cache
x-bpath
OLD
blaizehappened
true
etag
"ebfc21185bd3926f8344c5adc004a8b7de01056cc146ebeb9d5073aa9f817068"
vary
User-Agent, Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fakam%2f13%2f1778f567&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=1778f567&session=4266bc4de45aa575d451af048646f817
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
heraldsun.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd&nk=4266bc4de45aa575d451af048646f817-1666883571
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5e7b471a7b5dcd0107a7a7d6e057c7a6377f258a3bf28087ce83711e0ae4826a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd&nk=4266bc4de45aa575d451af048646f817-1666883571
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Sun, 20 Nov 2022 11:28:57 GMT
date
Thu, 27 Oct 2022 15:12:57 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
3055
x-rq
sin1 0 2 9980
last-modified
Tue, 18 Oct 2022 08:59:23 GMT
server
nginx
etag
W/"634e6aeb-1f69"
vary
User-Agent
content-type
image/svg+xml
cache-control
max-age=2060160
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
barton_joe.png
news-networkeditorial.s3.ap-southeast-2.amazonaws.com/bob/authors/ 		206 KB
206 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news-networkeditorial.s3.ap-southeast-2.amazonaws.com/bob/authors/barton_joe.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd&nk=4266bc4de45aa575d451af048646f817-1666883571
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.164.175 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
5ebefb61ddc3a886e62effffdfec4bd3ee6a5d04e6db409a544443879c7fc49c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 27 Oct 2022 15:12:59 GMT
x-amz-version-id
qEjttabm9MRCZLIsQhfBT5IUIl_lPDsu
Last-Modified
Thu, 24 Jun 2021 21:20:48 GMT
Server
AmazonS3
x-amz-request-id
3695H2723PBX127G
ETag
"4a19a8b6fb7cb9f913f3df08ab3d5efe"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
210972
x-amz-id-2
ZUz7OktqpUNzX3L7cB6bSfJMEDJUCLOwkTZuOuCmj7nooPDKN7924ZIOzB8zyUl6ZKEftybdYFOPPU0Ufth0fQ==
771b2b17132975587e3f5bce6a02f719
content.api.news/v3/images/bin/ 		145 KB
146 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/771b2b17132975587e3f5bce6a02f719
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd&nk=4266bc4de45aa575d451af048646f817-1666883571
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
e51487d2b1d8fc262e5637ab968fe2dcfb8d040ae5d49b0f8c3b32d8a8a996b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:12:58 GMT
x-check-cacheable
YES
edge-cache-tag
771b2b17132975587e3f5bce6a02f719
content-length
148417
last-modified
Wed, 26 Oct 2022 20:39:34 GMT
server
Akamai Image Manager
x-serial
1166
etag
398e4793e581cc2fded7f3cabb551916-771b2b17132975587e3f5bce6a02f719-0
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5117240
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sun, 25 Dec 2022 20:40:18 GMT
f9055e87b0719b1ba37b311e5734269e
content.api.news/v3/images/bin/ 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/f9055e87b0719b1ba37b311e5734269e
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd&nk=4266bc4de45aa575d451af048646f817-1666883571
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
f1ced5e4e3b54e6fca6e6f268b7202d2b4abba59bbe68ba88d30fe6287242a78

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:12:58 GMT
x-check-cacheable
YES
edge-cache-tag
f9055e87b0719b1ba37b311e5734269e
content-length
79361
last-modified
Wed, 26 Oct 2022 20:39:33 GMT
server
Akamai Image Manager
x-serial
1607
etag
b8227fa44a6a0cc3ee8966b6d17087a8-f9055e87b0719b1ba37b311e5734269e-0
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5117136
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sun, 25 Dec 2022 20:38:34 GMT
heraldsun-white.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun-white.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd&nk=4266bc4de45aa575d451af048646f817-1666883571
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd&nk=4266bc4de45aa575d451af048646f817-1666883571
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Sun, 20 Nov 2022 11:30:00 GMT
date
Thu, 27 Oct 2022 15:12:57 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
2891
x-rq
sin1 0 2 9980
last-modified
Mon, 26 Sep 2022 08:35:09 GMT
server
nginx
etag
W/"6331643d-1e5e"
vary
User-Agent
content-type
image/svg+xml
cache-control
max-age=2060223
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
amp-story-player-v0.css
cdn.ampproject.org/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/amp-story-player-v0.css?ver=v0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd&nk=4266bc4de45aa575d451af048646f817-1666883571
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5e2ca77a43ecfab315c2404e0c40c56453692fe70fc9205cb46fc06556ef834
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 27 Oct 2022 15:12:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
433
x-xss-protection
0
server
sffe
etag
"12fe0f140aecbdd5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 27 Oct 2022 15:12:57 GMT
/
www.heraldsun.com.au/_static/ 		98 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/_static/??-eJzTLy/QzcxLzilNSS3WzwKiwtLUokoopZebmaeXVayjj0+Rbm5melFiSSpUsX2uraGZmZmBpaWFsWUWAK/EIjE=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd&nk=4266bc4de45aa575d451af048646f817-1666883571
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
75839e3ea0cd949a33dc21dd8b0931f396829fea8e0e3148b576b1228f40e469
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd&nk=4266bc4de45aa575d451af048646f817-1666883571
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date
Thu, 27 Oct 2022 15:12:58 GMT
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
100749
x-rq
sin1 0 2 9980
last-modified
Tue, 18 Oct 2022 13:30:39 GMT
server
nginx
vary
User-Agent
content-type
application/javascript
cache-control
max-age=0
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Thu, 27 Oct 2022 15:12:58 GMT
adblock.js
tags.news.com.au/prod/adblock/ 		102 B
345 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/adblock/adblock.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd&nk=4266bc4de45aa575d451af048646f817-1666883571
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-169.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ce227a433689c18ee8ee40b39f9998aba7e64d917be1f263bdfc39c134bc6556

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
application/x-javascript
date
Thu, 27 Oct 2022 15:12:57 GMT
cache-control
max-age=37277
server
AkamaiNetStorage
etag
"bebf5f8dc74222b04669a0854d13b696:1634099175.124073"
content-length
102
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
css-logos.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-logos.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd&nk=4266bc4de45aa575d451af048646f817-1666883571
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd&nk=4266bc4de45aa575d451af048646f817-1666883571
Origin
https://www.heraldsun.com.au
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Thu, 27 Oct 2022 15:12:59 GMT
date
Thu, 27 Oct 2022 15:12:58 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
1537
x-rq
sin2 0 2 9980
last-modified
Mon, 17 Oct 2022 04:47:37 GMT
server
nginx
etag
W/"634cde69-2b9b"
vary
User-Agent
content-type
text/css
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
app.css
www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/ 		0
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/app.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd&nk=4266bc4de45aa575d451af048646f817-1666883571
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd&nk=4266bc4de45aa575d451af048646f817-1666883571
Origin
https://www.heraldsun.com.au
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Thu, 27 Oct 2022 15:13:02 GMT
date
Thu, 27 Oct 2022 15:12:58 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
6236
x-rq
hkg1 0 2 9980
last-modified
Mon, 17 Oct 2022 23:26:09 GMT
server
nginx
etag
W/"634de491-7b68"
vary
User-Agent
content-type
text/css
cache-control
max-age=4
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
theme.css
www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/theme.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd&nk=4266bc4de45aa575d451af048646f817-1666883571
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd&nk=4266bc4de45aa575d451af048646f817-1666883571
Origin
https://www.heraldsun.com.au
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Thu, 27 Oct 2022 15:12:59 GMT
date
Thu, 27 Oct 2022 15:12:58 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
894
x-rq
hkg1 0 2 9980
last-modified
Mon, 17 Oct 2022 23:26:09 GMT
server
nginx
etag
W/"634de491-b62"
vary
User-Agent
content-type
text/css
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
loader.js
cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/ 		239 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd&nk=4266bc4de45aa575d451af048646f817-1666883571
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8188ff50ea4ff59081b721c9b437f30a77d68852ed13a3c0b8a559dd7625ed0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
fRauxR20bzeDYJbYrYgOKZOKs7JDqwOW
content-encoding
gzip
via
1.1 varnish
date
Thu, 27 Oct 2022 15:12:57 GMT
x-amz-request-id
P73PT73Y4TERCPSC
age
21592
x-cache
HIT
content-length
35957
x-amz-id-2
pAVJMLxZGNz5vuV/yWXchhCN/KWnjs+bAjqFqzckYpXFUhVJAlEBSBrRKf99tG8un3HFyETkcZw=
x-served-by
cache-hhn4038-HHN
last-modified
Thu, 27 Oct 2022 09:11:45 GMT
server
AmazonS3
x-timer
S1666883578.836066,VS0,VE17
etag
"4f1beace97cc8bdfcac776996511b66e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
45
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
comments-count
mhr.talk.news.com.au/api/v1/ 		40 B
375 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mhr.talk.news.com.au/api/v1/comments-count?ids=06ae81845d541688c402efd2ac9e7805
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx/1.20.1 /
Resource Hash
bd9445fa686f1cff655cd858429c51fe9e188c33a289ee913a8d0949a791a689
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 27 Oct 2022 15:12:59 GMT
server
nginx/1.20.1
etag
W/"28-e/L+7KpZ7v3jvlrfVZDzwNfX5Fw"
x-download-options
noopen
x-dns-prefetch-control
off
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-talk-trace-id
d79edb00-5609-11ed-91fe-bb6f306b5d80
content-length
60
x-xss-protection
1; mode=block
title-arrow.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		540 B
873 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-206.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

unused62
8096267
date
Thu, 27 Oct 2022 15:12:57 GMT
last-modified
Wed, 16 Sep 2020 23:56:43 GMT
server
AmazonS3
x-amz-request-id
4R7K4V2MCP8N6R9R
etag
"4d7595f832e4962b83a9428c3723233b"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=216433
accept-ranges
bytes
content-length
540
x-amz-id-2
yFp+J8podmJKYyKRfQ/R6sCdmNKmc7oSxu2WJJo8l7sTrFyLYOhTILB0ssSzjaQiADalzLa82Ug=
expires
Sun, 30 Oct 2022 03:20:10 GMT
title-arrow-white.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		535 B
870 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow-white.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-206.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

unused62
8096267
date
Thu, 27 Oct 2022 15:12:57 GMT
last-modified
Thu, 17 Sep 2020 00:28:25 GMT
server
AmazonS3
x-amz-request-id
BX6X5G9GEK1G9M4M
etag
"b0f5ec7455ded53e84de4fee006a5110"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=354155
accept-ranges
bytes
content-length
535
x-amz-id-2
DaJA+c3KcMZ/NSCnfYFtodFhl20AOf2rAAm9dMwdtqM4FPtgkxYVKxyt+50eW/YJb1+mPpYz97g=
expires
Mon, 31 Oct 2022 17:35:32 GMT
icon-chevron-default.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		586 B
906 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/icon-chevron-default.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-206.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
65d0ee95aa02438b70f870b09db5d41c4ce2b7faa5e9af574cd30b552773f986

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:12:57 GMT
last-modified
Wed, 17 Nov 2021 04:48:47 GMT
server
AmazonS3
x-amz-request-id
RQSF5WQQPMJ96E65
etag
"7cebf19c244f62cfdb05f0c375f1aef7"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=518295
accept-ranges
bytes
content-length
586
x-amz-id-2
zbBDU4sqgHkmYMgILs/fK+Gs0M/M+QVcecQsaonsy/VXCYvaGnSMCf3p70HsqUpZNW+Jp4sI6j4=
expires
Wed, 02 Nov 2022 15:11:12 GMT
source-sans-pro-regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-regular.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-206.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

unused62
8096267
date
Thu, 27 Oct 2022 15:12:57 GMT
last-modified
Tue, 01 Sep 2020 04:31:33 GMT
server
AmazonS3
x-amz-request-id
34B4778288C88CAA
etag
"899c8f78ce650d4009d42443897aa723"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=246340
accept-ranges
bytes
content-length
16112
x-amz-id-2
0V9i/JC3jV0uO9z1+RHGizGZNe8ea4s0M3lvOab3o97ikLfxhLYoNjWrU3t9GbdAE8O37bCHHcA=
expires
Sun, 30 Oct 2022 11:38:37 GMT
source-sans-pro-600.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-600.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-206.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

unused62
8096267
date
Thu, 27 Oct 2022 15:12:57 GMT
last-modified
Tue, 22 Sep 2020 06:30:09 GMT
server
AmazonS3
x-amz-request-id
B9F079BFD69B8BC1
etag
"c85615b296302af51e683eecb5e371d4"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=70299
accept-ranges
bytes
content-length
15948
x-amz-id-2
DPCyCCKT0juTREQMOkBTQL82bK8sJ1cHlMUrULDEc9V9ZluCRM4RuSFSdOhDVMhG9DNYyK1s4MM=
expires
Fri, 28 Oct 2022 10:44:36 GMT
load.js
widget.perfectmarket.com/newscorpau-aud-heraldsun/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/newscorpau-aud-heraldsun/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c6b30be9e2ecab19294bbf313c1b95df4ef35c8299bbabfd6e4ec67d95a12376

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
7clDTlv1b9nqXkJZmi.ciVRIswky16L3
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Thu, 27 Oct 2022 15:12:58 GMT
x-amz-request-id
25NYMZVFWTZSDFTK
age
224
x-cache
HIT, HIT
content-length
1123
x-amz-id-2
OVMfBzJf8N8GM+YMiyREUEDdYJzV5VIXEi92BTkW6Xdb3NTH56AeM0cQ+P07WM31z9dtHnx87fA=
x-served-by
cache-lax10672-LGB, cache-hhn4020-HHN
last-modified
Tue, 07 Apr 2020 10:39:09 GMT
server
AmazonS3
x-timer
S1666883578.042842,VS0,VE1
etag
"1a868d280f9424f5d82876d6cf0c46b9"
vary
Accept-Encoding,,
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
x-cache-hits
2, 1
impl.20221027-5-RELEASE.js
cdn.taboola.com/libtrc/ 		689 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20221027-5-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
76fb84dfacef2ef054184f19c651a9008e066dbec8731f8adf4c55b0ad6056c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
BjjXE0gi1bW1QUckQ2VEE53dRdDA6BlA
content-encoding
br
via
1.1 varnish
date
Thu, 27 Oct 2022 15:12:57 GMT
x-amz-request-id
QBK2GE10668V79NW
age
23584
x-cache
HIT
content-length
145870
x-amz-id-2
Dh5IZ0ieu5kcfOk8v/+fOPe3guajGmbdtK332jORdnKw6nXLfeFTldGsKpJ/FhB0kuGhWOsoI00=
x-served-by
cache-hhn4038-HHN
last-modified
Thu, 27 Oct 2022 08:32:02 GMT
server
AmazonS3-br
x-timer
S1666883578.936711,VS0,VE0
etag
"9229a369a59a811b2bcc6c3d23eacdaa"
vary
Accept-Encoding
content-type
application/javascript
abp
65
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
22492
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-3.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 04:05:47 GMT
content-encoding
gzip
via
1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
40031
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
9QEcsKeHUReRkz8vApqdLsubKYNUfIM0JDomMJ8DJOfkCE-Swon4tQ==
all.css
use.fontawesome.com/releases/v5.6.3/css/ 		52 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:12:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
J1ZVDTZMYJ3HP20V
age
1217781
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
6C4Bq20qPceteeCurKZQhEsm3BvMdnQ17oQcjlEzLAW3QyU405TBSEQzSIk+ahVz/ngavY7SS24=
last-modified
Wed, 30 Jun 2021 15:44:33 GMT
server
cloudflare
etag
W/"dc93d584e41f8417f6b7163320d34329"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qqA97xyOmaTgAu6wDm8XKxv0esmsHF6s2iYYr4Gyg3CYHgGB%2Btiln%2Bsm19ZzkYnTdPc3zj%2Fadr8nLD2hzArsU93RLu4TA12j7Mqsfs3caCu8KVYloG1iBaY0v570aIWkTc6WG%2BwiFz35sE3bVFqAwOMm"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
760c5f7c3bdc7160-DUS
pmk-202003261.4.js
widget.perfectmarket.com/newscorpau-aud-heraldsun/ 		111 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/newscorpau-aud-heraldsun/pmk-202003261.4.js
Requested by
Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/newscorpau-aud-heraldsun/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6f9b28ce46bc46d6dc12b7a3e09437e46b159144cf7ea835cfd4702cad05ad8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
vvUnpxiCp2d1vGKAsSzC893juA9_vk_J
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Thu, 27 Oct 2022 15:12:58 GMT
x-amz-request-id
95AXQ3ATR4MPC3PD
age
1397521
x-cache
HIT, HIT
content-length
30954
x-amz-id-2
Qd6Mf2k0Tj7hH4/LF3S+DtgBCq38twAnGi3MUjksKijU4qkTqBu/DIQs9s0DPqALCaYsQ282AnM=
x-served-by
cache-lax10625-LGB, cache-hhn4020-HHN
last-modified
Tue, 07 Apr 2020 10:39:09 GMT
server
AmazonS3
x-timer
S1666883578.143988,VS0,VE1
etag
"b7fcedf037c57085d364b689ca46f32e"
vary
Accept-Encoding,,
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
2960, 1
b
sb.scorecardresearch.com/ 		0
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1666883578099&ns_c=UTF-8&c7=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&c8=FIFA%20World%20Cup%20Qatar%3A%20Socceroos%20protest%20human%20rights%20abuses%20%7C%20Herald%20Sun&c9=https%3A%2F%2Fcontent.isentia.io%2F
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-3.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:12:58 GMT
via
1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
PotWOLIj_47Z0axKyEV-lZL0Q9pnXbEBGmSKCDK-y3NwxGFpm4MfdQ==
x-cache
Miss from cloudfront
v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
bedsberry.com/ 		92 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:809c::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
a48e78549a25df920e68196b20ef5966b2ff90f6424de8ff8b8e01783d3210a1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Thu, 27 Oct 2022 15:12:58 GMT
x-datacenter
gce-europe-west1
etag
"850647974e18cd3fd93b1938a95a7749b77c77015926b8e131cf55cb86de2ac0"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-spot-lv9m
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
673376020
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
json
trc.taboola.com/newscorpau-aud-heraldsun/trc/3/ 		11 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/newscorpau-aud-heraldsun/trc/3/json?tim=15%3A12%3A58.356&lti=deflated&data=%7B%22id%22%3A669%2C%22ii%22%3A%22%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1666861898809%2C%22vi%22%3A1666883578346%2C%22cv%22%3A%2220221027-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.dailytelegraph.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd%22%2C%22vpi%22%3A%22%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%22%2C%22e%22%3A%22https%3A%2F%2Fcontent.isentia.io%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A6004%2C%22qs%22%3A%22%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-bc-desktop-article-02-native%3Aabp%3D0%22%2C%22uip%22%3A%22Desktop%20Below%20Article%20Native%22%2C%22orig_uip%22%3A%22Desktop%20Below%20Article%20Native%22%2C%22cd%22%3A4686.84375%2C%22mw%22%3A705.203125%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A4686.84375%2C%22mw%22%3A705.203125%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%2CBelow%20Article%20Thumbnails%3Dalternating-thumbnails-a%3Aabp%3D0%2C%2CDesktop%20Below%20Article%20Native%3Dthumbnails-bc-desktop-article-02-native%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221027-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3bb2198e310efd09a1f2ae88c262d7ce175c3c14dae0f63b3f75c61655122348

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
185
date
Thu, 27 Oct 2022 15:12:58 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-hhn4038-HHN
server
nginx
x-timer
S1666883578.414940,VS0,VE185
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.heraldsun.com.au
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
css-metro-desktop-lazy.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		55 B
762 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css?v=25
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Thu, 27 Oct 2022 15:12:59 GMT
date
Thu, 27 Oct 2022 15:12:58 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
74
x-rq
sin1 0 2 9980
last-modified
Mon, 24 Oct 2022 01:40:30 GMT
server
nginx
etag
"6355ed0e-37"
vary
User-Agent
content-type
text/css
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
rampart.js
www.heraldsun.com.au/remote/identity/rampart/latest/ 		277 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d4a2fce65d2d504b230a33f50280f034564461cdf46d929ef540790208f8df47
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
date
Thu, 27 Oct 2022 15:12:58 GMT
server
AkamaiNetStorage
etag
"b4a3b9b58bfcfee5da16aa61754376ea:1658294497.988769"
vary
User-Agent, Accept-Encoding
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
application/x-javascript
cache-control
max-age=951
is-https
true
x-opw
4
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Thu, 27 Oct 2022 15:28:49 GMT
js-metro-desktop-lazy.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		96 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?v=25
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
098d0c759acc49ed9d0fb0e7d8a1e3676e8eed1898d5d6cf06395f683f0ef1f4
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Thu, 27 Oct 2022 15:13:24 GMT
date
Thu, 27 Oct 2022 15:12:58 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
29735
x-rq
sin1 0 2 9980
last-modified
Thu, 27 Oct 2022 01:34:21 GMT
server
nginx
etag
W/"6359e01d-180c7"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=26
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
player.js
resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/ 		365 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-206.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
122555f4724a53c48c7d7cf01b7a433c6b7a51b8b27f6ede1517a6d40da35b93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:12:58 GMT
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 02:52:12 GMT
server
AmazonS3
x-amz-request-id
83RWAYNZ5XAVCDD3
etag
"c488825a717c0c64ac7e9d7651e50d78"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=304
accept-ranges
bytes
content-length
82559
x-amz-id-2
x/HKPiYuz7y5C4mKX0yDKgsMyEHLoZFBID0d3kBA9b+XGtq2q7eFCz82qoqjrzdGRgQK2i0G8Fk=
expires
Thu, 27 Oct 2022 15:18:02 GMT
css-logos.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-logos.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
475f9b9e50c213ab87b0d034da76de7ebc7e2eb9cd1fe856c7f21769e856bbcc
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Thu, 27 Oct 2022 15:12:59 GMT
date
Thu, 27 Oct 2022 15:12:58 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
1537
x-rq
sin2 0 2 9980
last-modified
Mon, 17 Oct 2022 04:47:37 GMT
server
nginx
etag
W/"634cde69-2b9b"
vary
User-Agent
content-type
text/css
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
widgets.js
platform.twitter.com/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6762) /
Resource Hash
9bd8dcc115a0e9fce94520cecad5254352b86d55bca2506833057bb52e87ee1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 27 Oct 2022 15:12:58 GMT
Content-Encoding
gzip
Age
240
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
29223
Last-Modified
Wed, 28 Sep 2022 20:05:37 GMT
Server
ECS (frb/6762)
Etag
"f26384f93da6974ed577808dfa1fede5+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
js-weather.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-weather.js?v=25
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1915a6c3f9f643007a1ae96227d6df7c638f9ae1031b7d8faf99e1f6f3b397bb
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Thu, 27 Oct 2022 15:12:59 GMT
date
Thu, 27 Oct 2022 15:12:58 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
2149
x-rq
sin1 0 2 9980
last-modified
Mon, 24 Oct 2022 01:40:29 GMT
server
nginx
etag
W/"6355ed0d-1973"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
cta-component.20221027-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/cta-component.20221027-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8ea0aaf2511d214661b9e5b7defb908759463a38a00a03078d0f99b44a64a954

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
oWWqj7qU_Zp3JqTWOFhsZotx4zYVwD4N
content-encoding
gzip
via
1.1 varnish
date
Thu, 27 Oct 2022 15:12:58 GMT
x-amz-request-id
D03VNVPCJA918EXQ
age
22
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5107
x-amz-id-2
PLXfs+kdpXYBFHribbwWpuDkhTGVX/xvdYvKY/0N9+bzeQ5+C/0DCkpLnrf47W0W5lB3l5c3g4s=
x-served-by
cache-hhn4038-HHN
last-modified
Thu, 27 Oct 2022 15:12:36 GMT
server
AmazonS3
x-timer
S1666883579.678964,VS0,VE0
etag
"0bb27cc0ba677d2b599cf52b02afe5c0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
65
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
10
userx.20221027-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20221027-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58f4f467e807cc93c31862bed54b92f99371bd9cd325b7d73e9a76c01be40ac5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
02z2jJWK844x3_eo8C9uyMQbkjmJJbhf
content-encoding
gzip
via
1.1 varnish
date
Thu, 27 Oct 2022 15:12:58 GMT
x-amz-request-id
X3FYES6F05HW2ZBT
age
1064
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
tGbk5DAG9K426LEOzje8ceqSDs8Y/8jvDVxNhkx0z+JNmMK0dSsPji69gv+zTe14R2wRkiwjKas=
x-served-by
cache-hhn4038-HHN
last-modified
Thu, 27 Oct 2022 14:55:11 GMT
server
AmazonS3
x-timer
S1666883579.680143,VS0,VE0
etag
"cc52f0fdc295c866c6072be539d97d42"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
65
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
272
social
am-trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/ 		0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/social?route=AM:AM:V&lti=deflated&ri=4f7409ecd2d627636c1a323a2d674b54&sd=v2_db71b15ffda1b93bac026227b46cfc94_4f464d79-e4e7-4701-9c99-6153d7c32bee-tucta54257a_1666883578_1666883578_CJrkkBYQgPNHGOrTg9DBMCABKAEwODib4wlAiIoQSMWG2ANQouwQWABgAGi0ovD79tOEkd4BcAA&ui=4f464d79-e4e7-4701-9c99-6153d7c32bee-tucta54257a&pi=/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805&wi=-8549985283888529367&pt=text&vi=1666883578346&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.dailytelegraph.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%22%2C%22rref%22%3A%22https%3A%2F%2Fcontent.isentia.io%2F%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Socceroos%E2%80%99%20world-first%20World%20Cup%20protest%22%2C%22sec%22%3A%22sport%22%2C%22aut%22%3A%5B%22Joe%20Barton%22%5D%2C%22img%22%3A%22https%3A%2F%2Fcontent.api.news%2Fv3%2Fimages%2Fbin%2F9d29d4d4add8ea88549e2064319abe56%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=15%3A12%3A58.632&id=933&llvl=2&cv=20221027-5-RELEASE&
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 27 Oct 2022 15:12:58 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
authorize
login.newscorpaustralia.com/ Frame 7D88 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=j5DzYNJJ6.HhVPc20dSS-I3npCrlV5h_&nonce=QB_UcEaV5nGF60qvVLHf9nm7B4Ji9_kP&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xOS4wIn0%3D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.241.50 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-50.deploy.static.akamaitechnologies.com
Software
cloudflare /
Resource Hash
e23c6bbc65b809067783c54fb860efd9bbf6bfc1985961d7a42fb2ccbb4692bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
760c5f804b39bb3e-FRA
content-encoding
gzip
content-length
810
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://login.newscorpaustralia.com/csp-reports
content-type
text/html;charset=UTF-8
date
Thu, 27 Oct 2022 15:12:59 GMT
expires
Thu, 27 Oct 2022 15:12:59 GMT
ot-baggage-auth0-request-id
760c5f804b39bb3e
ot-tracer-sampled
true
ot-tracer-spanid
5faeb3f83258aad5
ot-tracer-traceid
5c09afe807142434
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000
traceparent
00-00000000000000005c09afe807142434-5faeb3f83258aad5-01
tracestate
auth0-request-id=760c5f804b39bb3e,auth0=true
vary
Accept-Encoding
x-akamai-transformed
9 539 0 pmb=mTOE,3
x-auth0-requestid
731932bff41b98b7936a
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1666883580
utag.sync.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.sync.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9c3f3e3a92851510d35e3925f9974ef2fa291b988bfc206f93f75782641a7cef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:12:59 GMT
content-encoding
gzip
last-modified
Mon, 10 Oct 2022 03:44:56 GMT
server
AkamaiNetStorage
etag
"ab3cd326d66a657c84c1d367ff0fd072:1665373496.039565"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
1552
expires
Thu, 27 Oct 2022 15:17:59 GMT
utag.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		81 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
b8051b699814854101bcef9e76eae29fd82782892473478215e7a8d63891bf78

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:12:59 GMT
content-encoding
gzip
last-modified
Mon, 10 Oct 2022 03:44:55 GMT
server
AkamaiNetStorage
etag
"8182e94712ffbcdc04005f2c2f1606ec:1665373495.865001"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
21263
expires
Thu, 27 Oct 2022 15:17:59 GMT
js-c3po-bundle.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		191 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-c3po-bundle.js?v=25
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2f9fe749a15b11e399b3bae73ac9f279898d8f76eee2d9b5a8b93d8515ac9baf
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Thu, 27 Oct 2022 15:13:01 GMT
date
Thu, 27 Oct 2022 15:12:58 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
45687
x-rq
bom1 0 2 9980
last-modified
Wed, 19 Oct 2022 07:06:13 GMT
server
nginx
etag
W/"634fa1e5-2fc54"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=3
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
js-vidora-client.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js?v=25
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c48d84ea72bdf23ea897b9dd43e24f1fd0d45c5d18f2517770c1656656728b00
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Thu, 27 Oct 2022 15:12:59 GMT
date
Thu, 27 Oct 2022 15:12:58 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
3397
x-rq
bom1 0 2 9980
last-modified
Thu, 27 Oct 2022 03:03:56 GMT
server
nginx
etag
W/"6359f51c-215f"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
99d8aa10dc0cf5adf878e9c13eba0e3f.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/99d8aa10dc0cf5adf878e9c13eba0e3f.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
25b3b9ad56e18305a476430a8c0b549406d2ff1f153ece49414bf276684b88a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 27 Oct 2022 15:12:58 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/99d8aa10dc0cf5adf878e9c13eba0e3f.png
age
3181828
edge-cache-tag
417287080839050798630284880634359290678,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag
417287080839050798630284880634359290678,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
516
req-referer
https://greedyfinance.com/
content-length
13114
x-request-id
48c37752fd8e24962a98a9ea17ac0b28
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kiad7000094-IAD, cache-iad-kjyo7100057-IAD, cache-sna10720-LGB, cache-iad-kiad7000111-IAD, cache-hhn4038-HHN
last-modified
Mon, 29 Aug 2022 12:50:26 GMT
server
nginx
x-timer
S1666883579.717111,VS0,VE1
etag
"566a4d92c7ef05a66f43fe79300dab1f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 674, 1
58290b9b28340f46e6581b122bcde038
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content.api.news/v3/images/bin/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content.api.news/v3/images/bin/58290b9b28340f46e6581b122bcde038
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
27d95ac0b1bb36eae21edb5f8675879e58b778a6570a2a84acb2aae926df6950

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 27 Oct 2022 15:12:58 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content.api.news/v3/images/bin/58290b9b28340f46e6581b122bcde038
age
13106
edge-cache-tag
530612834414870457359151238815703058223,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag
530612834414870457359151238815703058223,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
HIT, HIT, HIT
fastly-restarts
1
content-length
5491
x-request-id
22a05e7aa3e8ff24b43040c6e54e617e
x-backend-name
CLOUDINARY-FALLBACK:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
x-served-by
cache-iad-kjyo7100028-IAD, cache-iad-kjyo7100028-IAD, cache-hhn4038-HHN
last-modified
Thu, 27 Oct 2022 07:25:35 GMT
server
cloudinary
x-timer
S1666883579.717092,VS0,VE1
etag
"69839f6d7efde519ddd1e1bebe7dc3bd"
vary
ImageFormat
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 5, 1
a91b4dc6bcc3b2bb407d61f327222f4d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a91b4dc6bcc3b2bb407d61f327222f4d.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3d5d6153a9539a9427e4d6fc41002b8f1d07ed2c44d8f22368a2c09d90390458

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 27 Oct 2022 15:12:58 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a91b4dc6bcc3b2bb407d61f327222f4d.jpg
age
1396369
edge-cache-tag
622234935141412222320964378129717656097,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag
622234935141412222320964378129717656097,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
85
expiration
expiry-date="Tue, 25 Oct 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.fanatik.com.tr/
content-length
15104
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kcgs7200127-IAD, cache-iad-kjyo7100150-IAD, cache-lga21931-LGA, cache-iad-kjyo7100053-IAD, cache-hhn4038-HHN
last-modified
Sat, 24 Sep 2022 05:32:46 GMT
server
nginx
x-timer
S1666883579.717131,VS0,VE1
etag
"da84917653cbab0c262f5a0e3d7af084"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 87, 1
a82433518bf745894af4af5045ea4c6a
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content.api.news/v3/images/bin/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content.api.news/v3/images/bin/a82433518bf745894af4af5045ea4c6a
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7e3c269ea742714082e696fe8b28a6a1768403fd2582c795bc58d522fe690c77

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 27 Oct 2022 15:12:58 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content.api.news/v3/images/bin/a82433518bf745894af4af5045ea4c6a
age
23902
edge-cache-tag
490421033618063569756544474681680054037,572111196681019971487773214107964106610,29ecf9b93bbf306179626feeda1fab70
cache-tag
490421033618063569756544474681680054037,572111196681019971487773214107964106610,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
498
req-referer
https://www.news.com.au/
content-length
6894
x-request-id
68565c63fbc7a957d15ce376b0b5dbb6
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kjyo7100162-IAD, cache-iad-kjyo7100125-IAD, cache-lax10661-LGB, cache-iad-kcgs7200109-IAD, cache-hhn4038-HHN
last-modified
Thu, 27 Oct 2022 08:10:43 GMT
server
nginx
x-timer
S1666883579.717218,VS0,VE1
etag
"6afb6e10fa32883aecde7d6a9ab3dafc"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
f661d23f1e01fa77ff5366d23c9b7988.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f661d23f1e01fa77ff5366d23c9b7988.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a52135ae04fbea7dcd0601f57e1c46efb75130f26aa71844c9afffc03cde6f5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 27 Oct 2022 15:12:58 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f661d23f1e01fa77ff5366d23c9b7988.png
age
2456510
edge-cache-tag
558499550552370871337501835260850092379,572111196681019971487773214107964106610,29ecf9b93bbf306179626feeda1fab70
cache-tag
558499550552370871337501835260850092379,572111196681019971487773214107964106610,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
124
req-referer
https://www.fanatik.com.tr/
content-length
8614
x-request-id
c328e62ae89a19b1825772570fa24881
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kcgs7200041-IAD, cache-iad-kcgs7200135-IAD, cache-lax10675-LGB, cache-iad-kcgs7200067-IAD, cache-hhn4038-HHN
last-modified
Tue, 13 Sep 2022 09:16:38 GMT
server
nginx
x-timer
S1666883579.717522,VS0,VE1
etag
"0fa8d302741f81db746b5d3a67b5bd31"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 11, 1
f7f111db8e0df8e36069e5cff4345589
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content.api.news/v3/images/bin/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content.api.news/v3/images/bin/f7f111db8e0df8e36069e5cff4345589
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0a29073d2edd5ca06430c459d7abfa00a625bda902c13d017194c0915fa32af2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 27 Oct 2022 15:12:58 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content.api.news/v3/images/bin/f7f111db8e0df8e36069e5cff4345589
age
395510
edge-cache-tag
504863802253241309917590767684661911692,572111196681019971487773214107964106610,29ecf9b93bbf306179626feeda1fab70
cache-tag
504863802253241309917590767684661911692,572111196681019971487773214107964106610,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
392
req-referer
https://www.news.com.au/
content-length
8416
x-request-id
c1849c51e4d4460e83210917c2247148
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kjyo7100082-IAD, cache-iad-kiad7000119-IAD, cache-chi-kigq8000121-CHI, cache-iad-kcgs7200113-IAD, cache-hhn4038-HHN
last-modified
Sun, 23 Oct 2022 00:09:22 GMT
server
nginx
x-timer
S1666883579.717595,VS0,VE1
etag
"3879af333c8363853fea24bcd5bc4f85"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 7, 1
skeleton.js
static.adsafeprotected.com/ 		17 B
465 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: bedsberry.com
URL: https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 02:01:00 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
10242719
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
woP4elwOFz17dWq_d6J1Cct5-hwgJYFogpSoKaHuSrtqc-n3fU1DNQ==
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
widget_iframe.7dae38096d06923d683a2a807172322a.html
platform.twitter.com/widgets/ Frame 2274 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fwww.heraldsun.com.au
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67E0) /
Resource Hash
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
620943
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105445
Content-Type
text/html; charset=utf-8
Date
Thu, 27 Oct 2022 15:12:58 GMT
Etag
"50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified
Wed, 28 Sep 2022 20:04:27 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67E0)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
player.css
resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/ 		243 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.css
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-206.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5f2343b407e20e1a499bd99cf3049f006214a0fca7f697679b4075804c3ba153

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:12:58 GMT
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 02:52:12 GMT
server
AmazonS3
x-amz-request-id
RW9P84CYTSFJH52M
etag
"dd00f908fa9aafa8014c4e872a90077f"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=688
accept-ranges
bytes
content-length
39714
x-amz-id-2
pYUa4z4ZGuneXrzUtZECtT3R/UsYob7SwQm7tMkN7K/E+DHd+LRRew18W8bVZeM4HaeBlahQMT4=
expires
Thu, 27 Oct 2022 15:24:26 GMT
index.min.js
players.brightcove.net/5348771529001/938M1Zecs_default/ 		931 KB
250 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://players.brightcove.net/5348771529001/938M1Zecs_default/index.min.js
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.37 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-37.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
714f6738376a61459e39558628b73496acaabd5b90516c8bff2b44b7b36609a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
PeOMqIIQk0AX.dt12S5B9WegUKTCIoLY
Content-Encoding
gzip
Date
Thu, 27 Oct 2022 15:12:58 GMT
x-amz-request-id
NDFM43WRKZ2HB8D8
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
255199
x-amz-id-2
kusrS/vmYsiPqiH3ydbwQojRoMbBMMFUHx8nwEGuTPc2Fa2wtF1I+i9gZcxQupp4ywXna04c5PY=
X-BCOV-Response-Mode
1
X-Served-By
cache-hhn4024-HHN
Last-Modified
Mon, 18 Jul 2022 05:27:06 GMT
Server
AmazonS3
X-Timer
S1658122051.334052,VS0,VE1
ETag
"ee60f1c90237e0fc32d8071fe73d0e86"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=92
Accept-Ranges
bytes
X-Cache-Hits
1
MediaSDK.min.js
tags.news.com.au/prod/heartbeat/v2.2.0/ 		175 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/heartbeat/v2.2.0/MediaSDK.min.js
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-169.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
bba3f2b1cf65dc4992fad83fefe41ea84164c5be9307acbba7ab1179c26597a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:12:58 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"c347a09f51bb895d757c5e600ad18d57:1565826404"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=11745
content-length
35262
vans-adapter-google-ima.js
static.adsafeprotected.com/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/vans-adapter-google-ima.js
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1dd93cc3f1638f369af566115ae74546e64bdafc4319d9853b5c15a3d3f4970

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
4UvdbwUsN2CunQyNARaRw4ABpoiv.VmX
content-encoding
gzip
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
date
Mon, 24 Oct 2022 12:32:52 GMT
x-amz-cf-pop
FRA53-C1
age
268807
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 08 Jul 2021 19:25:58 GMT
server
AmazonS3
etag
W/"8ec0c211dda60907ae57f46e621bc794"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
8cZL5k49JlSACltcFPDPhHh1YwcduSt8byj-zrWrem_dWvsbVEzWPg==
vidora-client.1.x.x.min.js
assets.vidora.com/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:b600:4:77d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c5660f641ca8b2a795f976360ed032a7226aa4aee2ac8cad40723938f824790

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
date
Thu, 27 Oct 2022 04:50:26 GMT
last-modified
Fri, 29 Apr 2022 19:16:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
37355
x-amz-server-side-encryption
AES256
etag
W/"5953e20bb28e3a3f613e0cb6e8fbacfb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=86400
x-amz-cf-id
ogvxzxN1BdNJrgtmYouT-cFT7q4uzfHKx6RaTRkT4cvEEXUSMkHNLg==
3000
www.heraldsun.com.au/wp-json/api/weather/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-json/api/weather/3000
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?v=25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
41f6a76ac799badee361b54d1ca83356e668070afdc634cfe91acd680727b0f5
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date
Thu, 27 Oct 2022 15:12:59 GMT
x-content-type-options
nosniff
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
1681
x-rq
sin1 0 2 9980
server
nginx
vary
User-Agent
allow
GET
content-type
application/json; charset=UTF-8
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
max-age=12
x-robots-tag
noindex
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Thu, 27 Oct 2022 15:13:11 GMT
abtests
am-trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/abtests?route=AM:AM:V&lti=deflated&ri=4f7409ecd2d627636c1a323a2d674b54&sd=v2_db71b15ffda1b93bac026227b46cfc94_4f464d79-e4e7-4701-9c99-6153d7c32bee-tucta54257a_1666883578_1666883578_CJrkkBYQgPNHGOrTg9DBMCABKAEwODib4wlAiIoQSMWG2ANQouwQWABgAGi0ovD79tOEkd4BcAA&ui=4f464d79-e4e7-4701-9c99-6153d7c32bee-tucta54257a&pi=/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805&wi=-8549985283888529367&pt=text&vi=1666883578346&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22cta-lazy-module%22%2C%22type%22%3A%22%7B%5C%22v%5C%22%3A%5C%222%5C%22%2C%5C%22location%5C%22%3A%5C%22https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd%5C%22%2C%5C%22itemId%5C%22%3A%5C%22~~V1~~-2477250946617152579~~QCN3fyXbb_p1%5C%22%2C%5C%22text%5C%22%3A%5C%22Weiterlesen%5C%22%2C%5C%22type%5C%22%3A%5C%22event%5C%22%2C%5C%22module%5C%22%3A%5C%22cta-lazy-module%5C%22%2C%5C%22event%5C%22%3A%5C%22CTA-event-rendered%5C%22%2C%5C%22cardIndexOnPage%5C%22%3A0%2C%5C%22index%5C%22%3A0%2C%5C%22placement%5C%22%3A%5C%22Below%20Article%20Thumbnails%5C%22%2C%5C%22innerText%5C%22%3A%5C%22Die%20peinlichsten%20und%20misslungensten%20Momente%20im%20Sport%5C%5CnDoctor%20Report%5C%22%2C%5C%22config%5C%22%3A%7B%5C%22borderColor%5C%22%3A%5C%22black%5C%22%2C%5C%22fontWeight%5C%22%3A%5C%22bold%5C%22%2C%5C%22isInheritTitleColor%5C%22%3A%5C%22true%5C%22%7D%7D%22%2C%22eventTime%22%3A1666883578786%7D&tim=15%3A12%3A58.786&id=103&llvl=2&cv=20221027-5-RELEASE&
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 27 Oct 2022 15:12:58 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
truncated
/ 		403 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
091c2733df586042615d79b6fe413e3f33b87eb090beee72c3ac3e820110b5fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
5348771529001-6313008703112
content.api.news/v3/videos/brightcove/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://content.api.news/v3/videos/brightcove/5348771529001-6313008703112?api_key=6krsj3w249nk779d8fukqx9f
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
CloudFront /
Resource Hash
babbf2756085f48e33d409b313830dd0f8e1fe47c3dbda031f75f89aa9593fda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:12:59 GMT
content-encoding
gzip
x-amzn-remapped-server
nginx/1.20.0
x-amz-cf-pop
SIN2-C1
x-amzn-remapped-connection
keep-alive
x-newsapi-cache
MISS
edge-cache-tag
19d704b0a7aa29bdc26f19fac71af34d
x-amzn-requestid
ccfe1df0-9b16-476c-a4ed-f9961c435acc
x-newsapi-timestamp
2022-10-27T15:12:59.357012Z[UTC]
x-newsapi-traceid
92b185afc2f19b4a
x-amz-apigw-id
aq3vTH94ywMFnRg=
content-length
888
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=850
x-o
CF
x-newsapi-processing-time
15
access-control-allow-headers
x-newsapi-api-key
x-amzn-remapped-date
Thu, 27 Oct 2022 15:12:59 GMT
x-amz-cf-id
9_QE2t_vWD69U8miKIFTAB6P-kl5aI3TbwMFpx0QyCkFgQZbWCUIvA==
expires
Thu, 27 Oct 2022 15:27:09 GMT
/
www.heraldsun.com.au/subscribe/news/1/
Redirect Chain
  • https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
  • https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2...
79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805&memtype=anonymous&mode=premium&v21=dynamic-groupb-control-noscore&V21spcbehaviour=append
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Thu, 27 Oct 2022 15:13:01 GMT
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
date
Thu, 27 Oct 2022 15:13:01 GMT
x-powered-by
WordPress VIP <https://wpvip.com>
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
host-header
a9130478a60e5f9135f765b23f26593b
x-opw
4
content-length
12760
pragma
no-cache
x-rq
sin1 0 2 9980
server
nginx
vary
User-Agent, Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-robots-tag
noindex, nofollow
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-akamai-transformed
9 80961 0 pmb=mTOE,2
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Redirect headers

expires
Thu, 27 Oct 2022 15:12:59 GMT
date
Thu, 27 Oct 2022 15:12:59 GMT
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-arrrg4
https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
x-opw
4
content-length
0
pragma
no-cache
x-bpath
OLD
blaizehappened
true
server
AkamaiGHost
vary
User-Agent
location
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805&memtype=anonymous&mode=premium&v21=dynamic-groupb-control-noscore&V21spcbehaviour=append
cache-control
max-age=0, no-cache, no-store
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fsport%2ffootball%2ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2fnews-story%2f06ae81845d541688c402efd2ac9e7805%3fbtr%3d23e3f2c389fc12ce08c4a6d59e7c39dd&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=06ae81845d541688c402efd2ac9e7805&btr=23e3f2c389fc12ce08c4a6d59e7c39dd&session=4266bc4de45aa575d451af048646f817
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
truncated
/ 		360 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
45aa7a2804303c312e9af3aaa18911a3366aaf4dde005300ec3beb0c75d7b45c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
settings
syndication.twitter.com/ Frame 2274 		851 B
677 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=3eec8549e14dc9d59d52e9ccc7a1f5679cdad095
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fwww.heraldsun.com.au
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
45bc75820c2292bf64b74af20b9785c4a053608816b7d0c05bdc968e8e9de805
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-response-time
116
date
Thu, 27 Oct 2022 15:12:58 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Thu, 27 Oct 2022 15:12:59 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
d03e6b919d407731
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
cf54bec4fd357086551d64956855462735301ea628e6877092f5fae8caf5d76b
content-length
355
v2mtyKIhXY1kIAAtwCWDWsFsMZ5pl8cPU8rucruO7Cbn9s2SltW5Vgji0lZ5FUVf9aE3MPsOl
bedsberry.com/ 		191 B
711 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bedsberry.com/v2mtyKIhXY1kIAAtwCWDWsFsMZ5pl8cPU8rucruO7Cbn9s2SltW5Vgji0lZ5FUVf9aE3MPsOl
Requested by
Host: bedsberry.com
URL: https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:809c::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
aa0e71fb307bf06c642c68a17475a855158c34287564570ac3a0ec08ccd19f5d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Thu, 27 Oct 2022 15:12:59 GMT
via
1.1 google
x-buildnumber
673376020
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
191
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
x-hostname
fen-hoothoot-europe-west1-spot-lv9m
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Thu, 27 Oct 2022 15:12:58 GMT
tweet.495a42551da1e5c4c5171224e18a5a07.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/tweet.495a42551da1e5c4c5171224e18a5a07.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6795) /
Resource Hash
251feee5dacd7cd6acb23ff9f266b3a4a5407369b24a56b97dc041ccf918adc6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 27 Oct 2022 15:12:59 GMT
Content-Encoding
gzip
Age
620944
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
2619
Last-Modified
Wed, 28 Sep 2022 20:04:20 GMT
Server
ECS (frb/6795)
Etag
"090b14bdcf073940eb641311b50eb08d+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
utrack.js
tags.news.com.au/prod/utrack/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/utrack/utrack.js?cb=16668835791810.930415149560099
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-169.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
bfa67e2ce103d04234fa84f7595c316d23f46eed219683f06e264fb27dc91637

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:12:59 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"ab4f3fe7c5c43b61d4377ef72d3952fa:1558613430"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=0, no-cache, no-store
content-length
831
expires
Thu, 27 Oct 2022 15:12:59 GMT
mitas.js
tags.news.com.au/prod/mitas/ 		666 B
905 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/mitas/mitas.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-169.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
application/x-javascript
date
Thu, 27 Oct 2022 15:12:59 GMT
cache-control
max-age=67702
server
AkamaiNetStorage
etag
"83a2bbd4d3829f1d4278f4ff0988804c:1490850995"
content-length
666
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
B7670439;dcadv=4149947;sz=1x2;ord=149558785668.11887
ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=149558785668.11887?
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
cafe /
Resource Hash
d293e7067b0dba49fd27e580d02bd3af792bf07ee10cb17d73ed9b8eea3ce918
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:12:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12974
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
chartbeat_video.js
static.chartbeat.com/js/ 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:ee00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4b00ed621740620bfd79c6c4d2501d53390214d6bb3fb90a31a1c24637f05bb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:06:25 GMT
content-encoding
gzip
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
last-modified
Wed, 20 Jul 2022 00:51:11 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
394
etag
W/"62d7517f-1181e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-id
-YHvuD2XpmCJjwi1Uh4ov59x286EP0Zjs_XIaSKzc2tEks7ises4lQ==
expires
Thu, 27 Oct 2022 17:06:25 GMT
metrics.js
tags.news.com.au/prod/metrics/ 		187 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/metrics/metrics.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-169.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
757066733cc5808a89fa43b99da0148bc8fad6820af900f0ab67d6109ee1af11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:12:59 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"789aa25e8122305509df6e8b6103f3c6:1666763008.613847"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=43625
nielsen.js
tags.news.com.au/prod/nielsen/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/nielsen/nielsen.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-169.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
002856eb594d2755e967afbc01ed1d8cfcc4232f4abfe714a5b8a9b55a367258

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:12:59 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"ecacc4b7d71d3eee8eaca9fbb3295f91:1638242930.652258"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=44507
content-length
9840
ncg.js
au.tags.newscgp.com/prod/ncg/ 		155 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-121.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f601a8f162545a5b8aa2e2d05a4fc4bd508efd9ec19c65df29f6627edcbbd4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 27 Oct 2022 14:45:30 GMT
Content-Encoding
gzip
Via
1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
Last-Modified
Mon, 21 Mar 2022 03:18:38 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA6-C1
Age
1681
ETag
W/"cd21e4d44772e851dcd7105fef09c01e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=3600
Connection
keep-alive
X-Amz-Cf-Id
ASO_OrcQ1wUxeIEaK7zJiB8E057pAWfLPkB6BD8Rh9tCPRMeXkUuYg==
embed.js
nebula-cdn.kampyle.com/au/wau/132224/onsite/ 		1 KB
946 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/au/wau/132224/onsite/embed.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a431d42216e16231738959dc4d664d102aba4e0a657177581b63c4cac78aff40
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
B2cdzH7aE_ZcDuwn4r9S._SS6PSuSikn
content-encoding
gzip
via
1.1 varnish
date
Thu, 27 Oct 2022 15:12:59 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
QY65ZVKQ9RKXQ9J9
age
37738
x-cache
HIT
content-length
520
x-amz-id-2
sluhb0ndq6NJCkkPItHFDixAa0l2JBGZXfJ0sAKRqRXZsIpMv/uJ78DCSYHj1O3R4PvILpLqhLI=
x-served-by
cache-hhn4054-HHN
last-modified
Thu, 27 Oct 2022 04:43:57 GMT
server
AmazonS3
x-timer
S1666883579.323081,VS0,VE0
etag
"c606128eb8b1ddc50fc5d96d9b0e5f6b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0,must-revalidate
accept-ranges
bytes
x-cache-hits
304
tad.js
tags.news.com.au/prod/tad/ 		109 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/tad/tad.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-169.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
1313ed32c7c63448b8ff77299565cfe788c1882b6b4cef88eb668873c24a450f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:12:59 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"38a7894a95b6e992bd7d031ea4fd47b5:1666839035.790453"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=41917
content-length
33814
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
789b905c1884fb738c2db0f0eb23dd5ab1224f2bec48fc91c49d080273d0bd83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:12:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27374
x-xss-protection
0
server
sffe
etag
"1375 / 910 of 1000 / last-modified: 1666868789"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 27 Oct 2022 15:12:59 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		177 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-28-197.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6952d75a2aaa80c38068102af0b81541c127ce80a62b183f9a6d4197a4c2e31f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 14:39:34 GMT
content-encoding
gzip
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront), 1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
last-modified
Wed, 26 Oct 2022 19:24:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-C2
age
2006
x-amz-server-side-encryption
AES256
etag
W/"95738dd931cd70a132d12a456f44b79f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
shmAFx3wXo0YTmLDG0CsG25ZCWproLdIgKlCbqPeAG07bCUvWLY61g==
prebid.js
tags.news.com.au/prod/prebid/ 		366 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/prebid/prebid.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-169.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f2c45f3e3dc1a63d69c7efd2ed0de3d4484e1983369e8244449dabd21d2f3c55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:12:59 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"a5e55cf5b1d1242200b67a7ae1da6953:1664416072.664196"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=70424
ats.js
ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ats.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1af93a79baedcd0b0141f5ea252e90b09939df173357ac3dbcba632498e5385d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
ClDIgD0zuwLI7F0xhBbpGkCt4wZOjpVN
content-encoding
gzip
via
1.1 22b9ddafebf39d72780d68dad970d218.cloudfront.net (CloudFront)
date
Thu, 27 Oct 2022 14:32:27 GMT
last-modified
Thu, 13 Oct 2022 05:35:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
2505
x-amz-server-side-encryption
AES256
etag
W/"964c4cc68e0d531d901baf0d73f36918"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
cltjb45xrOAzS-Az9ghyVQK7yqZdElFnlAYyB7vUB1pBBUklxEinlQ==
nca_ipsos.js
tags.news.com.au/prod/ipsos/ 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-169.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
225d7f8798e8442ff98725d44342d3d07ecb39067ff00e05358462a5e4d3c0bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:12:59 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"86881fb73b4ddbe1082c71eabef497ff:1665372502.912417"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=82942
content-length
5789
utag.985.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.985.js?utv=ut4.46.201911200449
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7b6c0b25c2cb3a2edfe8c42852119cffb292560fe035805ec58d85522316996d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

unused62
8096267
date
Thu, 27 Oct 2022 15:12:59 GMT
content-encoding
gzip
last-modified
Tue, 21 Sep 2021 02:18:16 GMT
server
AkamaiNetStorage
etag
"479ba55551c0a2369f399625b1c2c4ea:1632190696.475182"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
899
expires
Fri, 11 Nov 2022 15:12:59 GMT
Tweet.html
platform.twitter.com/embed/ Frame 2EB9 		345 B
918 B 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1585360307102552064&lang=en&origin=https%3A%2F%2Fwww.dailytelegraph.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805&sessionId=3eec8549e14dc9d59d52e9ccc7a1f5679cdad095&siteScreenName=theheraldsun&theme=light&widgetsVersion=1c23387b1f70c%3A1664388199485&width=550px
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6723) /
Resource Hash
b5f057086cb52ca256e9b432f3a462da3d6ef207ed8bffcc155cbc25bd05bd60

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
431
Cache-Control
public, max-age=1800
Content-Length
345
Content-Type
text/html; charset=utf-8
Date
Thu, 27 Oct 2022 15:12:59 GMT
Etag
"8cc6a6b079d2e04d8124d5a2d87c3f0f"
Last-Modified
Thu, 20 Oct 2022 10:36:44 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6723)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
X-Cache
HIT
x-amzn-internal-status
304
x-tw-cdn
VZ
ebOneTag.js
secure-ds.serving-sys.com/SemiCachedScripts/ 		71 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-25.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e4ce52ad6294cfec05864828f5df3325fc1f6627b957919fa931e94cb95453f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:12:59 GMT
content-encoding
gzip
last-modified
Wed, 26 Oct 2022 09:30:14 GMT
server
AmazonS3
x-amz-cf-pop
EWR52-C1
etag
W/"4751c0d91e072d7402bb3f4c2846334e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
5HGiPP4eQIjuFOOwM68B8cmMFJ6La8N79eVogfS0tkXkfArVb9d6bQ==
content-length
21378
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
216 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsltd/hwt/202210100344&cb=1666883579242
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

unused62
8096267
date
Thu, 27 Oct 2022 15:12:59 GMT
last-modified
Thu, 14 Apr 2016 16:57:51 GMT
server
AkamaiNetStorage
etag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type
application/x-javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Thu, 27 Oct 2022 15:22:59 GMT
door.js
au-script.dotmetrics.net/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/door.js?id=13222
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-6.fra6.r.cloudfront.net
Software
Kestrel /
Resource Hash
8e72fffbc0f6af2931cbe776c6075261ec345f3f592dee57f189a673a9b170d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:00 GMT
content-encoding
br
via
1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
FRA6-C1
etag
"13222...216.2022102715"
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
private
x-amz-cf-id
GGwJ5r2aGT-G01SBzWWg59Lt2Kz7KBi79KpGvgZvn_cb1PE1FJYADA==
pixel_1778f567
www.heraldsun.com.au/akam/13/ 		0
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/akam/13/pixel_1778f567
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/akam/13/1778f567
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-bpath
OLD
date
Thu, 27 Oct 2022 15:13:00 GMT
blaizehappened
true
vary
User-Agent
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
text/html
is-https
true
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fakam%2f13%2fpixel_1778f567&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=pixel_1778f567&session=4266bc4de45aa575d451af048646f817
x-arrrg4
https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
x-opw
4
content-length
0
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
P16C8D000-5514-4C76-9A96-5F57C2693396.js
cdn-gl.imrworldwide.com/conf/ 		32 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/conf/P16C8D000-5514-4C76-9A96-5F57C2693396.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:b800:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
772858a4a85442d2d4d95f351e194f8d3d01899779a1553df9583f4ec2716797

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
AwWxfpu7cnC79lQhtkUpFrHZq5wlt7ca
content-encoding
gzip
via
1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
date
Thu, 27 Oct 2022 14:21:19 GMT
last-modified
Thu, 27 Oct 2022 05:15:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
3101
x-amz-server-side-encryption
AES256
etag
W/"0c44c84e688ace352fc2ac5b1ed1c3fd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400,s-maxage=86400
x-amz-cf-id
HDYmknnfdrKym3NJrpc86ip0mXRsz46TOnvj827XTlJNljKDPp50bg==
embed.runtime.95e89dd9d1b41479153d.js
platform.twitter.com/embed/ Frame 2EB9 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.runtime.95e89dd9d1b41479153d.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1585360307102552064&lang=en&origin=https%3A%2F%2Fwww.dailytelegraph.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805&sessionId=3eec8549e14dc9d59d52e9ccc7a1f5679cdad095&siteScreenName=theheraldsun&theme=light&widgetsVersion=1c23387b1f70c%3A1664388199485&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6724) /
Resource Hash
3fafd9ea51dca80639320d19b8ea6569adf5c383fa4388bd1cfe354924fcb441

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1585360307102552064&lang=en&origin=https%3A%2F%2Fwww.dailytelegraph.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805&sessionId=3eec8549e14dc9d59d52e9ccc7a1f5679cdad095&siteScreenName=theheraldsun&theme=light&widgetsVersion=1c23387b1f70c%3A1664388199485&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 27 Oct 2022 15:12:59 GMT
Content-Encoding
gzip
Age
620944
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
4160
Last-Modified
Thu, 20 Oct 2022 10:36:44 GMT
Server
ECS (frb/6724)
Etag
"a58000b42fffab17b737b6eed09d4ba4+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
embed.8601.e33219e82c67975cfd90.js
platform.twitter.com/embed/ Frame 2EB9 		493 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.8601.e33219e82c67975cfd90.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1585360307102552064&lang=en&origin=https%3A%2F%2Fwww.dailytelegraph.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805&sessionId=3eec8549e14dc9d59d52e9ccc7a1f5679cdad095&siteScreenName=theheraldsun&theme=light&widgetsVersion=1c23387b1f70c%3A1664388199485&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6772) /
Resource Hash
c58eb93005d09e7485d3960dbaad514527ed100b67dabe61d0076033dfc986ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1585360307102552064&lang=en&origin=https%3A%2F%2Fwww.dailytelegraph.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805&sessionId=3eec8549e14dc9d59d52e9ccc7a1f5679cdad095&siteScreenName=theheraldsun&theme=light&widgetsVersion=1c23387b1f70c%3A1664388199485&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 27 Oct 2022 15:12:59 GMT
Content-Encoding
gzip
Age
620944
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
162782
Last-Modified
Thu, 20 Oct 2022 10:36:44 GMT
Server
ECS (frb/6772)
Etag
"92567b1d6329691140c4857e646f4242+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
embed.Tweet.cb357457c2d51216f296.js
platform.twitter.com/embed/ Frame 2EB9 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.Tweet.cb357457c2d51216f296.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1585360307102552064&lang=en&origin=https%3A%2F%2Fwww.dailytelegraph.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805&sessionId=3eec8549e14dc9d59d52e9ccc7a1f5679cdad095&siteScreenName=theheraldsun&theme=light&widgetsVersion=1c23387b1f70c%3A1664388199485&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6727) /
Resource Hash
3a377942bacfd9a3688c2b5b7f13398da089517fc9191ec92a1f59c69c686d6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1585360307102552064&lang=en&origin=https%3A%2F%2Fwww.dailytelegraph.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805&sessionId=3eec8549e14dc9d59d52e9ccc7a1f5679cdad095&siteScreenName=theheraldsun&theme=light&widgetsVersion=1c23387b1f70c%3A1664388199485&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 27 Oct 2022 15:12:59 GMT
Content-Encoding
gzip
Age
620945
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
6767
Last-Modified
Thu, 20 Oct 2022 10:36:44 GMT
Server
ECS (frb/6727)
Etag
"5d0497cccbc5addd1ba704f2e90bd5a3+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
csp-reports
login.newscorpaustralia.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/csp-reports
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.241.50 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-50.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/csp-report

Response headers
a597217
login.newscorpaustralia.com/akam/13/ Frame 7D88 		0
0
l03WXMB
login.newscorpaustralia.com/yxSK/m6Xk/LMG/LMy/Nj7w/9bz1c6rcaGz5/RSlQbENwKAI/ehQdU/ Frame 7D88 		0
0
indies-loader.js
ts2020-indies-client.web.app/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ts2020-indies-client.web.app/indies-loader.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e2b47f6850e47a047f2dce76569a61df775d7504fe64716ec66af316ab80e489
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by
cache-muc13920-MUC
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Thu, 27 Oct 2022 15:12:59 GMT
last-modified
Thu, 08 Sep 2022 01:41:49 GMT
x-timer
S1666883580.532326,VS0,VE0
etag
"dda6d8f74d0e858612ec503761d52ecaea214cb075d9052ffc7fb232c4add592-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2355
x-cache-hits
44
extended-access.js
subscriptions.heraldsun.com.au/google-loader/ 		257 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscriptions.heraldsun.com.au/google-loader/extended-access.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=25
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.241.50 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-50.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fd48e2679f423978f355af346fdc7f929f249e6cff29ed8aa13e50a4d2b796b9
Security Headers
Name Value
Strict-Transport-Security max-age=600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:12:59 GMT
content-encoding
gzip
strict-transport-security
max-age=600
last-modified
Tue, 30 Aug 2022 05:33:14 GMT
x-amz-cf-pop
SIN5-C1
etag
"04df6ed36e659404b1589354c5fb8697"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=53
accept-ranges
bytes
x-amz-cf-id
hQ4SSN4u1HuPyrnzxD_PPi7w3wIO6zd15torGpCXqaplLjiLRSBpqg==
content-length
66268
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1666883579346
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1666883579346
5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1666883579346
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
HTTP/1.1
Server
34.248.152.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-152-242.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3c2c235857ce6efd3861c3bde546f0f2cfe6b8d760a2ec1f390f08a71ee3c62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v044-063d3650f.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
+FdOGU14S3s=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1562
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v044-0d06541aa.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
f76Q3mzSSbI=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Location
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1666883579346
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/tad/tad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-33.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sun, 23 Oct 2022 10:50:47 GMT
Content-Encoding
gzip
Via
1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-C2
Age
361333
ETag
W/"51636de3ce868a2172f9e6996c2934e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=604800
Connection
keep-alive
X-Amz-Cf-Id
3xngL3d5A-UqmSWtmKjdKn2Mj2JMEU8wAX_y0en87G-GRuXhad7stw==
gdpr_user_check.esi
tags.news.com.au/prod/data-esi/top/ 		63 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi?
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-169.deploy.static.akamaitechnologies.com
Software
AkamaiGHost /
Resource Hash
c234d3a6e7ff0a41542220e1202ea768bffeca48680c47de404653fa040a9c7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:00 GMT
server
AkamaiGHost
etag
"519053bf13ef3980b8829a5ec0f4dbc4:1638256850.601476"
vary
Origin, Origin, Origin
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
text/plain
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
max-age=0, no-cache
content-length
63
mime-version
1.0
expires
Thu, 27 Oct 2022 15:13:00 GMT
pubads_impl_2022102401.js
securepubads.g.doubleclick.net/gpt/ 		378 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79bbd067eff59b0e77f2c105b6a23129e341e4e0ed12a27e2618216fc1e850e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 15:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
258078
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130586
x-xss-protection
0
last-modified
Mon, 24 Oct 2022 08:37:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 24 Oct 2023 15:31:41 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		144 B
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ebb4807c4eb6dca83da209b9d9cbafd1191a5960535e9cfaf6cb2423d59e6f15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:12:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
106
x-xss-protection
0
expires
Thu, 27 Oct 2022 15:12:59 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=5119&u=https%3A%2F%2Fwww.heraldsun.com.au
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-28-197.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 12:19:15 GMT
via
1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C2
age
10423
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
dTFocbiAqzK1woiOc-Z0EILRvenaCQYQpE-_4lQcXfBdXGr_U_BWFQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-28-197.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
GByBGE9Pk5QvO6waz.2OH5fe1oGEkMED
content-encoding
gzip
via
1.1 6c7a5d26be7fb35284e54d321f16b6f6.cloudfront.net (CloudFront)
date
Thu, 27 Oct 2022 03:55:05 GMT
x-amz-cf-pop
FRA56-C2
age
42190
x-cache
Hit from cloudfront
last-modified
Fri, 21 Oct 2022 19:58:26 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
F_RgWSxZN01wHbCbSUk2xGDqTmRGrPX91u7MsfRO4v8qU6HhG-JL-g==
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221026/r20110914/elements/html/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221026/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=149558785668.11887?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 18:22:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
75048
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2998
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Nov 2022 18:22:11 GMT
view
googleads4.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss-JerDofHfKnb5JEFKXu8nxnc-7lwrLUDY614KnbOkdXlx9A4N57Fa9wuLdxk9y627fd03JayKQJyWOjYxavbT3p2sytdf1YExH7FgkBJ2fzxvMCjkjStNR11cSsCWVb-oRPX2M7goAeVs1AXRh4w&sai=AMfl-YQBjKom77WQIqGMOy-eNz_eG9gaL6ErDCcEsNkNf3LFHKnTbwa2i70kvOWweXmcWlHuRO8Mf61Z-AQa1J2iwQ&sig=Cg0ArKJSzOgGylxuGyTXEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20221026.52925&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=149558785668.11887?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:12:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 27 Oct 2022 15:12:59 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805&u=5LINFCrnAmMrNRWh&d=heraldsun.com.au&g=36976&g0=sport%2Cfootball%2Cvideo%2Ccomments%2Cstory%2Cmc_widget%2Cpc.ct.restricted&g1=Joe%20Barton&n=1&f=00001&c=0&x=0&m=0&y=6634&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=https%3A%2F%2Fcontent.isentia.io%2F&b=10319&t=ByhM-2D2VRkKBkcxbdB8B8RMoaLs4&V=136&i=FIFA%20World%20Cup%20Qatar%3A%20Socceroos%20protest%20human%20rights%20abuses%20%7C%20Herald%20Sun&tz=0&_acct=anon&sn=1&sv=QGWasB1RixZBl84vYOP84pClHEvS&sr=https%3A%2F%2Fcontent.isentia.io%2F&sd=1&im=065b0ed2&_
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.198.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-198-241.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 27 Oct 2022 15:12:59 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
validate
assets.vidora.com/v1/ 		0
309 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://assets.vidora.com/v1/validate?api_key=heraldsun.2F8773CE626E38E3517E704E87B6D52D
Requested by
Host: assets.vidora.com
URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:b600:4:77d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 27 Oct 2022 15:12:59 GMT
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
server
openresty/1.21.4.1
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
2tfsftwKfXz4SuI2E_APUGR7Hw4CGMPp9JBqIittO5cfwsyXrv9aYQ==
expires
Thu, 27 Oct 2022 15:12:58 GMT
embed.749.467388cca0b3fe9c3291.js
platform.twitter.com/embed/ Frame 2EB9 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.749.467388cca0b3fe9c3291.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.95e89dd9d1b41479153d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67F2) /
Resource Hash
afe2c4d44f6a91b4d2ecbaf61d91e90f61cf159467b4a3fac9e51ed9b1e2920d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1585360307102552064&lang=en&origin=https%3A%2F%2Fwww.dailytelegraph.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805&sessionId=3eec8549e14dc9d59d52e9ccc7a1f5679cdad095&siteScreenName=theheraldsun&theme=light&widgetsVersion=1c23387b1f70c%3A1664388199485&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 27 Oct 2022 15:12:59 GMT
Content-Encoding
gzip
Age
620944
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
6789
Last-Modified
Thu, 20 Oct 2022 10:36:44 GMT
Server
ECS (frb/67F2)
Etag
"d3483b9c737e990765e6ba56d01154a3+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
embed.ondemand.i18n.en-js.d911b41dc7cdd3cf8245.js
platform.twitter.com/embed/ Frame 2EB9 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.d911b41dc7cdd3cf8245.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.95e89dd9d1b41479153d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6763) /
Resource Hash
41dfdf1c4dd211bb5bd556c41e59d7880e783f0816cf4da6e7c327f7e399c897

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1585360307102552064&lang=en&origin=https%3A%2F%2Fwww.dailytelegraph.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805&sessionId=3eec8549e14dc9d59d52e9ccc7a1f5679cdad095&siteScreenName=theheraldsun&theme=light&widgetsVersion=1c23387b1f70c%3A1664388199485&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 27 Oct 2022 15:12:59 GMT
Content-Encoding
gzip
Age
620944
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=4
Content-Length
1393
Last-Modified
Thu, 20 Oct 2022 10:36:44 GMT
Server
ECS (frb/6763)
Etag
"41b08661955b9310c895190bbe18407f+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
embed.ondemand.horizon-web.i18n.en-js.4d76caa3cb11562c7660.js
platform.twitter.com/embed/ Frame 2EB9 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.horizon-web.i18n.en-js.4d76caa3cb11562c7660.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.95e89dd9d1b41479153d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6731) /
Resource Hash
4135c004ce36152b8f49f88b21366d7b589b906390a8cb78d38f41e357f88709

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1585360307102552064&lang=en&origin=https%3A%2F%2Fwww.dailytelegraph.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805&sessionId=3eec8549e14dc9d59d52e9ccc7a1f5679cdad095&siteScreenName=theheraldsun&theme=light&widgetsVersion=1c23387b1f70c%3A1664388199485&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 27 Oct 2022 15:12:59 GMT
Content-Encoding
gzip
Age
620944
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
11307
Last-Modified
Thu, 20 Oct 2022 10:36:44 GMT
Server
ECS (frb/6731)
Etag
"f183514ec6ce4772d6c52319b8709038+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/ 		195 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/P16C8D000-5514-4C76-9A96-5F57C2693396.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:b800:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
Tw1ZrV6S6M8HrQmSnEoR4BpykB7j_69v
content-encoding
gzip
via
1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
date
Thu, 27 Oct 2022 14:57:05 GMT
x-amz-cf-pop
FRA53-C1
age
955
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Wed, 28 Sep 2022 14:09:01 GMT
server
AmazonS3
etag
W/"81a9e2a298d0019660cb2966f0c24748"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
QNLyFBTXpRFlGV2xK2FApkhJoZsNJl0b9Sl05KxJrU1SmxyyQ45sYQ==
vtt.global.min.js
vjs.zencdn.net/vttjs/0.12.5/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vjs.zencdn.net/vttjs/0.12.5/vtt.global.min.js
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/5348771529001/938M1Zecs_default/index.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aa706c43e8733a58224f514db36f253bed4ea01f56a90b66916c4aa6a656ec2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by
cache-hhn4061-HHN
date
Thu, 27 Oct 2022 15:12:59 GMT
content-encoding
gzip
last-modified
Thu, 31 Aug 2017 21:04:55 GMT
etag
"f30dac97e5c2aaa10a7695b93cc66699"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
7231
x-cache-hits
86181
841c2fdc66a6e80fa2dedb2a9f077c9b
content.api.news/v3/images/bin/ 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/841c2fdc66a6e80fa2dedb2a9f077c9b
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
19198d4a98e71641c8aa22fa6fa1d56245002fa8dd765cb631224a7c258ae790

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:12:59 GMT
x-check-cacheable
YES
edge-cache-tag
841c2fdc66a6e80fa2dedb2a9f077c9b
content-length
56400
last-modified
Wed, 26 Oct 2022 20:39:51 GMT
server
Akamai Image Manager
x-serial
1300
etag
6f4c8feffd0e377b03b6e56b7c72b8c7-841c2fdc66a6e80fa2dedb2a9f077c9b-0
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5117318
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sun, 25 Dec 2022 20:41:37 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		369 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/5348771529001/938M1Zecs_default/index.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daec2c5ac8175cc3c9743f4342b44071d271452ca4d548d57c069cc46bf8cbec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:12:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126562
x-xss-protection
0
expires
Thu, 27 Oct 2022 15:12:59 GMT
videojs-chromecast-receiver.js
players.brightcove.net/videojs-chromecast-receiver/2/ 		81 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://players.brightcove.net/videojs-chromecast-receiver/2/videojs-chromecast-receiver.js
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.37 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-37.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
8f1c376d66592c734da1cc33d1ec2b9e6c589848d31846c26e7d21581f83cf2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
taGV2BhQxN_UDd.aEUQL1B2Z0ZAuUStJ
Content-Encoding
gzip
Date
Thu, 27 Oct 2022 15:12:59 GMT
x-amz-request-id
NDPV06WZ0KQQCCCS
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
18594
x-amz-id-2
60yl2CJnFRGRygSJtx1T69pIn+Iv6w9GAWw4AxTZ7Br7f/6S47VaSW0CSacAlp+jCrFmZR0GsVY=
X-BCOV-Response-Mode
1
X-Served-By
cache-hhn4047-HHN
Last-Modified
Thu, 02 Jun 2022 16:12:12 GMT
Server
AmazonS3
X-Timer
S1662352654.549917,VS0,VE1
ETag
"1591d67e0f20a76581407b3be2ad5d57"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1
Accept-Ranges
bytes
X-Cache-Hits
1
tracker
metrics.brightcove.com/v2/ 		35 B
207 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=5e4db17f73ec5d5431bc1c38&account=5348771529001&destination=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&platform_version=6.63.5&player=players.brightcove.com%2F5348771529001%2F938M1Zecs_default&player_name=%5BPROD%5D%20-%20v6.63&source=https%3A%2F%2Fcontent.isentia.io%2F&event=player_init&time=1666883579601&seq=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
cache-control
must-revalidate,no-cache,no-store
via
1.1 google
date
Thu, 27 Oct 2022 15:12:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
tracker
metrics.brightcove.com/v2/ 		35 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=5e4db17f73ec5d5431bc1c38&account=5348771529001&destination=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&platform_version=6.63.5&player=players.brightcove.com%2F5348771529001%2F938M1Zecs_default&player_name=%5BPROD%5D%20-%20v6.63&source=https%3A%2F%2Fcontent.isentia.io%2F&usage=chartbeat!&usage=inpage-embed&event=player_load&time=1666883579614&qos.performance.memory.jsHeapSizeLimit=3760000000&qos.performance.memory.usedJSHeapSize=17100000&qos.performance.memory.totalJSHeapSize=23100000&qos.performance.navigation.redirectCount=0&qos.performance.navigation.type=0&qos.performance.navigation.directedMigration=false&qos.performance.timing.loadEventEnd=0&qos.performance.timing.loadEventStart=0&qos.performance.timing.domComplete=0&qos.performance.timing.domContentLoadedEventEnd=1666883578712&qos.performance.timing.domContentLoadedEventStart=1666883578711&qos.performance.timing.domInteractive=1666883578364&qos.performance.timing.domLoading=1666883577658&qos.performance.timing.responseEnd=1666883577612&qos.performance.timing.responseStart=1666883577543&qos.performance.timing.requestStart=1666883571382&qos.performance.timing.secureConnectionStart=0&qos.performance.timing.connectEnd=1666883571381&qos.performance.timing.connectStart=1666883571381&qos.performance.timing.domainLookupEnd=1666883571381&qos.performance.timing.domainLookupStart=1666883571381&qos.performance.timing.fetchStart=1666883571381&qos.performance.timing.redirectEnd=0&qos.performance.timing.redirectStart=0&qos.performance.timing.unloadEventEnd=0&qos.performance.timing.unloadEventStart=0&qos.performance.timing.navigationStart=1666883569165&qos.player.dimensions=%5B%5B1666883579613%2C%220x0%22%2C%22100x100%22%5D%5D&qos.player.pixelratio=%5B%5B1666883579613%2C1%5D%5D&qos.player.screendimensions=%5B%5B1666883579613%2C%221600x1200%22%5D%5D&seq=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
cache-control
must-revalidate,no-cache,no-store
via
1.1 google
date
Thu, 27 Oct 2022 15:12:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
campaigns
resourcesssl.newscdn.com.au/indies/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22article%22,site:%22heraldsun.com.au%22,section:%22/sport/football%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Requested by
Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-206.deploy.static.akamaitechnologies.com
Software
Google Frontend / Express
Resource Hash
7f19eaf713e6f3c0986e23b5607eaf8490fc54551bb52d16ad560ce8ec392353
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

x-cache-hits
0
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
date
Thu, 27 Oct 2022 15:13:00 GMT
x-powered-by
Express
content-length
1451
x-served-by
cache-hhn4025-HHN
server
Google Frontend
x-timer
S1666883580.090910,VS0,VE441
etag
W/"1894-OfrbrGRY6W3cPK96363//6aSZZg"
x-i
true
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
05edc00031cc4525b6b327417c15a1fb
cache-control
private, max-age=1788
function-execution-id
3jxrupfj6edo
accept-ranges
bytes
x-orig-accept-language
de-DE,de;q=0.9
x-country-code
DE
expires
Thu, 27 Oct 2022 15:42:48 GMT
campaigns
resourcesssl.newscdn.com.au/indies/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22article%22,site:%22heraldsun.com.au%22,section:%22/sport/football%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-206.deploy.static.akamaitechnologies.com
Software
Google Frontend / Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
cache-control
private, max-age=1800
content-type
text/html
date
Thu, 27 Oct 2022 15:12:59 GMT
expires
Thu, 27 Oct 2022 15:42:59 GMT
function-execution-id
50gx33gew4f5
server
Google Frontend
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-cache-hits
0
x-cloud-trace-context
a4f35c884aa039aaeb406b0c424780e1
x-country-code
DE
x-i
true
x-powered-by
Express
x-served-by
cache-hhn4025-HHN
x-timer
S1666883580.667626,VS0,VE288
6630
secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/ 		18 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/6630
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-25.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
289769da01b76f2bdb18bcf772ac90cf89861cfde526dc8ec0218a6a9b8ccb63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
sXQ2eDC1JmmvCqTAPvRli3v19Nu_7cXU
content-encoding
gzip
date
Thu, 27 Oct 2022 15:13:00 GMT
last-modified
Wed, 26 Oct 2022 04:27:28 GMT
server
AmazonS3
x-amz-cf-pop
EWR52-C1
etag
"189bff3ecbc5fc21ff53bd3b46f8ee8b"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=126
accept-ranges
bytes
x-amz-cf-id
Ow5U3sXjALG4L1759Ru0Ibny6SOvmTbHrxXMcoB4Cham8hFjuo0sZQ==
content-length
1284
embed.7995.93804634ad19e11f8142.js
platform.twitter.com/embed/ Frame 2EB9 		652 KB
179 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.7995.93804634ad19e11f8142.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.95e89dd9d1b41479153d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/674C) /
Resource Hash
fa531f5c4a644473057bfd386bdcfbe64c15e1cf11816ec767e9791676d3b737

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1585360307102552064&lang=en&origin=https%3A%2F%2Fwww.dailytelegraph.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805&sessionId=3eec8549e14dc9d59d52e9ccc7a1f5679cdad095&siteScreenName=theheraldsun&theme=light&widgetsVersion=1c23387b1f70c%3A1664388199485&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 27 Oct 2022 15:12:59 GMT
Content-Encoding
gzip
Age
620944
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
Content-Length
182605
Last-Modified
Thu, 20 Oct 2022 10:36:44 GMT
Server
ECS (frb/674C)
Etag
"7dfe7dddf090b7206a2c9ebdee56fcbf+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
embed.ondemand.Tweet.0e0763b7bab7a9226607.js
platform.twitter.com/embed/ Frame 2EB9 		79 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.Tweet.0e0763b7bab7a9226607.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.95e89dd9d1b41479153d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C2) /
Resource Hash
8d9d48e3b2aa9a9f181c5875704183f2561a32d1922e7a33af897afacac146ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1585360307102552064&lang=en&origin=https%3A%2F%2Fwww.dailytelegraph.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805&sessionId=3eec8549e14dc9d59d52e9ccc7a1f5679cdad095&siteScreenName=theheraldsun&theme=light&widgetsVersion=1c23387b1f70c%3A1664388199485&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 27 Oct 2022 15:12:59 GMT
Content-Encoding
gzip
Age
620945
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
18167
Last-Modified
Thu, 20 Oct 2022 10:36:44 GMT
Server
ECS (frb/67C2)
Etag
"ddcc23ff2f82896e1a8725525a269bd0+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
bulk
trc.taboola.com/newscorpau-aud-heraldsun/log/3/ 		0
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/newscorpau-aud-heraldsun/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221027-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Thu, 27 Oct 2022 15:12:59 GMT
via
1.1 varnish
x-served-by
cache-hhn4038-HHN
server
nginx
x-timer
S1666883580.691587,VS0,VE9
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.heraldsun.com.au
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/videojs-chromecast-receiver/2/videojs-chromecast-receiver.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:12:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Oct 2022 15:12:59 GMT
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame FB02 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:b800:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3174
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Thu, 27 Oct 2022 14:20:06 GMT
etag
W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified
Wed, 28 Sep 2022 14:09:00 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
x-amz-cf-id
Z0wXzlXjS_D_3MfRZPGNY_YNlbcEV_prsMkxLi70vZKgtzHk1pWyHQ==
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
x-amz-version-id
kefD87rpNa3sUBHNjAEOkjjRzic54A4V
x-cache
Hit from cloudfront
6313008703112
edge.api.brightcove.com/playback/v1/accounts/5348771529001/videos/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.api.brightcove.com/playback/v1/accounts/5348771529001/videos/6313008703112
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/5348771529001/938M1Zecs_default/index.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e8101c10486b747e755e4d512b8a4bd53d07d8c4981e34bf2f73949b1056bfa4

Request headers

Accept
application/json;pk=BCpkADawqM2_330AZUx3hOhw08ByXIIKL1qVDScQT4-Y20iQov_t7uCKQ2OMBzj46A_jfmEwilabuEUd5-JeBhNlW6TrJws1fMwsZUbidjRxZrjRA1MDtkGXpXE-NQdMPsIQ1XSQarOExJ-4
Referer
https://www.heraldsun.com.au/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

bc-override-client-ip
185.220.101.60
date
Thu, 27 Oct 2022 15:12:59 GMT
powered-from
eu-central-1b
bcov-request-id
dd2508c0-04bd-4d21-9ad4-8c4471c8cee9
via
1.1 varnish
age
65090
policy-key-accountid
5348771529001
x-cache
HIT
powered-by
BC
content-length
3723
x-served-by
cache-hhn4026-HHN
policy-key-raw
BCpkADawqM2_330AZUx3hOhw08ByXIIKL1qVDScQT4-Y20iQov_t7uCKQ2OMBzj46A_jfmEwilabuEUd5-JeBhNlW6TrJws1fMwsZUbidjRxZrjRA1MDtkGXpXE-NQdMPsIQ1XSQarOExJ-4
x-timer
S1666883580.955185,VS0,VE1
access-control-allow-methods
HEAD,GET,OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
cache-control
max-age=0, no-cache, no-store
account-status
APPROVED
accept-ranges
bytes
access-control-allow-headers
content-type,accept,accept-language,content-language,bcov-policy,soapaction
x-cache-hits
1
tracker
metrics.brightcove.com/v2/ 		35 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=5e4db17f73ec5d5431bc1c38&account=5348771529001&destination=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&platform_version=6.63.5&player=players.brightcove.com%2F5348771529001%2F938M1Zecs_default&player_name=%5BPROD%5D%20-%20v6.63&source=https%3A%2F%2Fcontent.isentia.io%2F&event=catalog_request&url=https%3A%2F%2Fedge.api.brightcove.com%2Fplayback%2Fv1%2Faccounts%2F5348771529001%2Fvideos%2F6313008703112&time=1666883579716&seq=2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
cache-control
must-revalidate,no-cache,no-store
via
1.1 google
date
Thu, 27 Oct 2022 15:12:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
6313008703112
edge.api.brightcove.com/playback/v1/accounts/5348771529001/videos/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://edge.api.brightcove.com/playback/v1/accounts/5348771529001/videos/6313008703112
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
accept
Access-Control-Request-Method
GET
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,accept,accept-language,content-language,bcov-policy,soapaction
access-control-allow-methods
HEAD,GET,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
access-control-max-age
86400
cache-control
max-age=0, no-cache, no-store
content-length
0
date
Thu, 27 Oct 2022 15:12:59 GMT
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn4026-HHN
x-timer
S1666883580.907275,VS0,VE0
pub
pixel.adsafeprotected.com/services/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10507&slot=%7Bid:ad-block-728x90-1,ss:%5B728.90,970.250,970.50,1000.100%5D,p:/5129/ndm.hwt/sport/football,t:display%7D&slot=%7Bid:ad-block-728x90-2,ss:%5B728.90%5D,p:/5129/ndm.hwt/sport/football,t:display%7D&slot=%7Bid:ad-block-300x250-1,ss:%5B300.250,300.600%5D,p:/5129/ndm.hwt/sport/football,t:display%7D&slot=%7Bid:ad-block-300x250-2,ss:%5B300.250%5D,p:/5129/ndm.hwt/sport/football,t:display%7D&slot=%7Bid:ad-block-1000x50-1,ss:%5B1000.50,728.1%5D,p:/5129/ndm.hwt/sport/football,t:display%7D&slot=%7Bid:ad-block-4x4-1,ss:%5B4.4%5D,p:/5129/ndm.hwt/sport/football,t:display%7D&slot=%7Bid:ad-block-300x90-1,ss:%5B300.90,315.90%5D,p:/5129/ndm.hwt/sport/football,t:display%7D&slot=%7Bid:ad-out-of-page,ss:%5B1.1%5D,p:/5129/ndm.hwt/sport/football,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=f3c31d13-ffca-ccab-1dbc-7841eec23ed2&url=https%253A%252F%252Fwww.heraldsun.com.au%252Fsport%252Ffootball%252Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%252Fnews-story%252F06ae81845d541688c402efd2ac9e7805%253Fbtr%253D23e3f2c389fc12ce08c4a6d59e7c39dd
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.167.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-167-95.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c12d94661a5a310805f93ca902298f840f10ed8588af21655983d8c130f7ffc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:00 GMT
server
nginx
x-server-name
app11.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
swg.js
news.google.com/swg/js/v1/ 		150 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: subscriptions.heraldsun.com.au
URL: https://subscriptions.heraldsun.com.au/google-loader/extended-access.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd7c76c649d5516810b9f8ec8680bc31d20014124f58517b241e6c208ad760a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 14:29:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2622
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47140
x-xss-protection
0
last-modified
Wed, 26 Oct 2022 16:10:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Oct 2022 15:19:17 GMT
embed.ondemand.Dropdown.c679e916d5b5132002a5.js
platform.twitter.com/embed/ Frame 2EB9 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.Dropdown.c679e916d5b5132002a5.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.95e89dd9d1b41479153d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6731) /
Resource Hash
67f13e8ba805fe8e31f17be59f8b9660d78a248476eda21ab6216552cae3a080

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1585360307102552064&lang=en&origin=https%3A%2F%2Fwww.dailytelegraph.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805&sessionId=3eec8549e14dc9d59d52e9ccc7a1f5679cdad095&siteScreenName=theheraldsun&theme=light&widgetsVersion=1c23387b1f70c%3A1664388199485&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 27 Oct 2022 15:12:59 GMT
Content-Encoding
gzip
Age
620944
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
2284
Last-Modified
Thu, 20 Oct 2022 10:36:44 GMT
Server
ECS (frb/6731)
Etag
"9136c5402d5be832a7f07945a6e2c1c4+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Thu, 27 Oct 2022 15:12:59 GMT
via
1.1 varnish
x-amz-request-id
QQBJB95DTC5C6ET8
age
28400
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
bGxiVQJJV6ushs+GurmdUMKcP55jXiZTni4zPfO1R2tT9H40rLWGSHO/uxS9hhOPRniEOikC9As=
x-served-by
cache-hhn4038-HHN
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1666883580.899851,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
65
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
9494
tweet-result
cdn.syndication.twimg.com/ Frame 2EB9 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.syndication.twimg.com/tweet-result?features=tfw_timeline_list%3Alinktr.ee%2Ctr.ee%2Cterra.com.br%2Cwww.linktr.ee%2Cwww.tr.ee%2Cwww.terra.com.br%3Btfw_horizon_timeline_12034%3Atreatment%3Btfw_tweet_edit_backend%3Aon%3Btfw_refsrc_session%3Aon%3Btfw_chin_pills_14741%3Acolor_icons%3Btfw_tweet_result_migration_13979%3Atweet_result%3Btfw_sensitive_media_interstitial_13963%3Ainterstitial%3Btfw_experiments_cookie_expiration%3A1209600%3Btfw_duplicate_scribes_to_settings%3Aon%3Btfw_video_hls_dynamic_manifests_15082%3Atrue_bitrate%3Btfw_tweet_edit_frontend%3Aon&id=1585360307102552064&lang=en
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.8601.e33219e82c67975cfd90.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668D) / Express
Resource Hash
24e09b9bde4564eaf60e1e98295cd673852b28787340baeb4ad6ab6bc9e6f131
Security Headers
Name Value
Content-Security-Policy connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 27 Oct 2022 15:13:00 GMT
strict-transport-security
max-age=631138519
age
56
x-powered-by
Express
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
1022
x-xss-protection
0
x-response-time
196
last-modified
Thu, 27 Oct 2022 15:12:04 GMT
server
ECS (frb/668D)
etag
W/"8aa-pcttDNvYcVaBiJ0ckwFJEKnTkUc"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
7476d77fb7deb134
cache-control
must-revalidate, max-age=60
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
2e381e014284c9b0282066b65bb336d12bb3fb1c70c2fcf185c3a7fff5577634
accept-ranges
bytes
x-frame-options
SAMEORIGIN
x-tw-cdn
VZ, VZ, VZ
access-contol-allow-origin
platform.twitter.com
gn
secure-sdk.imrworldwide.com/cgi-bin/ Frame FB02 		44 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,P16C8D000-5514-4C76-9A96-5F57C2693396&sessionId=pgxiyq3qc93rfflxsmvfnm5qqxrzv1666883579&c16=sdkv,bj.6.0.0&uoo=&fp_id=olchelhm6qoyiuhmfohgnhnc5gr2x1666883579&fp_cr_tm=1666883579702&fp_acc_tm=1666883579702&fp_emm_tm=1666883579702&ve_id=&c30=bldv,6.0.0.623&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=&retry=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.208.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-208-99.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:00 GMT
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
/
pgxiyq3qc93rfflxsmvfnm5qqxrzv1666883579.nuid.imrworldwide.com/ Frame FB02 		35 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pgxiyq3qc93rfflxsmvfnm5qqxrzv1666883579.nuid.imrworldwide.com/
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:600:1d:667e:2a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 02:35:18 GMT
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
last-modified
Tue, 11 Sep 2018 17:05:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
45486
etag
"c2196de8ba412c60c22ab491af7b1409"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
-nVuqiLsVoNH46V6CqZ3cLOCxN-Yvwg7J2aaiseD9kBhZ45bQiGNaQ==
gn
secure-dcr.imrworldwide.com/cgi-bin/ Frame FB02 		44 B
721 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,P16C8D000-5514-4C76-9A96-5F57C2693396&sessionId=hcs1tfauj8qi0uiicq7mte3jgp5gt1666883579&c16=sdkv,bj.6.0.0&uoo=&fp_id=olchelhm6qoyiuhmfohgnhnc5gr2x1666883579&fp_cr_tm=1666883579702&fp_acc_tm=1666883579702&fp_emm_tm=1666883579702&ve_id=&c30=bldv,6.0.0.623&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=&retry=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.119.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-119-144.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:00 GMT
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
/
hcs1tfauj8qi0uiicq7mte3jgp5gt1666883579.nuid.imrworldwide.com/ Frame FB02 		35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hcs1tfauj8qi0uiicq7mte3jgp5gt1666883579.nuid.imrworldwide.com/
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:a200:1d:667e:2a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 02:35:18 GMT
via
1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
last-modified
Tue, 11 Sep 2018 17:05:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
45486
etag
"c2196de8ba412c60c22ab491af7b1409"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
XoDZP-w-cYOw8CH_fIiV-WudVo_UHmRT41rvPoXUF8T-3YLySPyMzA==
cast_framework.js
www.gstatic.com/cast/sdk/libs/sender/1.0/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf016295997068c6cd58f52c4fca8fdec2806b76e09b12521fcf734e0fcbf5f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12390
x-xss-protection
0
last-modified
Mon, 06 Jul 2020 23:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="chrome-dongle"
vary
Accept-Encoding
report-to
{"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type
text/javascript
cache-control
private, max-age=0
accept-ranges
bytes
expires
Thu, 27 Oct 2022 15:13:00 GMT
cast_sender.js
www.gstatic.com/eureka/clank/106/ 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/106/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 14:30:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2534
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15116
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 15:10:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Fri, 28 Oct 2022 14:30:46 GMT
tracker
metrics.brightcove.com/v2/ 		35 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=5e4db17f73ec5d5431bc1c38&account=5348771529001&destination=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&platform_version=6.63.5&player=players.brightcove.com%2F5348771529001%2F938M1Zecs_default&player_name=%5BPROD%5D%20-%20v6.63&source=https%3A%2F%2Fcontent.isentia.io%2F&event=catalog_response&url=https%3A%2F%2Fedge.api.brightcove.com%2Fplayback%2Fv1%2Faccounts%2F5348771529001%2Fvideos%2F6313008703112&time=1666883579968&response_time_ms=252&seq=3
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
cache-control
must-revalidate,no-cache,no-store
via
1.1 google
date
Thu, 27 Oct 2022 15:13:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
image.jpg
cf-images.ap-southeast-2.prod.boltdns.net/v1/static/5348771529001/6ba274fa-fdf1-44ad-b7cd-df5a23811950/962e6ce7-cb66-497b-8fcb-791b1359a209/650x365/match/ 		88 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf-images.ap-southeast-2.prod.boltdns.net/v1/static/5348771529001/6ba274fa-fdf1-44ad-b7cd-df5a23811950/962e6ce7-cb66-497b-8fcb-791b1359a209/650x365/match/image.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-7.fra6.r.cloudfront.net
Software
/ BC
Resource Hash
fb90d4116c0bbc624ced9f6924d84bf3b7fcc9c50d6120bf4b0cef305c200cf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 26 Oct 2022 20:42:05 GMT
Via
1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
X-Amz-Cf-Pop
FRA6-C1
X-Powered-From
gantry
X-Powered-By
BC
Age
66655
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Connection
keep-alive
X-Amz-Cf-Id
X3gIpnOiUtbBCo57Gr3aojK04lOmtey5Nu76ZluJptQFEDi1olxU_Q==
Expires
Thu, 26 Oct 2023 20:42:05 GMT
/
content.api.news/v3/search/ 		122 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://content.api.news/v3/search/?sortBy=dateLive&size=7&page=1&query=type:%20video%20%20AND%20target.domains:%20heraldsun.com.au%20%20AND%20-rightsMetadata.originatedSource:(Rightster_hollyscoop%20%20OR%20Rightster_the_savory%20OR%20Rightster_celebrity_wire)%20AND%20-rightsMetadata.usage:fair_dealing%20AND%20platform.id:5348771529001-*%20&api_key=9uz93nsd4pggfwhqcjnhmafw
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
CloudFront /
Resource Hash
0abf3468cf79e16f62670e7d1ae3a04299c7f4a62630ceb670b7aa52abafc135

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:00 GMT
content-encoding
gzip
x-amzn-remapped-server
nginx/1.20.0
x-amz-cf-pop
SIN2-C1
x-amzn-remapped-connection
keep-alive
x-newsapi-cache
MISS
x-amzn-requestid
8a8d2d5a-4b56-4b51-8282-ad988739c675
x-newsapi-timestamp
2022-10-27T15:13:00.556373Z[UTC]
x-newsapi-traceid
136583fb3abbf74
x-amz-apigw-id
aq3veGrXSwMFyMA=
content-length
10946
x-newsapi_search_timed_out
false
server
CloudFront
x-newsapi_search_execution_time
72ms
x-newsapi_search_cache_ttl
60
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1794
x-o
CF
x-newsapi-processing-time
84
access-control-allow-headers
x-newsapi-api-key
x-amzn-remapped-date
Thu, 27 Oct 2022 15:13:00 GMT
x-amz-cf-id
1PcSwX30d9xDsxNBry_8Q9ufOTCbh0du5lkU46d0HKwYkTfj4s4NJg==
expires
Thu, 27 Oct 2022 15:42:54 GMT
truncated
/ 		515 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
31ed7d7f64a4159b3f29cecb04fad647048669ac05c4bc660a291d69e23a4fc6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
73d612750189bf3dfe0869188eb2a06c2dadb1efc2ad885348e2dd5ff5c280b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
45803de0-bc2f-4e8c-b98d-6bae4eb23d36
https://www.heraldsun.com.au/ 		6 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.heraldsun.com.au/45803de0-bc2f-4e8c-b98d-6bae4eb23d36
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e019c589de9ddba85d6f6ab1c92de747a8dc7fe0e96c3cc2c3701f3ba4d6e2ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length
5914
Content-Type
application/javascript
6eb26ad4-66f2-494f-b9ed-0fcc5cd93089
https://www.heraldsun.com.au/ 		87 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.heraldsun.com.au/6eb26ad4-66f2-494f-b9ed-0fcc5cd93089
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc726046dc4a0a4fbf01cf5e4c3b71ab7e77a20a6c0987f7ddcbd36268ceda9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length
88599
Content-Type
application/javascript
e9000aa2-e2c7-4ed1-9e95-f54f6bf17485
https://www.heraldsun.com.au/ 		87 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.heraldsun.com.au/e9000aa2-e2c7-4ed1-9e95-f54f6bf17485
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc726046dc4a0a4fbf01cf5e4c3b71ab7e77a20a6c0987f7ddcbd36268ceda9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length
88599
Content-Type
application/javascript
social
am-trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/social?route=AM:AM:V&lti=deflated&ri=4f7409ecd2d627636c1a323a2d674b54&sd=v2_db71b15ffda1b93bac026227b46cfc94_4f464d79-e4e7-4701-9c99-6153d7c32bee-tucta54257a_1666883578_1666883578_CJrkkBYQgPNHGOrTg9DBMCABKAEwODib4wlAiIoQSMWG2ANQouwQWABgAGi0ovD79tOEkd4BcAA&ui=4f464d79-e4e7-4701-9c99-6153d7c32bee-tucta54257a&pi=/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805&wi=-8549985283888529367&pt=text&vi=1666883578346&st=social-visible&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22player-div%22%2C%22nm%22%3A%22video%22%2C%22c%22%3A1%2C%22ln%22%3A%22above-fold%22%2C%22lx%22%3A176%2C%22ly%22%3A643%2C%22m%22%3A%22video%22%2C%22v%22%3A3%2C%22md%22%3A%7B%22ap%22%3Anull%2C%22vd%22%3Anull%7D%7D%5D%7D&tim=15%3A13%3A00.003&id=6437&llvl=2&cv=20221027-5-RELEASE&
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 27 Oct 2022 15:13:00 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=video%40heraldsun.com.au&g=36976&p=6313008703112&i=Qatar%20World%20Cup%202022&g0=sport%2Cfootball%2Cvideo%2Ccomments%2Cstory%2Cmc_widget%2Cpc.ct.restricted&g1=Joe%20Barton&u=C4OI13DBQVbPBxz3_t&t=CmSbjECR3UWgCA6F-cDYXCPUDooAc3&x=0&y=0&V=136&VS=BCN&n=1&b=10441&r=https%3A%2F%2Fcontent.isentia.io%2F&_vd=0&_vi=FIFA%20World%20Cup%20Qatar%3A%20Socceroos%20protest%20human%20rights%20abuses%20%7C%20Herald%20Sun&_vp=heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805&_vh=heraldsun.com.au&_pu=5LINFCrnAmMrNRWh&_pt=ByhM-2D2VRkKBkcxbdB8B8RMoaLs4&_pr=https%3A%2F%2Fcontent.isentia.io%2F&_vdd=heraldsun.com.au&_vt=ct&_vs=s1&_vcs=0&_vbr=-1&_vvs=0.421&_vpt=0&_vtn=https%3A%2F%2Fcf-images.ap-southeast-2.prod.boltdns.net%2Fv1%2Fstatic%2F5348771529001%2F6ba274fa-fdf1-44ad-b7cd-df5a23811950%2F803fe2ee-489f-4d4e-ab94-82cfe978c0b3%2F152x85%2Fmatch%2Fimage.jpg&_vaup=unkn&_vce=0&c=0.01&W=0&R=0&I=1&E=0&j=75&tz=0&_
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.198.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-198-241.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 27 Oct 2022 15:13:00 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
tracker
metrics.brightcove.com/v2/ 		35 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=5e4db17f73ec5d5431bc1c38&account=5348771529001&destination=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&platform_version=6.63.5&player=players.brightcove.com%2F5348771529001%2F938M1Zecs_default&player_name=%5BPROD%5D%20-%20v6.63&source=https%3A%2F%2Fcontent.isentia.io%2F&time=1666883580017&event=video_impression&web_ad_info=%7B%22plugin%22%3A%22ima3%22%2C%22pluginVersion%22%3A%223.6.0%22%2C%22adTech%22%3A%22html5%22%2C%22requestMode%22%3A%22onplay%22%2C%22timeout%22%3A4200%7D&video=6313008703112&video_name=Qatar%20World%20Cup%202022&video_duration=109&media_url=https%3A%2F%2Fmanifest.prod.boltdns.net%2Fmanifest%2Fv1%2Fhls%2Fv4%2Fclear%2F5348771529001%2F6ba274fa-fdf1-44ad-b7cd-df5a23811950%2F10s%2Fmaster.m3u8%3Ffastly_token%3DNjM3ZThmYmRfMzA2NjU5NGJiNjJmNDhmNWJjNTIwNDBlZTY3OTc3ZDFiZmI2ZGZhMjlhY2Q5OThjZTJjM2UyNDVjNGM3ZjQ0NA%253D%253D&autoplay=false&preload=none&qos.content.sourceMimeType=application%2Fvnd.apple.mpegurl&seq=4_0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
cache-control
must-revalidate,no-cache,no-store
via
1.1 google
date
Thu, 27 Oct 2022 15:13:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
pub
pixel.adsafeprotected.com/services/ 		271 B
508 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=928981&slot=%7Bid:ad-1,s:1.1,p:/5129/ndm.hwt/sport/football,t:video%7D&wr=1600.1200&sr=1600.1200&sessionId=f3c31d13-ffca-ccab-1dbc-7841eec23ed2&url=https%253A%252F%252Fwww.heraldsun.com.au%252Fsport%252Ffootball%252Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%252Fnews-story%252F06ae81845d541688c402efd2ac9e7805%253Fbtr%253D23e3f2c389fc12ce08c4a6d59e7c39dd
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.167.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-167-95.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3232f48280ba6a54ad258db27d24629bd56f31557d87bb6d2287977e762f1207

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:00 GMT
server
nginx
x-server-name
app15.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
swg-button.css
news.google.com/swg/js/v1/ 		21 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9e322e104caf61653b1595f938d5c774c6bc0ac2799aff3538fedaee835c8ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:12:51 GMT
x-content-type-options
nosniff
age
9
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21972
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 18:18:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Oct 2022 16:02:51 GMT
loader.svg
news.google.com/swg/js/v1/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/loader.svg
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 14:55:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1051
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1049
x-xss-protection
0
last-modified
Mon, 16 Mar 2020 18:14:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
image/svg+xml
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Oct 2022 15:45:29 GMT
serviceiframe
news.google.com/swg/ui/v1/ Frame 17D2
Redirect Chain
  • https://news.google.com/swg/_/ui/v1/serviceiframe?_=463023&publicationId=heraldsun.com.au
  • https://news.google.com/swg/ui/v1/serviceiframe?_=463023&publicationId=heraldsun.com.au
26 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/ui/v1/serviceiframe?_=463023&publicationId=heraldsun.com.au
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
facd1cd157c31802c541c4a722995b1f299e5a77205636dd125124b432f9ea87
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-P4I1aKpbLPbYnqIzRTBfsA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-P4I1aKpbLPbYnqIzRTBfsA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-resource-policy
same-site
date
Thu, 27 Oct 2022 15:13:00 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0

Redirect headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-WsKfwkY-N_5Ctk-KBBCN1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
content-type
application/binary
cross-origin-opener-policy-report-only
unsafe-none; report-to="SubscribewithgoogleClientUi"
cross-origin-resource-policy
same-site
date
Thu, 27 Oct 2022 15:13:00 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://news.google.com/swg/ui/v1/serviceiframe?_=463023&publicationId=heraldsun.com.au
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-xss-protection
0
entitlements
news.google.com/swg/_/api/v1/publication/heraldsun.com.au/ 		2 B
58 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/api/v1/publication/heraldsun.com.au/entitlements
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
text/plain, application/json
Referer
https://www.heraldsun.com.au/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
bridge3.541.0_en.html
imasdk.googleapis.com/js/core/ Frame F416 		688 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.541.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34e395eaf1bfcc27f23912f3b3c0d0acc08cc13ebf3f404efbab7e786da1af66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
201633
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
226874
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 25 Oct 2022 07:12:27 GMT
expires
Wed, 25 Oct 2023 07:12:27 GMT
last-modified
Tue, 25 Oct 2022 07:00:51 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Oct 2022 15:13:00 GMT
embed.6045.cb884e36ec1d703bf8a7.js
platform.twitter.com/embed/ Frame 2EB9 		234 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.6045.cb884e36ec1d703bf8a7.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.95e89dd9d1b41479153d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6776) /
Resource Hash
ebbc8deb235dcdeeab79640fcb85619b4c295714d0d5ba1b218de7c35e977999

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1585360307102552064&lang=en&origin=https%3A%2F%2Fwww.dailytelegraph.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805&sessionId=3eec8549e14dc9d59d52e9ccc7a1f5679cdad095&siteScreenName=theheraldsun&theme=light&widgetsVersion=1c23387b1f70c%3A1664388199485&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 27 Oct 2022 15:13:00 GMT
Content-Encoding
gzip
Age
620943
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
67677
Last-Modified
Thu, 20 Oct 2022 10:36:44 GMT
Server
ECS (frb/6776)
Etag
"b6f4f78b4eb97a211ab3156d9a7f0225+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
embed.ondemand.TweetVideo.c64fa95873e7fe5cc537.js
platform.twitter.com/embed/ Frame 2EB9 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.TweetVideo.c64fa95873e7fe5cc537.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.95e89dd9d1b41479153d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6724) /
Resource Hash
b3a6b6746d758943a01e83f372e62f63626ba1a12a92c82c09c50ab68eb038bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1585360307102552064&lang=en&origin=https%3A%2F%2Fwww.dailytelegraph.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805&sessionId=3eec8549e14dc9d59d52e9ccc7a1f5679cdad095&siteScreenName=theheraldsun&theme=light&widgetsVersion=1c23387b1f70c%3A1664388199485&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 27 Oct 2022 15:13:00 GMT
Content-Encoding
gzip
Age
620945
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
3902
Last-Modified
Thu, 20 Oct 2022 10:36:44 GMT
Server
ECS (frb/6724)
Etag
"d9d61aa78db0308e019eb4d1a5264e59+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
embeds
syndication.twitter.com/i/jot/ Frame 2EB9 		43 B
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1666883580177%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22rufous-eol%22%2C%22client_version%22%3A%221c23387b1f70c%3A1664388199485%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.dailytelegraph.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22theheraldsun%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22f990d1aff4e35%3A1666252487280%22%2C%22item_ids%22%3A%5B%221585360307102552064%22%5D%2C%22item_details%22%3A%7B%221585360307102552064%22%3A%7B%22item_type%22%3A0%7D%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-response-time
109
date
Thu, 27 Oct 2022 15:12:59 GMT
strict-transport-security
max-age=631138519
last-modified
Thu, 27 Oct 2022 15:13:00 GMT
server
tsa_o
vary
Origin
content-type
image/gif
x-transaction-id
c13f5890d2487655
cache-control
must-revalidate, max-age=600
perf
7626143928
x-connection-hash
cf54bec4fd357086551d64956855462735301ea628e6877092f5fae8caf5d76b
content-length
43
5vsj7u01_normal.jpg
pbs.twimg.com/profile_images/1509689943173468193/ Frame 2EB9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1509689943173468193/5vsj7u01_normal.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
49503a5526c85754627d926b173782779f6c71a1c2b8f110075a998e2e17e156
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
date
Thu, 27 Oct 2022 15:13:00 GMT
x-content-type-options
nosniff
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length
2111
x-served-by
cache-lhr6629-LHR, cache-fra-eddf8230100-FRA, cache-tw-ZZZ1
last-modified
Fri, 01 Apr 2022 00:29:45 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
15911a281c212afc
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
hit.gif
au-script.dotmetrics.net/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://au-script.dotmetrics.net/hit.gif?id=13222&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&dom=www.heraldsun.com.au&r=1666883580221&pvs=1&pvid=0f7bb72a-5776-4a56-9677-ffb94728d2e6&c=true&tzOffset=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-6.fra6.r.cloudfront.net
Software
Kestrel /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:00 GMT
dotmetrics-hit-status
01 OK
via
1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
image/gif
cache-control
no-cache
x-amz-cf-id
7iLU7tInow9cer8FW-o3QYb2TJvKIsdDfPWBb9_fdTGtRyVPrgdcig==
embed.loaders.video.VideoPlayerDefaultUI.1f63efe8b6751dda805f.js
platform.twitter.com/embed/ Frame 2EB9 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.loaders.video.VideoPlayerDefaultUI.1f63efe8b6751dda805f.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.95e89dd9d1b41479153d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668A) /
Resource Hash
6bdd76d2939aad1064ff67f82ea5842249624fd1bec02fa5fa6df6c7a52e9132

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1585360307102552064&lang=en&origin=https%3A%2F%2Fwww.dailytelegraph.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805&sessionId=3eec8549e14dc9d59d52e9ccc7a1f5679cdad095&siteScreenName=theheraldsun&theme=light&widgetsVersion=1c23387b1f70c%3A1664388199485&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 27 Oct 2022 15:13:00 GMT
Content-Encoding
gzip
Age
620945
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
12959
Last-Modified
Thu, 20 Oct 2022 10:36:44 GMT
Server
ECS (frb/668A)
Etag
"1998736789f5e7841262e08d95a5f54e+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
embed.loaders.video.PlayerHls1.b5222664b99b9ed3eca7.js
platform.twitter.com/embed/ Frame 2EB9 		342 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.loaders.video.PlayerHls1.b5222664b99b9ed3eca7.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.95e89dd9d1b41479153d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668C) /
Resource Hash
784caf17cbaa1b9aed0d10de408b6865d3f69f31bbf9a1ac3354a4026d09386b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1585360307102552064&lang=en&origin=https%3A%2F%2Fwww.dailytelegraph.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805&sessionId=3eec8549e14dc9d59d52e9ccc7a1f5679cdad095&siteScreenName=theheraldsun&theme=light&widgetsVersion=1c23387b1f70c%3A1664388199485&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 27 Oct 2022 15:13:00 GMT
Content-Encoding
gzip
Age
620945
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
99568
Last-Modified
Thu, 20 Oct 2022 10:36:44 GMT
Server
ECS (frb/668C)
Etag
"68bb5542056426f20f522fe834599006+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
PDnft_bJZSyNMcUs.jpg
pbs.twimg.com/ext_tw_video_thumb/1585345540950085633/pu/img/ Frame 2EB9 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/ext_tw_video_thumb/1585345540950085633/pu/img/PDnft_bJZSyNMcUs.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f3fdc23e8714bd72acea4952de24573297a12a9a94a182c6ac984e493fdd22a0
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
date
Thu, 27 Oct 2022 15:13:00 GMT
x-content-type-options
nosniff
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length
79181
x-served-by
cache-lhr7365-LHR, cache-fra-eddf8230100-FRA, cache-tw-ZZZ1
last-modified
Wed, 26 Oct 2022 18:58:05 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
df33871d0dec4217
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
script.js
au-script.dotmetrics.net/Scripts/ 		79 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/Scripts/script.js?v=216
Requested by
Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/door.js?id=13222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-6.fra6.r.cloudfront.net
Software
Kestrel /
Resource Hash
2f323c23ab941c9e378e9d2152511d980d7a88ead0645133a98ecfe2027bbf61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:00 GMT
content-encoding
br
via
1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
last-modified
Wed, 26 Oct 2022 12:06:29 GMT
server
Kestrel
x-amz-cf-pop
FRA6-C1
etag
"1d8e93361266d86"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
4hobOOlNKLJHWh_ht_7n53y1dVyDU3jaSJg-KiL2uNK6WPZpDlbJEQ==
cspreport
news.google.com/swg/_/SubscribewithgoogleClientUi/ Frame 17D2 		0
27 B 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/SubscribewithgoogleClientUi/cspreport
Requested by
Host: content.isentia.io
URL: https://content.isentia.io/?url=https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805&key=a477a53a6df01a2147d2836d6031617c&ver=1&mid=881687832
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-UxEc3n5YwjRqsBzBVLzQmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/swg/ui/v1/serviceiframe?_=463023&publicationId=heraldsun.com.au
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 27 Oct 2022 15:13:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-UxEc3n5YwjRqsBzBVLzQmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="SubscribewithgoogleClientUi"
expires
Mon, 01 Jan 1990 00:00:00 GMT
swg-button.css
news.google.com/swg/js/v1/ Frame 17D2 		21 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=463023&publicationId=heraldsun.com.au
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9e322e104caf61653b1595f938d5c774c6bc0ac2799aff3538fedaee835c8ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:12:51 GMT
x-content-type-options
nosniff
age
9
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21972
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 18:18:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Oct 2022 16:02:51 GMT
m=_b,_tp,_r
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.zfNcxEj9-ys.es5.O/am=ygCA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5u... Frame 17D2 		171 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.zfNcxEj9-ys.es5.O/am=ygCA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5ujorPBOvqJxLeucjLVp6OYZ5OGA/m=_b,_tp,_r
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=463023&publicationId=heraldsun.com.au
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79bad020a1d888afe2d9f1174b72efd5e116e35e6e423213ffa47829c1cbfc36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:46:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80810
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61698
x-xss-protection
0
last-modified
Wed, 26 Oct 2022 00:51:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 26 Oct 2023 16:46:10 GMT
Zn9CDsf4BJYcSsTW.m3u8
video.twimg.com/ext_tw_video/1585345540950085633/pu/pl/ Frame 2EB9 		842 B
873 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1585345540950085633/pu/pl/Zn9CDsf4BJYcSsTW.m3u8?variant_version=1&tag=14&container=fmp4
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.loaders.video.PlayerHls1.b5222664b99b9ed3eca7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CCA) /
Resource Hash
05cc7dc6b6aca19d327ee6c072302143cc233998b65eb4db6de3c2361d7aa57c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69158
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length
354
x-response-time
81
surrogate-key
ext_tw_video ext_tw_video/bucket/3 ext_tw_video/1585345540950085633
last-modified
Wed, 26 Oct 2022 18:58:05 GMT
server
ECAcc (frc/4CCA)
vary
Accept-Encoding
x-tw-cdn
VZ, VZ, VZ
content-type
application/x-mpegURL
access-control-allow-origin
*
x-transaction-id
e32c45bf0cea61c8
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
x-connection-hash
e42efe3583b4def79ebf52bd337ce72e94f7b105616baa84e8752b0eb01c00db
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
embeds
syndication.twitter.com/i/jot/ Frame 2EB9 		43 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1666883580427%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22FCP%22%2C%22component%22%3A%22performance%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22rufous-eol%22%2C%22client_version%22%3A%221c23387b1f70c%3A1664388199485%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.dailytelegraph.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22theheraldsun%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22f990d1aff4e35%3A1666252487280%22%2C%22item_ids%22%3A%5B%221585360307102552064%22%5D%2C%22item_details%22%3A%7B%221585360307102552064%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22duration_ms%22%3A1162%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-response-time
121
date
Thu, 27 Oct 2022 15:12:59 GMT
strict-transport-security
max-age=631138519
last-modified
Thu, 27 Oct 2022 15:13:00 GMT
server
tsa_o
vary
Origin
content-type
image/gif
x-transaction-id
e42776fca34b9b41
cache-control
must-revalidate, max-age=600
perf
7626143928
x-connection-hash
cf54bec4fd357086551d64956855462735301ea628e6877092f5fae8caf5d76b
content-length
43
Serving
bs.serving-sys.com/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving?cn=ot&onetagid=6630&dispType=js&sync=0&sessionid=7939331827435657137&pageurl=$$https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd$$&activityValues=$$Session%3D1122231597798466503$$&ns=0&rnd=5922060306650883&referrer=$$https://content.isentia.io/$$&uinadv=%7B%7D
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.94.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-94-146.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
aa9da3206c274818b4d5d83e2935a671483517a711ff68e20de2dbef22811446

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:00 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
no-cache, no-store
content-length
2361
expires
Sun, 05-Jun-2005 22:00:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 17D2 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=463023&publicationId=heraldsun.com.au
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
Origin
https://news.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 17:06:41 GMT
x-content-type-options
nosniff
age
165979
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 25 Oct 2023 17:06:41 GMT
m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,DsXBRb,zG9H6c,DfBslb
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.zfNcxEj9-ys.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.zf8TXBsqtpM.L.B1... Frame 17D2 		135 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.zfNcxEj9-ys.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.zf8TXBsqtpM.L.B1.O/am=ygCA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI6egBnSxC9NN2hy7ClquicNWkZxJQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,DsXBRb,zG9H6c,DfBslb
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.zfNcxEj9-ys.es5.O/am=ygCA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5ujorPBOvqJxLeucjLVp6OYZ5OGA/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9567d9c3ea8784710a0bceb401dcde611adc89384522f95093d25d09ffb1855e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 17:03:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79794
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46377
x-xss-protection
0
last-modified
Wed, 26 Oct 2022 00:51:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 26 Oct 2023 17:03:06 GMT
style.css
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/tgc-sports-scoreboardv2/assets/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/tgc-sports-scoreboardv2/assets/style.css
Requested by
Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-206.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2778076bb373ab474821c17b016270efb3cd88f55153262c7dc5baf19ee82fe0
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Thu, 27 Oct 2022 15:17:45 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
date
Thu, 27 Oct 2022 15:13:00 GMT
last-modified
Wed, 26 Oct 2022 07:36:21 GMT
x-timer
S1666769896.456091,VS0,VE1
etag
"c42584a7ae1eb1de9d1429f82c297e303655ff5bf7b8f1902c4c856105098b5b"
x-i
true
vary
Accept-Encoding
x-served-by
cache-hhn4061-HHN
content-type
text/css; charset=utf-8
cache-control
max-age=285
accept-ranges
bytes
content-length
3025
x-cache-hits
1
main.js
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/tgc-sports-scoreboardv2/assets/ 		355 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/tgc-sports-scoreboardv2/assets/main.js
Requested by
Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-206.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bf0390aa96210a4a3fca57b2b12c9787a83e1c1746e4fe996af926cc66ce1673
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Thu, 27 Oct 2022 15:37:08 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
date
Thu, 27 Oct 2022 15:13:00 GMT
last-modified
Wed, 26 Oct 2022 07:36:21 GMT
x-timer
S1666769896.456192,VS0,VE1
etag
"66bc46a81535ff93716933e9929045731657b52ec586d7425e6b00e127af0031"
x-i
true
vary
Accept-Encoding
x-served-by
cache-hhn4078-HHN
content-type
text/javascript; charset=utf-8
cache-control
max-age=1448
accept-ranges
bytes
content-length
93044
x-cache-hits
1
style.css
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/tgc-sports-matchcentre/assets/ 		474 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/tgc-sports-matchcentre/assets/style.css
Requested by
Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-206.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
08bf5e1c9fe7f83ac3d21c38b0a1900277a1137abb676fac94c82915a3c18258
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Thu, 27 Oct 2022 15:18:44 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
date
Thu, 27 Oct 2022 15:13:00 GMT
last-modified
Wed, 26 Oct 2022 07:36:21 GMT
x-timer
S1666769930.950509,VS0,VE1
etag
"b59069e04eabe17902bd78fc62d60e88df5e92ec89c14313455dd526c3d22642"
x-i
true
vary
Accept-Encoding
x-served-by
cache-hhn4077-HHN
content-type
text/css; charset=utf-8
cache-control
max-age=344
accept-ranges
bytes
content-length
17540
x-cache-hits
1
main.js
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/tgc-sports-matchcentre/assets/ 		185 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/tgc-sports-matchcentre/assets/main.js
Requested by
Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-206.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fccaa574b9efe379a49d8c7c50ec7fdfe06dd09d95b640ba2080e9ff5740b0d7
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Thu, 27 Oct 2022 15:28:45 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
date
Thu, 27 Oct 2022 15:13:00 GMT
last-modified
Wed, 26 Oct 2022 07:36:21 GMT
x-timer
S1666769930.953803,VS0,VE1
etag
"da7b9a7f45f7f72958b368085748ef4bbd03ce9d8e003d017bba40b1a071dba7"
x-i
true
vary
Accept-Encoding
x-served-by
cache-hhn4055-HHN
content-type
text/javascript; charset=utf-8
cache-control
max-age=945
accept-ranges
bytes
content-length
44946
x-cache-hits
1
PixrFD2XsN15T9Ox.m3u8
video.twimg.com/ext_tw_video/1585345540950085633/pu/pl/320x568/ Frame 2EB9 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1585345540950085633/pu/pl/320x568/PixrFD2XsN15T9Ox.m3u8?container=fmp4
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.loaders.video.PlayerHls1.b5222664b99b9ed3eca7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4D09) /
Resource Hash
0f6b0f79eca296b5c3d09430cbf082dd17f3a45603c8c312a2a2fbdfa0626cb4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69233
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
1459
x-response-time
85
surrogate-key
ext_tw_video ext_tw_video/bucket/3 ext_tw_video/1585345540950085633
last-modified
Wed, 26 Oct 2022 18:58:05 GMT
server
ECAcc (frc/4D09)
vary
Accept-Encoding
x-tw-cdn
VZ, VZ, VZ
content-type
application/x-mpegURL
access-control-allow-origin
*
x-transaction-id
dbc7cc2a417d1df9
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
x-connection-hash
061842839310a06303152eaa9d430c64c4fbf52357200383b4ec7363c83a2269
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
m=bm51tf
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.zfNcxEj9-ys.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.zf8TXBsqtpM.L.B1... Frame 17D2 		1 KB
735 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.zfNcxEj9-ys.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.zf8TXBsqtpM.L.B1.O/am=ygCA/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,ZfAoz,_b,_r,_tp,aurFic,byfTOb,fKUV3e,gychg,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI6egBnSxC9NN2hy7ClquicNWkZxJQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=bm51tf
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.zfNcxEj9-ys.es5.O/am=ygCA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5ujorPBOvqJxLeucjLVp6OYZ5OGA/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da64e5422bf102e58624fb7c2079201a8b7b4eb2c8d07d2081bb49fd0f97bbc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 17:03:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79794
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
709
x-xss-protection
0
last-modified
Wed, 26 Oct 2022 00:51:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 26 Oct 2023 17:03:06 GMT
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221027-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Thu, 27 Oct 2022 15:13:00 GMT
x-amz-request-id
V61E4N6NGWRZQH85
age
3281
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
ljPcn8+9QxUU/ST0/RYP8Glf092k+yXW9clNcA7rI1THHCAI4QzrF+YmLiYfD47mQSokXXNfXQk=
x-served-by
cache-hhn4038-HHN
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1666883581.678032,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
65
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
4317
batchexecute
news.google.com/swg/_/SubscribewithgoogleClientUi/data/ Frame 17D2 		582 B
436 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2Fui%2Fv1%2Fserviceiframe&f.sid=-5966556209687669729&bl=boq_subscribewithgoogleclientserver_20221025.07_p0&hl=de&soc-app=673&soc-platform=1&soc-device=1&_reqid=54781&rt=c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.zfNcxEj9-ys.es5.O/am=ygCA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5ujorPBOvqJxLeucjLVp6OYZ5OGA/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6dce99f1f176145a94480734b8cba9e176f0bc23a6d4e8b5bc1640547881c95c
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Same-Domain
1
Referer
https://news.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 27 Oct 2022 15:13:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-encoding
gzip
cross-origin-resource-policy
same-site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
NRFAvG4kNk_ugL2U.m4s
video.twimg.com/ext_tw_video/1585345540950085633/pu/vid/0/3000/320x568/ Frame 2EB9 		116 KB
116 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1585345540950085633/pu/vid/0/3000/320x568/NRFAvG4kNk_ugL2U.m4s
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.loaders.video.PlayerHls1.b5222664b99b9ed3eca7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C86) /
Resource Hash
229b98d44ca652161ac63c2299eb89b08fc94ad5f3ed3f45cb0979d613c9a299
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:00 GMT
x-content-type-options
nosniff
age
69226
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length
118651
x-response-time
93
surrogate-key
ext_tw_video ext_tw_video/bucket/3 ext_tw_video/1585345540950085633
last-modified
Wed, 26 Oct 2022 18:58:05 GMT
server
ECAcc (frc/4C86)
x-tw-cdn
VZ, VZ, VZ
content-type
video/mp4
access-control-allow-origin
*
x-transaction-id
5ecfff73ae07f909
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
x-connection-hash
22f193c28a5eec02c335b69e34ac7cdb86eca141f42ce116c9bd99fac581ed64
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
currentseason.json
statsapi.foxsports.com.au/3.0/api/sports/football/series/6/ 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://statsapi.foxsports.com.au/3.0/api/sports/football/series/6/currentseason.json?userkey=6B2F4717-A97C-49F6-8514-3600633439B9
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/tgc-sports-scoreboardv2/assets/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.209.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-209-192.deploy.static.akamaitechnologies.com
Software
STATS API /
Resource Hash
ea94ea330644a22d76de67f60523d5b70ec63b6af7aab1b954bc79dbd0399bce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:00 GMT
content-encoding
gzip
server
STATS API
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
x-varnish
166408074
access-control-allow-origin
*
cache-control
max-age=454
accept-ranges
bytes
content-length
1073
currentseason.json
statsapi.foxsports.com.au/3.0/api/sports/football/series/1/ 		5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://statsapi.foxsports.com.au/3.0/api/sports/football/series/1/currentseason.json?userkey=6B2F4717-A97C-49F6-8514-3600633439B9
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/tgc-sports-scoreboardv2/assets/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.209.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-209-192.deploy.static.akamaitechnologies.com
Software
STATS API /
Resource Hash
8e10da543ee1fd1a3db6f14d8a0fd754c86adeba294621a4bf473d927ac536d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:01 GMT
content-encoding
gzip
server
STATS API
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
x-varnish
298825006
access-control-allow-origin
*
cache-control
max-age=3031
accept-ranges
bytes
content-length
812
dest5.html
newscorpau.demdex.net/ Frame 2CC3 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newscorpau.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.125.44.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-44-37.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-2-v044-04882231d.edge-irl1.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
rm3v6QCrSkg=
content-encoding
gzip
date
Thu, 27 Oct 2022 15:13:02 GMT
last-modified
Thu, 29 Sep 2022 16:47:45 GMT
vary
accept-encoding
id
metrics.heraldsun.com.au/ 		48 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://metrics.heraldsun.com.au/id?d_visid_ver=5.1.1&d_fieldgroup=A&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&mid=44663009312486261422608925643828939322&ts=1666883580718
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
9a41224379ba888bda52a613753a2379876893ab1cfde2c943317af33330c848
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 27 Oct 2022 15:13:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=Y1qf-AAAAIVXwANn
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=44641758690432309162611042459969887008
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y1qf-AAAAIVXwANn
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y1qf-AAAAIVXwANn
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
HTTP/1.1
Server
34.248.152.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-152-242.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v044-030456c97.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
x9Y/jWvqRCo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y1qf-AAAAIVXwANn
Date
Thu, 27 Oct 2022 15:13:00 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
/
pips.taboola.com/ 		64 B
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
da1d2c71db717245679366e462635b310d8111bad08c0ad01fe0871faabcbd54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by
cache-hhn4045-HHN
date
Thu, 27 Oct 2022 15:13:00 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-store
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.zfNcxEj9-ys.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.zf8TXBsqtpM.L.B1... Frame 17D2 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.zfNcxEj9-ys.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.zf8TXBsqtpM.L.B1.O/am=ygCA/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,ZfAoz,_b,_r,_tp,aurFic,bm51tf,byfTOb,fKUV3e,gychg,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI6egBnSxC9NN2hy7ClquicNWkZxJQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.zfNcxEj9-ys.es5.O/am=ygCA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5ujorPBOvqJxLeucjLVp6OYZ5OGA/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c42f7b958aa00ddebc17539be2e7b443f1c8f8f974f727f106fc5d9774bead6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 17:03:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79793
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7234
x-xss-protection
0
last-modified
Wed, 26 Oct 2022 00:51:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 26 Oct 2023 17:03:07 GMT
up_loader.1.1.0.js
js.adsrvr.org/ Frame E809 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.65.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-65-116.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 26 Oct 2022 22:44:18 GMT
Content-Encoding
gzip
Via
1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-C1
Age
59323
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
JDhE_SXtWIuueEXkD8PxWJApeDd-HtkXaZN7ggRGOGaPH1nwGekpkA==
uwt.js
static.ads-twitter.com/ Frame FD0A 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: content.isentia.io
URL: https://content.isentia.io/?url=https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805&key=a477a53a6df01a2147d2836d6031617c&ver=1&mid=881687832
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:00 GMT
content-encoding
gzip
last-modified
Tue, 30 Aug 2022 15:04:19 GMT
etag
"d4de8398858246712016031c834bb061+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15317
x-served-by
cache-iad-kjyo7100153-IAD, cache-fra-eddf8230123-FRA
insight.min.js
snap.licdn.com/li.lms-analytics/ Frame 4505 		997 B
690 B 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: content.isentia.io
URL: https://content.isentia.io/?url=https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805&key=a477a53a6df01a2147d2836d6031617c&ver=1&mid=881687832
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3f01cb4e8bb564dfe1d558ba77bf9cda1712b8378f4c25223c44967ae8d5ea04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
647
date
Thu, 27 Oct 2022 15:13:00 GMT
content-encoding
gzip
last-modified
Wed, 26 Oct 2022 22:31:50 GMT
x-cdn
AKAM
x-edgeconnect-midmile-rtt
0
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=26352
accept-ranges
bytes
content-length
471
js
www.googletagmanager.com/gtag/ Frame 38F6 		118 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-707564276
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f47c4e208ecc814a620ed66da34aa2f0368dbf714088aa3dc7ae570609c420c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
47754
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 27 Oct 2022 15:13:00 GMT
up_loader.1.1.0.js
js.adsrvr.org/ Frame AF9C 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.65.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-65-116.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 26 Oct 2022 22:44:18 GMT
Content-Encoding
gzip
Via
1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-C1
Age
59323
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
3e3if3WArhonhbtvt5S7ROrp_MUVZE4d0RSnXs0C1siVKhW8SNL2ZA==
pixie.js
acdn.adnxs.com/dmp/up/ Frame F3D2 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/up/pixie.js
Requested by
Host: content.isentia.io
URL: https://content.isentia.io/?url=https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805&key=a477a53a6df01a2147d2836d6031617c&ver=1&mid=881687832
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Expires
Fri, 01 Oct 2021 05:45:37 GMT
Date
Thu, 27 Oct 2022 15:13:00 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
33241
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
3340
X-Served-By
cache-lga21930-LGA, cache-hhn4021-HHN
Last-Modified
Wed, 02 Jun 2021 15:04:00 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Timer
S1666883581.926582,VS0,VE0
ETag
W/"60b79de0-23b3"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
13, 10519
activityi;dc_pre=CMT86J3ZgPsCFZXFsgodr68FwA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4164349175988.6377
8228261.fls.doubleclick.net/ Frame 4227
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4164349175988.6377?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CMT86J3ZgPsCFZXFsgodr68FwA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=416434917598...
403 B
356 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=CMT86J3ZgPsCFZXFsgodr68FwA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4164349175988.6377?
Requested by
Host: content.isentia.io
URL: https://content.isentia.io/?url=https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805&key=a477a53a6df01a2147d2836d6031617c&ver=1&mid=881687832
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f6.1e100.net
Software
cafe /
Resource Hash
d4217603b2b015f6762958f96ee0fb670ac2332640c669b6a5f7369bb91e4cc4
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
331
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 27 Oct 2022 15:13:01 GMT
expires
Thu, 27 Oct 2022 15:13:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 27 Oct 2022 15:13:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8228261.fls.doubleclick.net/activityi;dc_pre=CMT86J3ZgPsCFZXFsgodr68FwA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4164349175988.6377?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
conversion.js
www.googleadservices.com/pagead/ Frame 1A0D 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
c75318b7d6abca37817c0d53776bad17c8f6b6181c2fd7b056d768273839933d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16834
x-xss-protection
0
server
cafe
etag
11219438536449138901
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 27 Oct 2022 15:13:00 GMT
activity
au-gmtdmp.mookie1.com/t/v2/ Frame 671C 		43 B
640 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296557&src.rand=[timestamp]
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.202.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
26.202.227.35.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:01 GMT
via
1.1 google
server
Apache
content-type
image/gif;charset=UTF-8
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
bounce
secure.adnxs.com/ Frame 0F18
Redirect Chain
  • https://secure.adnxs.com/px?id=879166&seg=9702347&t=2
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
HTTP/1.1
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Oct 2022 15:13:01 GMT
AN-X-Request-Uuid
de82597f-873d-4db3-acde-227d948a8614
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
84.19.175.184; 84.19.175.184; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 27 Oct 2022 15:13:00 GMT
AN-X-Request-Uuid
b52eff96-4d84-43c4-8dfd-f5f1758245ed
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
84.19.175.184; 84.19.175.184; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1
0
1017 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
HTTP/1.1
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Oct 2022 15:13:01 GMT
AN-X-Request-Uuid
02423b92-f903-4d78-8d5c-b9dc76f08512
Server
nginx/1.21.3
Content-Type
application/javascript; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
84.19.175.184; 84.19.175.184; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 27 Oct 2022 15:13:00 GMT
AN-X-Request-Uuid
c7a013d7-53aa-4c83-a72c-bdf3c9cf4063
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
84.19.175.184; 84.19.175.184; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
log
play.google.com/ Frame 17D2 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.zfNcxEj9-ys.es5.O/am=ygCA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5ujorPBOvqJxLeucjLVp6OYZ5OGA/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 27 Oct 2022 15:13:01 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 27 Oct 2022 15:13:01 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 27 Oct 2022 15:13:00 GMT
expires
Thu, 27 Oct 2022 15:13:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 17D2 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.zfNcxEj9-ys.es5.O/am=ygCA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5ujorPBOvqJxLeucjLVp6OYZ5OGA/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 27 Oct 2022 15:13:01 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 27 Oct 2022 15:13:01 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 27 Oct 2022 15:13:00 GMT
expires
Thu, 27 Oct 2022 15:13:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 17D2 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.zfNcxEj9-ys.es5.O/am=ygCA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5ujorPBOvqJxLeucjLVp6OYZ5OGA/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 27 Oct 2022 15:13:01 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 27 Oct 2022 15:13:01 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 27 Oct 2022 15:13:00 GMT
expires
Thu, 27 Oct 2022 15:13:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
IWb5eR2ZN2WyNTde.mp4
video.twimg.com/ext_tw_video/1585345540950085633/pu/vid/0/0/320x568/ Frame 2EB9 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1585345540950085633/pu/vid/0/0/320x568/IWb5eR2ZN2WyNTde.mp4
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.loaders.video.PlayerHls1.b5222664b99b9ed3eca7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CC5) /
Resource Hash
4067ea7648f1ba17958f6c7c9fc1a91f3368f9118d732f3a4a3c170ed27af0ae
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:00 GMT
x-content-type-options
nosniff
age
69233
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
1131
x-response-time
96
surrogate-key
ext_tw_video ext_tw_video/bucket/3 ext_tw_video/1585345540950085633
last-modified
Wed, 26 Oct 2022 18:58:05 GMT
server
ECAcc (frc/4CC5)
x-tw-cdn
VZ, VZ, VZ
content-type
video/mp4
access-control-allow-origin
*
x-transaction-id
0f8efbed5d9fe763
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
x-connection-hash
252041d33d5ffa881ea2e0eef77f6bf54b71e4b351b3a4def2a41463f0e43a36
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
log
play.google.com/ Frame 17D2 		131 B
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.zfNcxEj9-ys.es5.O/am=ygCA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5ujorPBOvqJxLeucjLVp6OYZ5OGA/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 27 Oct 2022 15:13:01 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 27 Oct 2022 15:13:01 GMT
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=4f464d79-e4e7-4701-9c99-6153d7c32bee-tucta54257a&uad=44fa8bbd3c9eea295a00a2afe28005f88c6dbb1347453c60c3273233c08d4665&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 27 Oct 2022 15:13:01 GMT
cache-control
no-store
server
nginx
NRFAvG4kNk_ugL2U.m4s
video.twimg.com/ext_tw_video/1585345540950085633/pu/vid/0/3000/320x568/ Frame 2EB9 		116 KB
116 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1585345540950085633/pu/vid/0/3000/320x568/NRFAvG4kNk_ugL2U.m4s
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.loaders.video.PlayerHls1.b5222664b99b9ed3eca7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C86) /
Resource Hash
229b98d44ca652161ac63c2299eb89b08fc94ad5f3ed3f45cb0979d613c9a299
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:00 GMT
x-content-type-options
nosniff
age
69226
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
118651
x-response-time
93
surrogate-key
ext_tw_video ext_tw_video/bucket/3 ext_tw_video/1585345540950085633
last-modified
Wed, 26 Oct 2022 18:58:05 GMT
server
ECAcc (frc/4C86)
x-tw-cdn
VZ, VZ, VZ
content-type
video/mp4
access-control-allow-origin
*
x-transaction-id
5ecfff73ae07f909
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
x-connection-hash
22f193c28a5eec02c335b69e34ac7cdb86eca141f42ce116c9bd99fac581ed64
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
adsct
t.co/i/ Frame FD0A 		43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=9b4b7962-1f14-4de9-8df6-c09a9fff9a01&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=38b8b741-4f00-4d46-a3be-fcbe6710ac31&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3flk&type=javascript&version=2.3.27
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-response-time
157
date
Thu, 27 Oct 2022 15:13:00 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
df18d36b499f04f3
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
0fd94cf6f42efaff4d48ab9ad3c78c9c50edf10b6d5b2b247e7f114a443466d8
content-length
43
adsct
analytics.twitter.com/i/ Frame FD0A 		43 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=9b4b7962-1f14-4de9-8df6-c09a9fff9a01&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=38b8b741-4f00-4d46-a3be-fcbe6710ac31&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3flk&type=javascript&version=2.3.27
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-response-time
179
date
Thu, 27 Oct 2022 15:13:00 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
e1f06227385569d9
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
9306536463a91c9fefa524a651abce319afaf1d6f9b113f931e76323d36a6e72
content-length
43
insight.old.min.js
snap.licdn.com/li.lms-analytics/ Frame 4505 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:00 GMT
content-encoding
gzip
last-modified
Mon, 24 Oct 2022 21:02:26 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=81596
accept-ranges
bytes
content-length
3063
pixie
ib.adnxs.com/ Frame F3D2 		42 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/pixie?e=PageView&pi=4332873b-84ca-4d4d-a575-ee974bcdf99a&it=1666883580940&v=0.0.20&u=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&r=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&st=1666883580940&et=1666883580940&if=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 27 Oct 2022 15:13:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx/1.21.3
Connection
keep-alive
X-Proxy-Origin
84.19.175.184; 84.19.175.184; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
42
Content-Type
image/gif
collect
px4.ads.linkedin.com/ Frame 4505
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1666883581004&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qat...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26time%3D1666883581004%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1666883581004&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qat...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1666883581004&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qa...
0
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1666883581004&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&liSync=true&e_ipv6=AQKKoaGYKh637AAAAYQaAPhD-b_gBcfVvGxl5sTEC7J13vnV5Lb1W6v36WpurBi5pkNr7eM4EimMRflfIhSiXhpG8JVemg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:01 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: E38A3091FC574962AFDFAFB6029E9828 Ref B: DUS30EDGE0321 Ref C: 2022-10-27T15:13:02Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXsBZPPxEDAncGOzVroTg==

Redirect headers

date
Thu, 27 Oct 2022 15:13:01 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 8B2C4A6B6A464A0D81BBB26027742C6B Ref B: DUS30EDGE0905 Ref C: 2022-10-27T15:13:01Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1666883581004&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&liSync=true&e_ipv6=AQKKoaGYKh637AAAAYQaAPhD-b_gBcfVvGxl5sTEC7J13vnV5Lb1W6v36WpurBi5pkNr7eM4EimMRflfIhSiXhpG8JVemg
x-li-proto
http/2
content-length
0
x-li-uuid
AAXsBZPJh0W4cKoY/E7Q1w==
-vuMob1RgfYAHyPT.m4s
video.twimg.com/ext_tw_video/1585345540950085633/pu/vid/3000/6000/320x568/ Frame 2EB9 		119 KB
119 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1585345540950085633/pu/vid/3000/6000/320x568/-vuMob1RgfYAHyPT.m4s
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.loaders.video.PlayerHls1.b5222664b99b9ed3eca7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CE0) /
Resource Hash
0ef302d23e6466167bbeac7873e07aac870e29215762be8cf8a6e65ecb718e48
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:01 GMT
x-content-type-options
nosniff
age
69233
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
122104
x-response-time
102
surrogate-key
ext_tw_video ext_tw_video/bucket/3 ext_tw_video/1585345540950085633
last-modified
Wed, 26 Oct 2022 18:58:05 GMT
server
ECAcc (frc/4CE0)
x-tw-cdn
VZ, VZ, VZ
content-type
video/mp4
access-control-allow-origin
*
x-transaction-id
a81074a481d3ac10
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
x-connection-hash
588b67caa38119ba2514d05bedd780a828db872e16c082c446d7a1f6d7be6cd9
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/ Frame 1A0D 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/?random=1666883581011&cv=9&fst=1666883581011&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
245664dc2d5a4c8ad7769e402a764197430f49ee9d41a3b58bea3ee37680476a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1111
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ Frame 38F6 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e07332c72aa495bd9d3116164fe3ef3a9d7d3599d99f5ec612e43955b9e2de96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15175
x-xss-protection
0
server
cafe
etag
2727272090050510172
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 27 Oct 2022 15:13:01 GMT
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805&u=5LINFCrnAmMrNRWh&d=heraldsun.com.au&g=36976&g0=sport%2Cfootball%2Cvideo%2Ccomments%2Cstory%2Cmc_widget%2Cpc.ct.restricted&g1=Joe%20Barton&n=1&f=00001&c=0.03&x=0&m=0&y=7354&o=1600&w=1200&j=30&R=1&W=0&I=0&E=1&e=1&r=https%3A%2F%2Fcontent.isentia.io%2F&b=10319&t=ByhM-2D2VRkKBkcxbdB8B8RMoaLs4&V=136&tz=0&_acct=anon&_vi=Qatar%20World%20Cup%202022&_vp=6313008703112&_vdd=video%40heraldsun.com.au&_vs=s1&_vt=ct&_vap=&_vtn=https%3A%2F%2Fcf-images.ap-southeast-2.prod.boltdns.net%2Fv1%2Fstatic%2F5348771529001%2F6ba274fa-fdf1-44ad-b7cd-df5a23811950%2F803fe2ee-489f-4d4e-ab94-82cfe978c0b3%2F152x85%2Fmatch%2Fimage.jpg&_vd=0&sn=2&sv=QGWasB1RixZBl84vYOP84pClHEvS&sr=https%3A%2F%2Fcontent.isentia.io%2F&sd=1&im=065b0ed2&_
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.198.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-198-241.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 27 Oct 2022 15:13:01 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
tme
lm.serving-sys.com/lm/ 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://lm.serving-sys.com/lm/tme
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.196.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-196-126.eu-central-1.compute.amazonaws.com
Software
LogModule 0.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Allow-Credentials
true
Server
LogModule 0.4
Content-Length
0
Content-Type
text/plain
similars
api.vidora.com/v1/users/aan83ckvs88bee7ip4e5k6urnl2p1b/items/19d704b0a7aa29bdc26f19fac71af34d/ 		361 B
582 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.vidora.com/v1/users/aan83ckvs88bee7ip4e5k6urnl2p1b/items/19d704b0a7aa29bdc26f19fac71af34d/similars?limit=10&category=heraldsun.com.au&api_key=newsau_video.93DFAEA2BB0A788E1466709DFF2B086C
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.208.54.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-54-167.compute-1.amazonaws.com
Software
/
Resource Hash
22a24674b34fed8f2d9fa786bf67eb7ec0d52a46022e879303f39d848119ffda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:01 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-robots-tag
noindex
content-length
250
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/859754747/ Frame 1A0D 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/859754747/?random=1666883581011&cv=9&fst=1666882800000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&fmt=3&is_vtc=1&random=1651840280&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:01 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/859754747/ Frame 1A0D 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/859754747/?random=1666883581011&cv=9&fst=1666882800000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&fmt=3&is_vtc=1&random=1651840280&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:01 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fixturesandresults.json
statsapi.foxsports.com.au/3.0/api/sports/football/series/6/seasons/136/ 		445 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://statsapi.foxsports.com.au/3.0/api/sports/football/series/6/seasons/136/fixturesandresults.json?userkey=6B2F4717-A97C-49F6-8514-3600633439B9
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/tgc-sports-scoreboardv2/assets/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.209.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-209-192.deploy.static.akamaitechnologies.com
Software
STATS API /
Resource Hash
41fb3cc602231798dea527fd883759ae07777d76b5b615b6959f5b0e0b5179b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:04 GMT
content-encoding
gzip
server
STATS API
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
x-varnish
324876377 322418989
access-control-allow-origin
*
cache-control
max-age=1
accept-ranges
bytes
content-length
13541
fixturesandresults.json
statsapi.foxsports.com.au/3.0/api/sports/football/series/1/seasons/136/ 		185 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://statsapi.foxsports.com.au/3.0/api/sports/football/series/1/seasons/136/fixturesandresults.json?userkey=6B2F4717-A97C-49F6-8514-3600633439B9
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/tgc-sports-scoreboardv2/assets/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.209.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-209-192.deploy.static.akamaitechnologies.com
Software
STATS API /
Resource Hash
adf91edba255833bb7b5cfcff7fece48b39a553c9cc9f0501c36b425037b264d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:03 GMT
content-encoding
gzip
server
STATS API
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
x-varnish
144189525
access-control-allow-origin
*
cache-control
max-age=2
accept-ranges
bytes
content-length
6804
dc_pre=CMT86J3ZgPsCFZXFsgodr68FwA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4164349175988.6377
adservice.google.com/ddm/fls/z/ Frame 4227 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CMT86J3ZgPsCFZXFsgodr68FwA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4164349175988.6377
Requested by
Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CMT86J3ZgPsCFZXFsgodr68FwA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4164349175988.6377?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8228261.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/ Frame 38F6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/?random=1666883581272&cv=9&fst=1666883581272&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaq0&sendb=1&ig=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&auid=169637860.1666883581&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
91016eb6e4d33cb8aad448ed49b26edcf6185f2401599bf56a2e58b8d451ee11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1142
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/707564276/ Frame 38F6 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/707564276/?random=1666883581272&cv=9&fst=1666882800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaq0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&async=1&fmt=3&is_vtc=1&random=265853854&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:01 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/707564276/ Frame 38F6 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/707564276/?random=1666883581272&cv=9&fst=1666882800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaq0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&async=1&fmt=3&is_vtc=1&random=265853854&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:01 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
b6658cd6f611e003286664f015dd7139
content.api.news/v3/videos/ 		23 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://content.api.news/v3/videos/b6658cd6f611e003286664f015dd7139?api_key=9uz93nsd4pggfwhqcjnhmafw
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
CloudFront /
Resource Hash
3f2dee9e8202b994a662fd7da669e1828aa2d7fc81ae7a77603ad8ecfc696489

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:01 GMT
content-encoding
gzip
x-amzn-remapped-server
nginx/1.20.0
x-amz-cf-pop
SIN2-C1
x-amzn-remapped-connection
keep-alive
x-newsapi-cache
MISS
edge-cache-tag
b6658cd6f611e003286664f015dd7139
x-amzn-requestid
3683f798-0535-4974-b2c1-931fdf2f133f
x-newsapi-timestamp
2022-10-27T14:49:33.614283Z[UTC]
x-newsapi-traceid
ab531b5b02863522
x-amz-apigw-id
aq0TmFnBSwMF-Lw=
content-length
3313
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=395
x-o
CF
x-newsapi-processing-time
377
access-control-allow-headers
x-newsapi-api-key
x-amzn-remapped-date
Thu, 27 Oct 2022 14:49:33 GMT
x-amz-cf-id
1b-iWEgrEMpE3LYIha2LzGgRrjkHcAteD6LS5zI0VOzdhvZQRlcFOA==
expires
Thu, 27 Oct 2022 15:19:36 GMT
id
dpm.demdex.net/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=44663009312486261422608925643828939322&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=newsnkidcookie%014266bc4de45aa575d451af048646f817%011&ts=1666883581634
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.152.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-152-242.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
73a47bbee9a87dcf0ac4d76acafc9c3122d1c4d7985877deb42fe88f8d6665ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-2-v044-04c5fceec.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
W6L5xuPnQkI=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1562
Expires
Thu, 01 Jan 1970 00:00:00 UTC
gn
secure-sdk.imrworldwide.com/cgi-bin/ 		44 B
597 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_c16_sport_S&asn=sport&fp_id=olchelhm6qoyiuhmfohgnhnc5gr2x1666883579&fp_cr_tm=1666883579702&fp_acc_tm=1666883579702&fp_emm_tm=1666883579702&ve_id=&sessionId=pgxiyq3qc93rfflxsmvfnm5qqxrzv1666883579&prv=1&c6=vc,c16&ca=NA&c13=asid,P16C8D000-5514-4C76-9A96-5F57C2693396&c32=segA,NA&c33=segB,NA&c34=segC,DSK-OTT-WinPhn-OtherBrowser&c15=apn,&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,a1bsqtzye8dxffeaxoqt8s66xqhal1666883579&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16668835796986246&c30=bldv,6.0.0.623&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1666883579264&c3=st,c&c64=starttm,1666883581&adid=1666883579264&c58=isLive,false&c59=sesid,&c61=createtm,1666883580&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&c66=mediaurl,&sdd=&c62=sendTime,1666883580&rnd=383357
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.208.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-208-99.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:01 GMT
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
SiteEvent.dotmetrics
au-script.dotmetrics.net/ 		399 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/SiteEvent.dotmetrics?v=eyJpZCI6MTMyMjIsImZsIjp0cnVlLCJkb20iOiJ3d3cuaGVyYWxkc3VuLmNvbS5hdSIsImxzbyI6bnVsbCwidXJsIjoiaHR0cHM6Ly93d3cuaGVyYWxkc3VuLmNvbS5hdS9zcG9ydC9mb290YmFsbC9maWZhLXdvcmxkLWN1cC1zb2NjZXJvb3MtcHJvdGVzdC1odW1hbi1yaWdodHMtYWJ1c2VzLWluLXFhdGFyL25ld3Mtc3RvcnkvMDZhZTgxODQ1ZDU0MTY4OGM0MDJlZmQyYWM5ZTc4MDU%2FYnRyPTIzZTNmMmMzODlmYzEyY2UwOGM0YTZkNTllN2MzOWRkIiwicnVybCI6Imh0dHBzOi8vY29udGVudC5pc2VudGlhLmlvLyIsInB2aWQiOiIwZjdiYjcyYS01Nzc2LTRhNTYtOTY3Ny1mZmI5NDcyOGQyZTYiLCJ0ek9mZnNldCI6MCwib3NzIjp0cnVlLCJvc2VzIjp0cnVlfQ%3D%3D&r=1666883581728
Requested by
Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/Scripts/script.js?v=216
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-6.fra6.r.cloudfront.net
Software
Kestrel /
Resource Hash
68e36b720b6cb24eb7883cb8015115f4c9dc3df01d26756aa76f056adb7e207c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:02 GMT
content-encoding
br
via
1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
FRA6-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
ieSnEtdmUWD6aq8gdZwFkhfD0lwMAI94vNhdRH58wMxoi_pLixYzDg==
up
insight.adsrvr.org/track/ Frame 0ED7 		0
182 B 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&upid=trk7f24&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html
date
Thu, 27 Oct 2022 15:13:01 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
up
insight.adsrvr.org/track/ Frame 1AEA 		0
181 B 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&upid=ekg5qxt&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html
date
Thu, 27 Oct 2022 15:13:01 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
s19293652989434
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.4/ 		43 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.4/s19293652989434
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 27 Oct 2022 15:13:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy"
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Fri, 28 Oct 2022 15:13:02 GMT
server
jag
etag
3579605236150566912-4619735237722123962
vary
*
content-type
image/gif;charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
expires
Wed, 26 Oct 2022 15:13:02 GMT
2f77a893251de7694de6169e814d119c
content.api.news/v3/videos/ 		18 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://content.api.news/v3/videos/2f77a893251de7694de6169e814d119c?api_key=9uz93nsd4pggfwhqcjnhmafw
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
CloudFront /
Resource Hash
584f2a84a93aaf872a18587704c78f2da5dfbc2925e1349aa5370edff6a22a1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:02 GMT
content-encoding
gzip
x-amzn-remapped-server
nginx/1.20.0
x-amz-cf-pop
SIN2-C1
x-amzn-remapped-connection
keep-alive
x-newsapi-cache
HIT
edge-cache-tag
2f77a893251de7694de6169e814d119c
x-amzn-requestid
d8476192-4d19-47cd-a13b-d5292e64c22c
x-newsapi-timestamp
2022-10-27T15:11:04.374058Z[UTC]
x-newsapi-traceid
3593810cf8dcee11
x-amz-apigw-id
aq3dVF_HywMFVaQ=
content-length
2791
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1660
x-o
CF
x-newsapi-processing-time
11
access-control-allow-headers
x-newsapi-api-key
x-amzn-remapped-date
Thu, 27 Oct 2022 15:11:04 GMT
x-amz-cf-id
S0XGM_YRRfFO9S3lTHRuGecrRBiP3XNuwJyXNdzxD-y2FzBBQESX6Q==
expires
Thu, 27 Oct 2022 15:40:42 GMT
generic1666845836539.js
nebula-cdn.kampyle.com/au/wau/132224/onsite/ 		488 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/au/wau/132224/onsite/generic1666845836539.js
Requested by
Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/au/wau/132224/onsite/embed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0be37f528ad3df7f09e39aa8093d0ef0b564f309cdd8d6541cd7e9d75fc54dff
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
Ske8qJ9R_5gl.eBqdebVZHtTdyAS1sBv
content-encoding
gzip
via
1.1 varnish
date
Thu, 27 Oct 2022 15:13:02 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
T1T89CW735HVD58R
age
37737
x-cache
HIT
content-length
87737
x-amz-id-2
NR252yzlvP8xNXjDFDxm5uCytKo9aY4Ck7YvElCb6ihpGaY/oEaOEWpw2wy7+NJlLjI6evJPE6Y=
x-served-by
cache-hhn4054-HHN
last-modified
Thu, 27 Oct 2022 04:43:57 GMT
server
AmazonS3
x-timer
S1666883583.779990,VS0,VE0
etag
"2794bc1fea1e3ee55176200c2a61afd8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
166
ibs:dpid=358&dpuuid=7337932381638733622
dpm.demdex.net/ Frame 2CC3
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=7337932381638733622
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=358&dpuuid=7337932381638733622
Protocol
HTTP/1.1
Server
34.248.152.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-152-242.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v044-0b1a912a4.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
4mEnEipiSp4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
Date
Thu, 27 Oct 2022 15:13:02 GMT
AN-X-Request-Uuid
1d31f18e-8a4f-423e-8a34-28a7fcc144f9
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dpm.demdex.net/ibs:dpid=358&dpuuid=7337932381638733622
Connection
keep-alive
X-Proxy-Origin
84.19.175.184; 84.19.175.184; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
social
am-trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/social?route=AM:AM:V&lti=deflated&ri=4f7409ecd2d627636c1a323a2d674b54&sd=v2_db71b15ffda1b93bac026227b46cfc94_4f464d79-e4e7-4701-9c99-6153d7c32bee-tucta54257a_1666883578_1666883578_CJrkkBYQgPNHGOrTg9DBMCABKAEwODib4wlAiIoQSMWG2ANQouwQWABgAGi0ovD79tOEkd4BcAA&ui=4f464d79-e4e7-4701-9c99-6153d7c32bee-tucta54257a&pi=/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805&wi=-8549985283888529367&pt=text&vi=1666883578346&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22player-div%22%2C%22nm%22%3A%22video%22%2C%22c%22%3A1%2C%22m%22%3A%22video%22%7D%2C%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.dailytelegraph.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%22%2C%22rref%22%3A%22https%3A%2F%2Fcontent.isentia.io%2F%22%2C%22sref%22%3A%22https%3A%2F%2Fcontent.isentia.io%2F%22%2C%22hdl%22%3A%22Socceroos%E2%80%99%20world-first%20World%20Cup%20protest%22%2C%22sec%22%3A%22sport%22%2C%22aut%22%3A%5B%22Joe%20Barton%22%5D%2C%22img%22%3A%22https%3A%2F%2Fcontent.api.news%2Fv3%2Fimages%2Fbin%2F9d29d4d4add8ea88549e2064319abe56%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=15%3A13%3A02.788&id=4178&llvl=2&cv=20221027-5-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 27 Oct 2022 15:13:02 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
ibs:dpid=470&dpuuid=4331909082144440366
dpm.demdex.net/ Frame 2CC3
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=4331909082144440366
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=470&dpuuid=4331909082144440366
Protocol
HTTP/1.1
Server
34.248.152.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-152-242.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v044-0cc10ed06.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
6DHB+ij4RT8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=470&dpuuid=4331909082144440366
pragma
no-cache
date
Thu, 27 Oct 2022 15:13:02 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
track
udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/ 		59 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/track
Requested by
Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/au/wau/132224/onsite/generic1666845836539.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
82.45.241.35.bc.googleusercontent.com
Software
Jetty(9.2.11.v20150529) /
Resource Hash
cbc1399b82e42018fbc8b8b9277200665d6367c9134ead9308ea5e568b00e459

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

x-me
prod-instance-gatewayservice-blue-43pb
date
Thu, 27 Oct 2022 15:13:03 GMT
via
1.1 google
server
Jetty(9.2.11.v20150529)
access-control-max-age
1800
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
text/plain;charset=ISO-8859-1
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
alt-svc
clear
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept
content-length
59
x-application-context
application:9090
token
token.rubiconproject.com/ Frame 2CC3 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=6404&puid=44641758690432309162611042459969887008&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ibs:dpid=771&dpuuid=CAESEIZQ8kSm0VhVxPt55iHskFY&google_cver=1
dpm.demdex.net/ Frame 2CC3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDQ2NDE3NTg2OTA0MzIzMDkxNjI2MTEwNDI0NTk5Njk4ODcwMDg=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIZQ8kSm0VhVxPt55iHskFY&google_cver=1?gdpr=0&gdpr_consent=
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIZQ8kSm0VhVxPt55iHskFY&google_cver=1?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
34.248.152.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-152-242.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v044-004e84d7b.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
WQBcq0dIS7k=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIZQ8kSm0VhVxPt55iHskFY&google_cver=1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 2CC3 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.heraldsun.com.au&ttd_tpi=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 27 Oct 2022 15:13:03 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ibs:dpid=19566&dpuuid=%s
dpm.demdex.net/ Frame 2CC3
Redirect Chain
  • https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
  • https://dpm.demdex.net/ibs:dpid=19566&dpuuid=%s
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=19566&dpuuid=%s
Protocol
HTTP/1.1
Server
34.248.152.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-152-242.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v044-0ef7a5e84.edge-irl1.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
jd9EfBCXR8o=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:04 GMT
server
nginx
etag
"615e720b-cde"
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
location
https://dpm.demdex.net/ibs:dpid=19566&dpuuid=%s
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
expires
Thu, 27 Oct 2022 15:13:04 GMT
ibs:dpid=23728&dpuuid=Y1qf-zKXGgP48xwlsZrpJAAA%265168
dpm.demdex.net/ Frame 2CC3
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y1qf-zKXGgP48xwlsZrpJAAA%265168
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y1qf-zKXGgP48xwlsZrpJAAA%265168
Protocol
HTTP/1.1
Server
34.248.152.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-152-242.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v044-077cfb62e.edge-irl1.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
oj5nkSjfQjM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y1qf-zKXGgP48xwlsZrpJAAA%265168
cache-control
no-cache
cf-ray
760c5f9e2b8bbbe6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
ibs:dpid=30432&dpuuid=CI-74aa78b14504c4740dc728ec6bbc460a
dpm.demdex.net/ Frame 2CC3
Redirect Chain
  • https://dt.scanscout.com/ssframework/uid?UIAA=44641758690432309162611042459969887008&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D
  • https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-74aa78b14504c4740dc728ec6bbc460a
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-74aa78b14504c4740dc728ec6bbc460a
Protocol
HTTP/1.1
Server
34.248.152.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-152-242.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v044-02e7166cb.edge-irl1.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
92xRJsx1T6g=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-74aa78b14504c4740dc728ec6bbc460a
Date
Thu, 27 Oct 2022 15:13:03 GMT
useSecure
true
Server
openresty/1.19.9.1
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame 2CC3
Redirect Chain
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=44641758690432309162611042459969887008&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
42 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Protocol
HTTP/1.1
Server
34.248.152.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-152-242.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v044-00d08ccfa.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
I/4h3KevQWU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error
104,303
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date
Thu, 27 Oct 2022 15:13:03 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
1248a4f248fe280e895b03153d70a748
content.api.news/v3/videos/ 		9 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://content.api.news/v3/videos/1248a4f248fe280e895b03153d70a748?api_key=9uz93nsd4pggfwhqcjnhmafw
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
CloudFront /
Resource Hash
e19ee4dd452a5b8c61f315046a7f7b024dba8ed3f883bff838ff53246f18383f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:03 GMT
content-encoding
gzip
x-amzn-remapped-server
nginx/1.20.0
x-amz-cf-pop
SIN52-C3
x-amzn-remapped-connection
keep-alive
x-newsapi-cache
HIT
edge-cache-tag
1248a4f248fe280e895b03153d70a748
x-amzn-requestid
286741ba-8792-48b2-8c7f-5d03dc0b024a
x-newsapi-timestamp
2022-10-27T14:52:53.825631Z[UTC]
x-newsapi-traceid
3c7f035c166eb03b
x-amz-apigw-id
aq0y8F8jywMFlEw=
content-length
1769
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=594
x-o
CF
x-newsapi-processing-time
14
access-control-allow-headers
x-newsapi-api-key
x-amzn-remapped-date
Thu, 27 Oct 2022 14:52:53 GMT
x-amz-cf-id
0U7jR-nxfmKP-p4sdKJZayfpIWbEhKLjhCnJZMOPkBBhOuSEiV0W_w==
expires
Thu, 27 Oct 2022 15:22:57 GMT
ff17b6cd6448b7679f6566158fc8920a
content.api.news/v3/images/bin/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/ff17b6cd6448b7679f6566158fc8920a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
cba168029774d08af251e1cff7c8d1efb50bd69fedb82c54d5994a171113025c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:03 GMT
x-check-cacheable
YES
edge-cache-tag
ff17b6cd6448b7679f6566158fc8920a
content-length
6784
last-modified
Thu, 27 Oct 2022 01:18:14 GMT
server
Akamai Image Manager
x-serial
1220
etag
7fb33f8567dbfcf9767ef955d82a1d3b-ff17b6cd6448b7679f6566158fc8920a-0
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5133918
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Mon, 26 Dec 2022 01:18:21 GMT
0e647d82c593b63e92b1a4ba94548aee
content.api.news/v3/images/bin/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/0e647d82c593b63e92b1a4ba94548aee
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
50adf9038691058f7a0ad598fc119639f13dd3dc301f4e0d0c0a73ded8864f69

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:03 GMT
last-modified
Thu, 13 Oct 2022 04:02:48 GMT
server
Akamai Image Manager
etag
3a82e70b5be301927596af0817b0fe48-0e647d82c593b63e92b1a4ba94548aee-0
edge-cache-tag
0e647d82c593b63e92b1a4ba94548aee
content-type
image/webp
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=3934085
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
4646
expires
Mon, 12 Dec 2022 04:01:08 GMT
b978a29254630617168f9e57a397cee0
content.api.news/v3/images/bin/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/b978a29254630617168f9e57a397cee0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
507e47ce7344d5a87f331c18bcb9a097a5d0118426995caebc71ad99ee8f05ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:03 GMT
last-modified
Tue, 25 Oct 2022 03:04:09 GMT
server
Akamai Image Manager
etag
fa5abc5d9f44b5326e7f46d53a912918-b978a29254630617168f9e57a397cee0-0
edge-cache-tag
b978a29254630617168f9e57a397cee0
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=4967437
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
3890
expires
Sat, 24 Dec 2022 03:03:40 GMT
fallback.jpg
resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/img/fallback.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-206.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
14607db250fa522f36a92a9902791cac17738aa8a79844dc4ecb73dc4204533e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:03 GMT
last-modified
Thu, 20 Oct 2022 02:52:12 GMT
server
AmazonS3
x-amz-request-id
D3C2JKEPQYJM85VZ
etag
"8f5a5f8613a5e0b2617e7fd6df8ebc28"
access-control-allow-methods
GET,POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=499929
accept-ranges
bytes
content-length
7795
x-amz-id-2
HIAw3Pr2MtmZRup1hZqyyp7SqoxhIL8oZ1QjjlwFJMm4O1u1qnHuDsU2lZz6tNvuLTsC9fs/tqc=
expires
Wed, 02 Nov 2022 10:05:12 GMT
truncated
/ 		485 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb177aaeef31e1f208e4d075fce2010031bfac6b0883cec9c3087791082e131f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		806 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d5fbefe1b606a5fff9ea58a397514046edca25fb8c33426281d66dadecb5b7ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
usermatch.gif
beacon.krxd.net/ Frame 2CC3
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=44641758690432309162611042459969887008
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=44641758690432309162611042459969887008
0
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=44641758690432309162611042459969887008
Protocol
H2
Server
18.202.59.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-59-106.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by
beacon-n011-dub-prod.krxd.net
date
Thu, 27 Oct 2022 15:13:04 GMT
cache-control
private, no-cache, no-store
x-request-time
D=123 t=1666883584
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=44641758690432309162611042459969887008
date
Thu, 27 Oct 2022 15:13:04 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a013-ash-prod.krxd.net
ibs:dpid=134096&dpuuid=$_BK_UUID
dpm.demdex.net/ Frame 2CC3
Redirect Chain
  • https://tags.bluekai.com/site/43981?id=44641758690432309162611042459969887008&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
42 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
Protocol
HTTP/1.1
Server
34.248.152.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-152-242.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v044-057fd01b2.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
1ERQ/HeMShg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error
104,303
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
date
Thu, 27 Oct 2022 15:13:04 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
integrator.js
adservice.google.sk/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.sk/adsid/integrator.js?domain=www.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		341 KB
33 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=406378770922046&correlator=3418059093742248&hxva=1&scor=3470133702433304&eid=31069354&output=ldjh&gdfp_req=1&vrg=2022102401&ptt=17&impl=fifs&npa=1&iu_parts=5129%2Cndm.hwt%2Csport%2Cfootball&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x250%7C970x50%7C1000x100%2C728x90%2C300x250%7C300x600%2C300x250%2C1000x50%7C728x1%2C4x4%2C300x90%7C315x90%2C1x1&ifi=1&adks=450888655%2C2002755031%2C1007999134%2C3433572105%2C1545555925%2C2549975120%2C886342014%2C2726477024&sfv=1-0-38&ists=1&prev_scp=pos%3D1%26refreshnum%3D0%26refreshed%3Dfalse%26id%3Dd82f34b9-5609-11ed-bf76-0a8b1a8f9703%26vw%3D40%2C50%26vw05%3D40%26grm%3D40%2C50%26pub%3D40%2C50%7Cpos%3D2%26refreshnum%3D0%26refreshed%3Dfalse%26id%3Dd82f34ba-5609-11ed-bf76-0a8b1a8f9703%7Cpos%3D1%26refreshnum%3D0%26refreshed%3Dfalse%26id%3Dd82f34bb-5609-11ed-bf76-0a8b1a8f9703%26vw%3D40%2C50%2C60%2C70%2C80%26vw05%3D40%2C50%2C60%2C70%2C80%26vw15%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%26vw10%3D40%2C50%2C60%2C70%26vw30%3D40%26pub%3D40%2C50%2C60%2C70%7Cpos%3D2%26refreshnum%3D0%26refreshed%3Dfalse%26id%3Dd82f34bc-5609-11ed-bf76-0a8b1a8f9703%7Cpos%3D1%26refreshed%3Dfalse%26id%3Dd82f34bd-5609-11ed-bf76-0a8b1a8f9703%26vw%3D40%2C50%26vw05%3D40%2C50%26grm%3D40%2C50%26pub%3D40%2C50%7Cpos%3D1%26refreshed%3Dfalse%26id%3Dd82f34be-5609-11ed-bf76-0a8b1a8f9703%26vw%3D40%2C50%2C60%26vw05%3D40%2C50%26grm%3D40%2C50%2C60%2C70%26pub%3D40%2C50%2C60%2C70%7Cpos%3D1%26refreshed%3Dfalse%26id%3Dd82f34bf-5609-11ed-bf76-0a8b1a8f9703%26vw%3D40%2C50%26vw05%3D40%2C50%26grm%3D40%2C50%26pub%3D40%2C50%7Cpos%3D1%26id%3Dd82f34c0-5609-11ed-bf76-0a8b1a8f9703&eri=1&cust_params=tts%3Dn%26ttm%3Dn%26us%3Db%26s%3D0%26co%3D1%26kw%3Dplayers%2520association%252CInternational%2520Labor%2520Organisation%252CMitchell%2520Duke%252Chuman%2520rights%2520record%252CJamie%2520Maclaren%252CArab%2520nation%252Chuman%2520rights%252Cmoral%2520leadership%252Cshowpiece%2520event%252CAgence%2520France%2520Presse%252COceania%252CMike%2520Owen%252CWestern%2520Asia%252CQatar%252Csamesex%2520relationship%2520laws%252Cconservative%2520estimation%252CJoe%2520Linus%2520Barton%252CPeter%2520Tatchell%252CKathryn%2520Gill%252CFIFA%252CInternational%252CGetty%2520Images%2520Inc%252CAustralia%2520and%2520New%2520Zealand%252Cmigrant%2520labour%252Cpenaltyshootout%2520hero%252CMat%2520Ryan%252Cmigrant%2520workers%252Cruler%2520sheik%252Cmigrant%2520resource%2520centre%252CTamim%2520bin%2520Hamad%2520alThani%252Cgay%2520rights%2520activist%252CProfessional%2520Footballers%2520Association%252Cprofound%2520human%2520rights%252CInternational%2520Trade%2520Union%2520Confederation%252CAsia%252Cbold%2520statement%252CAustralia%252Chuman%2520rights%2520abuses%252Csamesex%2520relationships%252Ccontroversial%2520samesex%2520relationship%252CAndrew%2520Redmayne%252CGroup%2520D%2520SA%26nk%3D4266bc4de45aa575d451af048646f817%26sec1%3Dsport%26sec2%3Dfootball%26ksgmnt%3D%26siteview%3D1%26pagetype%3Dvideo%252Ccomments%252Cstory%252Cmc_widget%26aid%3D06ae81845d541688c402efd2ac9e7805%26pid%3Dnone%26adl%3Dfalse%26abtest%3Da%26pvid%3D4266bc4de45aa575d451af048646f817-06ae81845d541688c402efd2ac9e7805-1666883579231-308416%26amznbid%3D0%26amznp%3D0%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_3007499_PG%252CIAS_18400_1472_KW%252CIAS_1500690_PG%252CIAS_1500692_PG%252CIAS_1500164_PG%252CIAS_1507080_PG%252CIAS_9588_1165_KW%252CIAS_6494_KW%252CIAS_3006632_PG%252CIAS_1500868_PG&sc=1&cookie_enabled=1&abxe=1&dt=1666883583884&lmt=1666883583&dlt=1666883577658&idt=2091&adxs=436%2C176%2C1124%2C1124%2C0%2C387%2C1124%2C0&adys=48%2C6634%2C780%2C3685%2C6634%2C2994%2C632%2C7354&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C0%7C2%7C3%7C4%7C0%7C5&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&ref=https%3A%2F%2Fcontent.isentia.io%2F&frm=20&vis=1&psz=1600x134%7C1248x0%7C300x398%7C300x276%7C1600x720%7C705x4071%7C300x398%7C1600x7354&msz=728x93%7C1248x0%7C300x276%7C300x276%7C1600x0%7C705x0%7C300x90%7C1600x0&fws=512%2C0%2C512%2C512%2C0%2C0%2C516%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C300%2C0&ga_vid=1835675232.1666883584&ga_sid=1666883584&ga_hid=2118023774&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7879722cafa2b867c1b03771e91abf6495c302fe245bf9588589df0da0c835f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33568
x-xss-protection
0
google-lineitem-id
4682990628,4682990628,4682990628,4682990628,4682990628,4682990628,5969529023,4682990628
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138234092474,138234025461,138234143368,138234025548,138234082439,138386539437,138409518499,138386464268
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022102401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ece8f05fb8ad200b762190a561e87e0f149dc98b64029c5c4c79ca8992b3d58b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11217
x-xss-protection
0
container.html
0660dee00155a668dad584718d1aab52.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 397C 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0660dee00155a668dad584718d1aab52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 27 Oct 2022 15:13:04 GMT
expires
Fri, 27 Oct 2023 15:13:04 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 2CC3
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTFxZi1BQUFBSVZYd0FObg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTFxZi1BQUFBSVZYd0FObg==
Protocol
H3
Server
142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-hhn4052-HHN
pragma
no-cache
date
Thu, 27 Oct 2022 15:13:04 GMT
via
1.1 varnish
server
Varnish
x-timer
S1666883584.088484,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTFxZi1BQUFBSVZYd0FObg==
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame 2CC3
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y1qf-AAAAIVXwANn&expires=90
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y1qf-AAAAIVXwANn&expires=90
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by
cache-hhn4052-HHN
pragma
no-cache
date
Thu, 27 Oct 2022 15:13:04 GMT
via
1.1 varnish
server
Varnish
x-timer
S1666883584.088598,VS0,VE0
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y1qf-AAAAIVXwANn&expires=90
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Oct 2022 15:13:04 GMT
rum
dsum-sec.casalemedia.com/ Frame 2CC3
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y1qf-AAAAIVXwANn
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y1qf-AAAAIVXwANn
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Oct 2022 15:13:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-hhn4052-HHN
pragma
no-cache
date
Thu, 27 Oct 2022 15:13:04 GMT
via
1.1 varnish
server
Varnish
x-timer
S1666883584.145272,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y1qf-AAAAIVXwANn
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
view
securepubads.g.doubleclick.net/pcs/ Frame 563A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBZg6-ASfPKrLpP-hyj-dGc5ojszYMWBWsXp9Vp8rB2RKS3Je1DiFpi8k2Tb5yvNk39aYKqnTWraVar6bl32JlC7qbpUd9xS1rhkB9pSX09HqRw3lFS_BollpNoO4xC-ZL4v_Z0CUdhfypbeNF_yiIdbkILJIzdm3VRypA6kk5icRZ18orCS3Dhc3MAFwEZ1J-Pe4TGhS4mW4VFYk2lqOiPjSvVjSRf0zH_NqqN2JR-4G4DfJ1i1GTwEDagUkQmaQ1T72Sn-JYxbv58ckX2iZnHMnATquBjKaa6IWadGGT6HdG-5-HfCUrCHw3n0Mgj3St4nJ_w-MftIMEDw&sai=AMfl-YS1hsHwSxWxCA2F8ggnsLvVMURIubYT2ucajHAagHDjiFH3ch7q7GY9_sTOBWXFcA0gxe0_-sNGgW4Vaf1LgAhafXAbD_X8dTGTuCOjkWdgyBOlgMfP8XDKMb_vt6R-rw&sig=Cg0ArKJSzKHTLRiiwxFwEAE&uach_m=[UACH]&adurl=
Requested by
Host: content.isentia.io
URL: https://content.isentia.io/?url=https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805&key=a477a53a6df01a2147d2836d6031617c&ver=1&mid=881687832
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame 563A 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 18:21:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
75085
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9268
x-xss-protection
0
server
cafe
etag
17746901142539384344
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Nov 2022 18:21:39 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 563A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 18:21:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
75085
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1238
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Nov 2022 18:21:39 GMT
l
www.google.com/ads/measurement/ Frame 563A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQp7iGGhjN0yoon4DE74uLEgAj948vCv6aKrldQ2Ujpy1qD9-b0JeEff3yK83Q4sh3I9cJj
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 563A 		152 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f9871deb2852386fc1f11dcd8f7e76d071efd031366901c16fac4fa82310658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47514
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666784471914692"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Oct 2022 15:13:04 GMT
7114969398400660195
tpc.googlesyndication.com/simgad/ Frame 563A 		68 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7114969398400660195
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 23:42:55 GMT
x-content-type-options
nosniff
age
228609
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
x-xss-protection
0
last-modified
Wed, 23 May 2018 07:39:36 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 24 Oct 2023 23:42:55 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4E5F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv-Uv3aznd1Qgs6eVkxaV73XYIhx3ruYwVbUgQSoXaKX3saAlIQuUTC2bmPspnulYg1AK_0MGGcTaONfYNsJSmbNIcoZaWuSf2uKkslGoAA68FD175Sxmk8lpSYsjTH3p3v2T6QXfZuvnjxpqH8QbWgDjfYYaHXN_P2nW5uEY5enAlb1YqaCTzg9f16mW22M-4gjhm2luFyVNBqbFX95bjVvlsi4tOMzDMrkDLczyswg7RltsRmIjz7QubR-zGchNUu6OdCrd0gGE8ZeMuhPB8B7j3GMbXUiI8HM7EPm8Wl3sXNYjf22N_D2dEZzyiNIwzIPkYXBwQltmotmg&sai=AMfl-YRyMNBKYxRI5XFfe7CfdxF0Py0KDth5sb6EQDm5WcRT8D-zajMmBIXCRvUCqQgJVFczqS2MvcndiLHgxtGM7do2j8M6CwJDapXostVzsNW7yof5VXrY1-MhoRstVcQiPw&sig=Cg0ArKJSzE_S-0pZegMBEAE&uach_m=[UACH]&adurl=
Requested by
Host: content.isentia.io
URL: https://content.isentia.io/?url=https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805&key=a477a53a6df01a2147d2836d6031617c&ver=1&mid=881687832
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
7114969398400660195
tpc.googlesyndication.com/simgad/ Frame 4E5F 		68 B
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7114969398400660195
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 23:42:55 GMT
x-content-type-options
nosniff
age
228609
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
x-xss-protection
0
last-modified
Wed, 23 May 2018 07:39:36 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 24 Oct 2023 23:42:55 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame 4E5F 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 18:21:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
75085
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9268
x-xss-protection
0
server
cafe
etag
17746901142539384344
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Nov 2022 18:21:39 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 4E5F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 18:21:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
75085
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1238
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Nov 2022 18:21:39 GMT
l
www.google.com/ads/measurement/ Frame 4E5F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTxuev6dad-S3c4Ty-KsXYoNJSH1T0I9-bwmY8TYvxGqnf1wR7n6674h3JpxvO_Na_PFReQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4E5F 		152 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f9871deb2852386fc1f11dcd8f7e76d071efd031366901c16fac4fa82310658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47514
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666784471914692"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Oct 2022 15:13:04 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2C5B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssr1HKfGxsXj5JDz9BhKdFtgcM-KIpzrDRW9gv6PjWvHy0B9_Ju6pI6TPFq4TwvoHXeo--70ppnNck4ZES24yER1zecb45_GMIGKKkDbtRebovsRuFnN8zZf01HKSKgVfZb4VXygI2qXcyWo_3alQABumP-78T5d85IHcirzMaC3UsnciJgg9boCdnHofVb747OAUZiOBcIclgn9E7nnl8sB2oiUe0wxOs6yzVCnSGRUvpEWomUYI51h8NAxmdVTosP1QpQlybvDvxhlz_Zx6LSUfVy--LzvysPx6w5LU0UkZROyOgMdLU7vn4IgJwpxfzccdOEuhCiidTHWQ&sai=AMfl-YR-jjrf0dmVaD8DMOkxm2CEjs_Os8Sd64Qd59uEefrM_RNQGpT55lmE6-hYA-MGObOWBODvZxokKeAsKZ9y6vSbXllK_8IksP-bWtgvi3x3oR0GDIsd0o8iNia_CnLIKA&sig=Cg0ArKJSzEjSscfeEjgvEAE&uach_m=[UACH]&adurl=
Requested by
Host: content.isentia.io
URL: https://content.isentia.io/?url=https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805&key=a477a53a6df01a2147d2836d6031617c&ver=1&mid=881687832
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame 2C5B 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 18:21:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
75085
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9268
x-xss-protection
0
server
cafe
etag
17746901142539384344
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Nov 2022 18:21:39 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 2C5B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 18:21:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
75085
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1238
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Nov 2022 18:21:39 GMT
l
www.google.com/ads/measurement/ Frame 2C5B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTTgjjhRA2PqXOhKJt5RVt3SM0sNCRWMKGHJdYz3Hi2iFtJxleHDNcuA7-JsGxXSmRixbeR
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2C5B 		152 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f9871deb2852386fc1f11dcd8f7e76d071efd031366901c16fac4fa82310658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47514
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666784471914692"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Oct 2022 15:13:04 GMT
13756812283639570429
tpc.googlesyndication.com/simgad/ Frame 2C5B 		68 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13756812283639570429
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:35:54 GMT
x-content-type-options
nosniff
age
545830
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
x-xss-protection
0
last-modified
Wed, 23 May 2018 07:40:06 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 21 Oct 2023 07:35:54 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7895 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv2-blxlyLVQrOTrMVl62aqy1F-viWxyHdDGDpEpHRHfsBiFsgZ0bXk9GcGXY08FRV9fXbK-7Rs2UTdg2_1qAOiohDc1hMdeKvDeWPLaGfQpzA_1t5ewul2HAaUwZDuBcVahv_Lmr3tG8xVw-N7zB1AMLj4_fpCJUZ5HMsOnF0Uy1wSOzot_-NCCb8bF-v5NKM937SJLi7E1dnUlEjFFCbB7crHgV96waV_nehhqvuD5O8hYamQ_wVcFvGjbhsF-EUToG06H4kw5zaZNkPyACdP15L49Y2JMW5DuCnhgnYXYyqXvIaji2MD4shtUxVk8lq4HiMcL9SUDc1GBw&sai=AMfl-YSlnCTIF3WRMGDl-yBMWTF-lWny1wW1DUSOOW9dMIfFkie6DzoYQrOFEujjdFPI_GLNjsvP00wwHFaCGP2_AfNo-uAptXmiejM80PTsN5-aENh6Jnjai_KG3L0usAKHHQ&sig=Cg0ArKJSzN1La3waeHa1EAE&uach_m=[UACH]&adurl=
Requested by
Host: content.isentia.io
URL: https://content.isentia.io/?url=https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805&key=a477a53a6df01a2147d2836d6031617c&ver=1&mid=881687832
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
13756812283639570429
tpc.googlesyndication.com/simgad/ Frame 7895 		68 B
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13756812283639570429
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:35:54 GMT
x-content-type-options
nosniff
age
545830
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
x-xss-protection
0
last-modified
Wed, 23 May 2018 07:40:06 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 21 Oct 2023 07:35:54 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame 7895 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 18:21:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
75085
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9268
x-xss-protection
0
server
cafe
etag
17746901142539384344
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Nov 2022 18:21:39 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 7895 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 18:21:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
75085
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1238
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Nov 2022 18:21:39 GMT
l
www.google.com/ads/measurement/ Frame 7895 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRgizPMRiuzXnCINXhAtK7kxjI3hmuuZIWvyP7nGzoAtJgLvSI1uy_XJS_riLd9QTg_Go8R
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7895 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f9871deb2852386fc1f11dcd8f7e76d071efd031366901c16fac4fa82310658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47514
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666784471914692"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Oct 2022 15:13:04 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8444 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssFey0OiK4ibw_8l4QIvb5DVijnHmTi6Bo_OKmxD3PPm3ueeSNr-lWOAYM0CeSSAZohTnfuPLjWYrZIDmeD2V0pZtvnjM-PsWWOoauRQ4l_1l7xpD4utigd1zGhgfd_hUcpzwgnfVrgBWKKvvpgwvYOnfvbH1VdJPEBqhSx-JNwgXIEybZAqiFjSMdoa1nHvZ-iIdLXJ_iJ9T3FuZDinyNmvZC8eSAy0pq1cTO62JzmVmLoruAPFrscSlbTyBTjbbNlImrI_lwRPssDVmqKnLP2FT9o6u58hEBCk1N4NY3VUDhz8PFYsHHzz3ihjxSdull9K3457i7g4otN3g&sai=AMfl-YRY0Lln6HaQixve-kb8-T4CNQ0hOuyGY4MmpXcEjwFDwNi_hC-8lEZcpL5Mg8KkP9MibexXaytpsimBxMTTuGE2-0bp4qsJbKiCBvOrKpkVfR8jgAJgp5DkHCVge_RVQw&sig=Cg0ArKJSzMU4AXnDoq14EAE&uach_m=[UACH]&adurl=
Requested by
Host: content.isentia.io
URL: https://content.isentia.io/?url=https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805&key=a477a53a6df01a2147d2836d6031617c&ver=1&mid=881687832
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame 8444 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 18:21:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
75085
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9268
x-xss-protection
0
server
cafe
etag
17746901142539384344
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Nov 2022 18:21:39 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 8444 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 18:21:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
75085
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1238
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Nov 2022 18:21:39 GMT
l
www.google.com/ads/measurement/ Frame 8444 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ08pONvpEukq1PY4eyjmE1wNmkFuluf54lgXrf-QqNw67n4Jxzxc1ywOGKeYFZQ6OTCo7f
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8444 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f9871deb2852386fc1f11dcd8f7e76d071efd031366901c16fac4fa82310658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47514
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666784471914692"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Oct 2022 15:13:04 GMT
13503232906761715217
tpc.googlesyndication.com/simgad/ Frame 8444 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13503232906761715217
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a87453753b5611e7806718ec99a837dc8068d9eb20b4b6b3bb0d38ee2bd84d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 09:03:58 GMT
x-content-type-options
nosniff
age
194946
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3270
x-xss-protection
0
last-modified
Wed, 23 May 2018 04:43:28 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 25 Oct 2023 09:03:58 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0630 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst1pvxjj0PnrNXEU1HoR6J72RupDtkpUQgAbcULoUeaZ49d21EymXiwNDmh0WHlxbDuOpuT4I6q12O2oTlMvEIz8mAY504S0dBW_KqhNbcHG143N5TMakascovKBxXLYj3GHIQqQwiW1ekh8WHAPqcEqNxwr_djD_pC3Ta0UHz5kDTQG5UOJclu1T2QqfA-V6Ywxx5Fr5PO1fWLwSdFLi1GYpvz2Ce2aZ3ass9FgHHmuWrWCqy4wNbnGnM_EG8CChN0AOQ0ioa1DXKVE5-b4o-ix0_3LC1lN8CjirCfgbcnLinJFt_LKPhBFKbQ3QjKUhMd3eFEX6eaJM_eOw&sai=AMfl-YRerpdmi-LVqUzqGEkWJoRFhLmfYqOW0d_7_jPMcP2xu0xbNmK9YoIRVfUrPQoeZQSW-k4R3fX89Mjh8f9KldqFwb_AORf_7kZdeoPzwgfKFugW-SpkyhfzmS_aVEOQVQ&sig=Cg0ArKJSzPMmp3HzPQjkEAE&uach_m=[UACH]&adurl=
Requested by
Host: content.isentia.io
URL: https://content.isentia.io/?url=https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805&key=a477a53a6df01a2147d2836d6031617c&ver=1&mid=881687832
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
13756812283639570429
tpc.googlesyndication.com/simgad/ Frame 0630 		68 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13756812283639570429
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 07:35:54 GMT
x-content-type-options
nosniff
age
545830
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
x-xss-protection
0
last-modified
Wed, 23 May 2018 07:40:06 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 21 Oct 2023 07:35:54 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame 0630 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 18:21:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
75085
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9268
x-xss-protection
0
server
cafe
etag
17746901142539384344
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Nov 2022 18:21:39 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 0630 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 18:21:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
75085
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1238
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Nov 2022 18:21:39 GMT
l
www.google.com/ads/measurement/ Frame 0630 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTTtm2BAHfZYHPOIJnGXy62UB21ZjjOYzZZIH0P0v3JtR5B32XsIR_4OW5u7GZuoOfpc3_L
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0630 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f9871deb2852386fc1f11dcd8f7e76d071efd031366901c16fac4fa82310658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47514
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666784471914692"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Oct 2022 15:13:04 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B4FF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstsSCUK-k9gAcDyHHHXCY0TBQJ_XaBLYa-a02_nYTm5iAUVu0uhNxGsFe1ZLBR3gNOxNTa5HHUMYC6bBbWv8-QzTyQkXOAMP31cyT4qBIvsQiRWPDdgF_HQeuEMSdIGPL0LLYnnD0risMmmVlzxM92QRFDNwnwxkVrKuqj1w7tmbzUDNMkJlSzKjU8QUY3TkBH94Hs0z_1bJtr9Mb-nsXG-F3shupO4RjFONdC4Tje-uReUPx9S7ntP5_BdHKTH8Yp5Ch4ETGh3HQo0IL9kDw7x_vkCDWA-P_vk1YLSoi1zvix8cDJtYAYaOkvX2LKrg3dwnb5OJ2MvyYcIgA&sai=AMfl-YSGWwJt9QlFhzVPOgrAyzs3-eZHcZfsltkEoG6DsI1WRSIL3r-MgQI9Qa-jDhXVg7mSz9N5fvG4R13Cb3MDD-R8uZ5umeC4SPj09yOk001lcFrRcNZ7qLfXzAYm7u6i5A&sig=Cg0ArKJSzN0naLZEGhMYEAE&uach_m=[UACH]&adurl=
Requested by
Host: content.isentia.io
URL: https://content.isentia.io/?url=https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805&key=a477a53a6df01a2147d2836d6031617c&ver=1&mid=881687832
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame B4FF 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 18:21:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
75085
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9268
x-xss-protection
0
server
cafe
etag
17746901142539384344
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Nov 2022 18:21:39 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame B4FF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 18:21:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
75085
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1238
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Nov 2022 18:21:39 GMT
l
www.google.com/ads/measurement/ Frame B4FF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT7nC-FaWDvdqXXUmG9Op_5qj9oj_5u_uCHvYZdwYpu_phCL72SvQyEW7EfiARCda_cBywS
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B4FF 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f9871deb2852386fc1f11dcd8f7e76d071efd031366901c16fac4fa82310658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47514
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666784471914692"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Oct 2022 15:13:04 GMT
4255736330183675527
tpc.googlesyndication.com/simgad/ Frame B4FF 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4255736330183675527
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab495136a2c54080e7947bf675afda141430d1e83e6b72959b1a4b1eb7941e76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 00:51:26 GMT
x-content-type-options
nosniff
age
224498
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44270
x-xss-protection
0
last-modified
Wed, 19 Oct 2022 05:43:09 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 25 Oct 2023 00:51:26 GMT
truncated
/ Frame F3C1 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
352054912bb7a9e7a29caea10e3b4102ba2b5df87a4f3e31cef877bea2820408

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
/
marketingplatform.google.com/about/enterprise/ Frame F3C1
Redirect Chain
  • https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvOdj2GZCzoo_nx0puu7NC-TndcHbXKE-nfRxVV0kCUjJNWuFErMkYpySPBxLWtHDpHl807GKp2lzENS9pUH6bGxAcPtRaAKDwYYMDa0a_-xvJ4YeInLxC0GHa15A7Ce_4MTNnaDNpTY...
  • https://m.doubleclick.net/
  • https://marketingplatform.google.com/about/enterprise/
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marketingplatform.google.com/about/enterprise/
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Redirect headers

date
Thu, 27 Oct 2022 15:04:24 GMT
x-content-type-options
nosniff
server
sffe
age
520
content-type
text/html; charset=UTF-8
location
https://marketingplatform.google.com/about/enterprise/
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
251
x-xss-protection
0
expires
Thu, 27 Oct 2022 15:34:24 GMT
setuid
ib.adnxs.com/ Frame 2CC3
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://ib.adnxs.com/setuid?entity=158&code=Y1qf-AAAAIVXwANn
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=158&code=Y1qf-AAAAIVXwANn
Protocol
HTTP/1.1
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Oct 2022 15:13:04 GMT
AN-X-Request-Uuid
7c567a3d-981c-47c1-a529-8936ebc75273
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
84.19.175.184; 84.19.175.184; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

x-served-by
cache-hhn4052-HHN
pragma
no-cache
date
Thu, 27 Oct 2022 15:13:04 GMT
via
1.1 varnish
server
Varnish
x-timer
S1666883584.367912,VS0,VE0
x-cache
HIT
location
https://ib.adnxs.com/setuid?entity=158&code=Y1qf-AAAAIVXwANn
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
truncated
/ Frame 563A 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f76ece775d6c5f8f26d7b741a37f1bd3dcfc8301305ff9d4f6a3cb2c86170461

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4E5F 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0e2b36f6f5a096d3e47243e0365d743af04d6d0da69d67cabbf7a37f9f3dc618

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 2C5B 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c429e59e6700e1b91394f8476dd4ad2471e9d92057bdaa6037a2b76a2d4d08f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 7895 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48eaf74d32d313b2e059e1034893ab377634113b70f39552af25cdfe1afdc017

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8444 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d792e66e7ad4c039716e9498339e5959cfd826c08e8c8056310d47f33ad2e557

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3828 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3524
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 27 Oct 2022 14:14:20 GMT
expires
Fri, 27 Oct 2023 14:14:20 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0E45 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9365665fef097d6e2e96313c06357e88552fbd7a23c38cc91e0103ce74232e9b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5gdR6KJMRyg4DyTUeg6NEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-5gdR6KJMRyg4DyTUeg6NEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 27 Oct 2022 15:13:04 GMT
expires
Thu, 27 Oct 2022 15:13:04 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sd
us-u.openx.net/w/1.0/ Frame 2CC3
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y1qf-AAAAIVXwANn
43 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y1qf-AAAAIVXwANn
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:04 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-hhn4052-HHN
pragma
no-cache
date
Thu, 27 Oct 2022 15:13:04 GMT
via
1.1 varnish
server
Varnish
x-timer
S1666883584.468651,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y1qf-AAAAIVXwANn
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
truncated
/ Frame B4FF 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a26deaf17ff2f6b4fb7dc371b731b9f617541305c697899969e07ceaf1c01ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
pagead2.googlesyndication.com/bg/ Frame 3828 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 12:16:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10609
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Oct 2023 12:16:15 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0E45 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022102401&jk=406378770922046&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
jload
pixel.adsafeprotected.com/ Frame 02AF 		48 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171498791&placementId=4682990628&pubCreative=138234092474&pubOrder=305536031&cb=116793390&custom=video,comments,story,mc_widget&custom3=168400391&adsafe_par&impId=d82f34b9-5609-11ed-bf76-0a8b1a8f9703
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.167.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-167-95.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
17fdde623f5dca1daaf56d6afb22ea2ea614184c7b4fe3def20b41e37d3af1cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:04 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 563A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvfBz9Ob6Hmritx5et2ay2hPkLUkAlzafZZubdIAaSrqnQyHZkkoukIqkYnt8g4kPenY08XhIwsT_xC_f1Yz13WfjSDaZO_C-_alUxkpZNCFSNfRFDiG-JkFjtw3zF1SyTZ2NI9HYd-fl157zo0PJ-iCfjk20S9ai0PLwuXWyivf1Amj0ibcT_BZUAOgQ5MaQQwi78nqRu5Ezw-DKwzu2n0mkjtH4V-FHO8lXmvlDdFm01j5d5BesqBuyVCRNDP8XbO_zPiJ3MgWoW7aZd2rrAIijTdv44FIkUsfC9dK2JDNmJEM5515qXSRlmnNro33MrCQumYbHiKM914aVh0&sai=AMfl-YT-erFnuR2HBLVb0PrE23C-6zU0ImInbCOKGuo-9tQeAv8Dvw3zOWfAKDaOHv6dU1J_FaBYTxmBCPku-b2olHHImRrZnyfYqrCbu4xGD9ylSBge8UxuIJVqlIDe-rPSLg&sig=Cg0ArKJSzDjeSyDHegcqEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 27 Oct 2022 15:13:04 GMT
truncated
/ Frame 0630 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c1ffd3a1241e08bb7136677e9d6109ce310e5474a0b58dac39da85e477785736

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
Pug
image2.pubmatic.com/AdServer/ Frame 2CC3
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y1qf-AAAAIVXwANn
1 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y1qf-AAAAIVXwANn
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 27 Oct 2022 15:13:04 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

x-served-by
cache-hhn4052-HHN
pragma
no-cache
date
Thu, 27 Oct 2022 15:13:04 GMT
via
1.1 varnish
server
Varnish
x-timer
S1666883585.583711,VS0,VE0
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y1qf-AAAAIVXwANn
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
view
securepubads.g.doubleclick.net/pcs/ Frame B4FF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWGew2X4MJj1PtFXolR-Avj4xDyOXVYgpHMXNzUG8RPfVI09KrrQLuBoosFo7DgIAvI_xdsZsmQ7SmULmslvpYvom7fLdO5zOaBruE12mm8G52BYGOzdcpkjVwm02l1A5_7EXVgyCjXMNihVB3Q8NbV182sVJ8MDL4W0VwHN0VaxCCf3cllXy1NTwRaUOBdMhYhi0cKjDUvkLFxS6aI8YRmSPZ30ImmPvYsjY3WHmR7RP4ZndDXBPVN-u1gCS-6T3bWsrPzV8vAJVvZZ9LMLAa-FvJZOxOsxqXbL_wZbaQGP3co1Xx1nYe5AmEKfFAW1GZRI6NRSt4CilzSiag&sai=AMfl-YTDULTe65o6xEJ9ap45WHCsC1KhpBRY20Np6AlP-hM2UlvW2uqMb9Z1HfSC0HdF97vDPxTVJxzg0v8cbxbpjSL0qi6hrznj93rAnD6-rZ-zKtpXRLnYjMJUdGLKn4l7Tw&sig=Cg0ArKJSzF17VEjTrtyzEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 27 Oct 2022 15:13:04 GMT
jload
pixel.adsafeprotected.com/ Frame 62CB 		48 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x90|1&pubId=36557831&chanId=171498791&placementId=5969529023&pubCreative=138409518499&pubOrder=3004275014&cb=48380703&custom=video,comments,story,mc_widget&custom3=168400391&adsafe_par&impId=d82f34bf-5609-11ed-bf76-0a8b1a8f9703
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.167.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-167-95.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2b674e9b6f69f25bc144326b27bfcd47b9897f0d45d1fbc7ed0b2471d61b380a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:04 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
jload
pixel.adsafeprotected.com/ Frame 76C8 		48 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171498791&placementId=4682990628&pubCreative=138234025461&pubOrder=305536031&cb=691231990&custom=video,comments,story,mc_widget&custom3=168400391&adsafe_par&impId=d82f34ba-5609-11ed-bf76-0a8b1a8f9703
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.167.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-167-95.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
68323b7457b5cd2f4a959cb6fb6889de75ed066900b735d299002fc46b92448d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:04 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4E5F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstcyM4wwmBsTT-BKgXOgGcgg3jiwbdHCMFAfWg7GKzesBi8Kt9U-p3u8b4_YbWZptst57xv8SaGoUV8RvCYTdbTLN3J8cm5FRovZGWhsS3cGBCGjc67Aw1UoNEIQYsGdJ43Wd9AR9S4bPgbgjfIbmdU1dq_ieKy1ERkpup_y2IDkCbxjBc-yhMO6_IikC6pVBvWlTGuvWiFCTMnoeJ3ZYBMvTp2QSyDWCwsmJfD7g0pMsxFd77ZXRg2BYmMHZOJEvgfKh0QFbP3xX38Hgdqv2io83L8esRBMRza3Kz39aszXFJBJ3AeaI8zOuWqP02tDd4REyyyCLoHPsiM5bRX&sai=AMfl-YSxRwXQWA95oAoTqGbpYpT-SFwvoLF-LsI95gn05nuK5NJgnNI3MF_Yjo-2oH7adGJgW-UdQqFsH-OHwIH7vKPduHZNXJnZocKOlEzFJwEWk3eATGGN0FQpIUF4-czNnw&sig=Cg0ArKJSzLYkjIyHDJwMEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 27 Oct 2022 15:13:04 GMT
jload
pixel.adsafeprotected.com/ Frame 67E1 		48 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171498791&placementId=4682990628&pubCreative=138234143368&pubOrder=305536031&cb=407886589&custom=video,comments,story,mc_widget&custom3=168400391&adsafe_par&impId=d82f34bb-5609-11ed-bf76-0a8b1a8f9703
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.167.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-167-95.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4d54c6e167c3a9881fa9084dd5af1abdf93e6408987c1d4967f13ffc526e4497

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:04 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2C5B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsukl-lbPfPpYi0H_vmRPyxugBMaXej9DUBDyQRS7j4r-PIx0S7jImv9NAj84nF_7RRI5aO8VyWK_Y0I12iYliGjv_RhhE-5lYh6NMZxcteH1RktIZ5_UY12lUxVbxsEjcLtiknt50o94_RXyk58Cw3oz328BAr13FwvGkgYe1oncAhyMVYIfnfV8M7m0SereDenIWwChHkbOkhHADWRm7im0QpSh1EfVoLLNpYnsAithowsQB3St6LahBNMPqe3_PdQvJr_JQpmMeeI2qAeUrVEY4gf8WNHpO_6byGfEnAYIoIsaBlvRG5nqUFQVNdLkEndCQ6X2Zrtfaej4-x8&sai=AMfl-YQ931UXJpN1HrU4bQCJvEMILFDXHOatR-77nup0vCgXTQeIy0YpQmQvLbBqcaT0dk0bUyYrA4rdGkQerhHKffr00EOCjkaeJqPFPwxWvXBRU8jIKVIVDyz0snuNeruBuA&sig=Cg0ArKJSzEesfsWTM0EXEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 27 Oct 2022 15:13:04 GMT
jload
pixel.adsafeprotected.com/ Frame 67E5 		48 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171498791&placementId=4682990628&pubCreative=138234025548&pubOrder=305536031&cb=549720203&custom=video,comments,story,mc_widget&custom3=168400391&adsafe_par&impId=d82f34bc-5609-11ed-bf76-0a8b1a8f9703
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.167.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-167-95.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
42ebf7a10cdc77202f20d49b1ac5482f2bb2083159450357226b6d2cd7939e83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:04 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7895 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssNc7DXxTwIFs4k5hw6DrZuS7_tnVp16rm4zLIaSrmET4q9S0hlJrJgMC_-SIiLC4vDo0vyVTW9rQrw-Q-RC377t3WWurpXsz5xiQNJkxCzP8bM0D5scUn8IGJ5Rdw_eb62_cKynunaUoLzg1dYEvXq93YlKGNQCQc-_jFivKnuautlwMl2ADiTuLCkjt63i8kyOehhaYLlASINufEjerEjECuYFynVheRS7EVjghpAD2NFIY3U88c9y6ME3UTXXjg7GQwQb1qcZF_Y47U1j3zP4HFbm-6IKbd4WqipsUZ4z2yfMSFEei4bBfv-3TTdQVtSvF-Td6rqf9SSurow&sai=AMfl-YRLg18k2Ich9LozyDY8MmcppPISXfdBueDZCW9-O8AnDXAgvzcZjVG3LR9RUBhxrdyUDpAb5PtU8nVLHt0h4bO6hN0uY5R7QgM5n43ZYiFwQ4JO5x4BFc0CXzU7K1ZliA&sig=Cg0ArKJSzC2IZm_xDB2kEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 27 Oct 2022 15:13:04 GMT
jload
pixel.adsafeprotected.com/ Frame 6113 		48 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171498791&placementId=4682990628&pubCreative=138386539437&pubOrder=305536031&cb=933584361&custom=video,comments,story,mc_widget&custom3=168400391&adsafe_par&impId=d82f34be-5609-11ed-bf76-0a8b1a8f9703
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.167.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-167-95.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
fb6a51536746a48e31a22669de9ef61af509bbeb1cdb84cf8173c421ec0b1678

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:04 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0630 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvBPHNlHIiCsuL58R4f7jiDzL2mhJgoGBvT_eKfmP6AtAoOcMpEXqhT71JvHSdHqLzOzA7OAP663qnCLWqjQXZDJgDYDDcsW5qJbUx5YFzJpeFPlfeEP_9N_J0VtFCXpxwJBhuzpiOKIdKPy-IgFGRWY6hG84R9Mx7lJr2oy3vheWZilQ6RWXh0eUQw_yyMC25A1-Xsa_fH_IgnbvIcAkH1MAeOE-I-t824Jy4hNtGvCtc4oC6-pQ8uXvy1qFHZw4IFee2-5NoyJX7xC3A2F2SZ6Lix09igB8QUusXSogSbKBYU7MO4mlSQvzk1kzM5x49uvXSE-QMoSQbLBavD&sai=AMfl-YTjH8dUFmC5qnuTJl-UhPS0_PL26t52r7bPtlP9tMlqytdJ-eVar-IuZGJzsY3mcD8gZLE2_NwWhD7Vps74nZSn25-ugpUDqO1Q8Ibs0ha8oyLrLBlYf4A0RogYFQt3fQ&sig=Cg0ArKJSzI_M_ajnFVWAEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 27 Oct 2022 15:13:04 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8444 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssxEwTMG1BAU1vRRgg14KTCr7IJ2Wi2-kmDWwThX3Y8VatoJCQ21DJtxLmjQPGouJbkuMp14hbgamLnOwDCPMdSIIS3xocvQfBo_1B7BA9pnL4rPPOy6uKrtkgb4m1SROeOo5lBhowo47lxFU-se5I96DyO0iLt6PBuO3u5cqhAm-T_kevDpnc22xBTJNlUP6QmjO8vsn6ZTGYz-YFZ2pvJcEBBftsitdHfgfuQXUaRiYb44poU1lb3oB8cssbrOJ-D8lrjwvs5iV5aG9gaYSlKIQKrMA-8hago2qOjt_s78NvfUXmVG7zash_pl8qeCwDQVI2sSJBm2Gq1Y6Ew&sai=AMfl-YRN_hODx4yXrwNPzj7REAS9dFv-NDv5RgqKjEfiCn72VHhHuL23a-jmJMhUwjRQ4AmMaVlzxEyJW3rnpOpVnNOGblWI_0uDt4XY3o2zIEVDtYIHX1JZG-AwGlXTbStY0w&sig=Cg0ArKJSzACiwDU3dZDIEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 27 Oct 2022 15:13:04 GMT
jload
pixel.adsafeprotected.com/ Frame 899B 		48 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=171498791&placementId=4682990628&pubCreative=138234082439&pubOrder=305536031&cb=1847994274&custom=video,comments,story,mc_widget&custom3=168400391&adsafe_par&impId=d82f34bd-5609-11ed-bf76-0a8b1a8f9703
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.167.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-167-95.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
b006d45d9e23298837ad10adb1e1b7faaf9f6f8dd56df8ff55af53db766015e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:04 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
partner
sync.search.spotxchange.com/ Frame 2CC3
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y1qf-AAAAIVXwANn&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y1qf-AAAAIVXwANn&img=1&__user_check__=1&sync_id=db33f081-5609-11ed-9b89-10a0cca80106
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y1qf-AAAAIVXwANn&img=1&__user_check__=1&sync_id=db33f081-5609-11ed-9b89-10a0cca80106
Protocol
HTTP/1.1
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 27 Oct 2022 15:13:05 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
57
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Thu, 27 Oct 2022 15:13:05 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
/partner?adv_id=6409&uid=Y1qf-AAAAIVXwANn&img=1&__user_check__=1&sync_id=db33f081-5609-11ed-9b89-10a0cca80106
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
139
Connection
keep-alive
Content-Length
0
generate_204
tpc.googlesyndication.com/ Frame 3828 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?WzFu0Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:04 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
main.19.8.359.js
static.adsafeprotected.com/ Frame 76C8 		196 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.359.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171498791&placementId=4682990628&pubCreative=138234025461&pubOrder=305536031&cb=691231990&custom=video,comments,story,mc_widget&custom3=168400391&adsafe_par&impId=d82f34ba-5609-11ed-bf76-0a8b1a8f9703
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5fe4cee60703157514ce978943393746a979a9db391171751c1a112d87a2d94f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 17:48:32 GMT
x-amz-version-id
C3H4tKfF2WwZtgWb4iM6h3Ga9eoMcVrA
content-encoding
gzip
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
77073
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 26 Oct 2022 15:25:21 GMT
server
AmazonS3
etag
W/"f74cf064aebe76070098bdc393232df8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
s-CASb06NKKWJdDYJ6rEjwu4fdzTuC0ot58PCcn4CO6-ZriKG0YUjw==
main.19.8.359.js
static.adsafeprotected.com/ Frame 67E1 		196 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.359.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171498791&placementId=4682990628&pubCreative=138234143368&pubOrder=305536031&cb=407886589&custom=video,comments,story,mc_widget&custom3=168400391&adsafe_par&impId=d82f34bb-5609-11ed-bf76-0a8b1a8f9703
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5fe4cee60703157514ce978943393746a979a9db391171751c1a112d87a2d94f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 17:48:32 GMT
x-amz-version-id
C3H4tKfF2WwZtgWb4iM6h3Ga9eoMcVrA
content-encoding
gzip
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
77073
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 26 Oct 2022 15:25:21 GMT
server
AmazonS3
etag
W/"f74cf064aebe76070098bdc393232df8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
63c_7YHRG00GLYprr6VIYwN7XxggvOUwcdp__f0In4MJEmeYZj_ozg==
b.php
www.facebook.com/fr/ Frame 2CC3
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y1qf-AAAAIVXwANn&t=2592000&o=0
43 B
559 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y1qf-AAAAIVXwANn&t=2592000&o=0
Protocol
H2
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 08:13:05 PDT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
pragma
public
x-fb-debug
xZl+x3k/LlTppMMw4P9riOVzbKjWC/CbIeADlj61DZjsjz98ewTDTQnD0+zTGlaJWKbJcTL7mlDKYQWon5HcyQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
image/gif
cache-control
public, max-age=0
priority
u=3,i
expires
Thu, 27 Oct 2022 08:13:05 PDT

Redirect headers

x-served-by
cache-hhn4052-HHN
pragma
no-cache
date
Thu, 27 Oct 2022 15:13:04 GMT
via
1.1 varnish
server
Varnish
x-timer
S1666883585.910226,VS0,VE0
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y1qf-AAAAIVXwANn&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
flag-logo-60309-circle.svg
resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/ 		86 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/flag-logo-60309-circle.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a78c05475bd44e77a2783632cac588631e7b2b11cbad82983e3d14d80361086b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:06 GMT
content-encoding
gzip
last-modified
Thu, 30 Jan 2020 23:12:38 GMT
server
AmazonS3
x-amz-request-id
YEXQN16H88YYDAZT
etag
"e41f6d976e010256e1d126f755c33895"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=231060
accept-ranges
bytes
content-length
32504
x-amz-id-2
kXpyD3B+YjqMZE2dG69BjQzOxMjZcfHuYERJnAyKj8Rdmb0G2bAKK5GykzthJCjag4AwXq9DAGQ=
expires
Sun, 30 Oct 2022 07:24:06 GMT
flag-logo-60060-circle.svg
resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/ 		33 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/flag-logo-60060-circle.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
36ba2916ece2f82e65b2174bf5a140e797fc257416bf8fe3dda64bd0c8a6da57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:05 GMT
content-encoding
gzip
last-modified
Thu, 30 Jan 2020 23:12:35 GMT
server
AmazonS3
x-amz-request-id
7QX80E3XMB7Z555Q
etag
"39648c09d429e9229fb665903a68cf30"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=459417
accept-ranges
bytes
content-length
12000
x-amz-id-2
U7pisojn0z05210IvLXi+sUB0TN47Wmk8tTGi2Y+IDICWxjnnIiJ37LQ6I8iGYp3CeJTuo60Iyg=
expires
Tue, 01 Nov 2022 22:50:02 GMT
flag-logo-60071-circle.svg
resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/flag-logo-60071-circle.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
201f878404d9d6a5d51867b891316478dcd07621ad334825581fa24536ebc412

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:06 GMT
content-encoding
gzip
last-modified
Thu, 30 Jan 2020 23:12:36 GMT
server
AmazonS3
x-amz-request-id
P34S07TBZY50WRGT
etag
"2cdc59f25469e77b0f55ff566b1509ce"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=480270
accept-ranges
bytes
content-length
2306
x-amz-id-2
JGn7LFM4r1ITr90Cv3+e4GaxKqR2IUV9nQU3HCSwsrOC3aGd+qwTk81SioQxKoc03Sd6JyMWt+k=
expires
Wed, 02 Nov 2022 04:37:36 GMT
flag-logo-60062-circle.svg
resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/ 		495 KB
219 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/flag-logo-60062-circle.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7f384708de4c23debbb854132841d29081efe9456afe06da0f6cc8ec6366bee0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:06 GMT
content-encoding
gzip
last-modified
Thu, 30 Jan 2020 23:12:36 GMT
server
AmazonS3
x-amz-request-id
MDCNHTHDQ99P6PCV
etag
"61ebec289e01e980545ab141808a68a7"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=19713
accept-ranges
bytes
content-length
223074
x-amz-id-2
17x0pGr59/CAatSBoHjFTW33xUMso34995IfFsrvG9jt/JM5CDyMwx5YhbvCsCxSruN3uXjyIao=
expires
Thu, 27 Oct 2022 20:41:39 GMT
flag-logo-60510-circle.svg
resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/ 		14 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/flag-logo-60510-circle.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
8ce18ff81e30d0cb3e5ab97fb6b5b16d6c4d0f80cee058b4f946491a197a81fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:06 GMT
content-encoding
gzip
last-modified
Mon, 07 Dec 2020 23:10:48 GMT
server
AmazonS3
x-amz-request-id
796SH6GP47HNBMSR
etag
"0341405279b1ff2b1c674c2f77e0d17d"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=450874
accept-ranges
bytes
content-length
5081
x-amz-id-2
1yLYOmDPeNBRtSvIq0ikZnKocWfMiqy3DruQ1DBC5kUBRgKUVeQ1hc28G/w6Ob4lUmwd90rdOys=
expires
Tue, 01 Nov 2022 20:27:40 GMT
flag-logo-60212-circle.svg
resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/flag-logo-60212-circle.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
8f865fda4f4c0873c091ddf36e1e2b2d734173cbf463300a9df7ab6a74b63d98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:06 GMT
content-encoding
gzip
last-modified
Thu, 30 Jan 2020 23:12:38 GMT
server
AmazonS3
x-amz-request-id
46G9FMYA0G0XA891
etag
"18af4169b928f74ffee43405d1086d15"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=231197
accept-ranges
bytes
content-length
755
x-amz-id-2
RrNB4ncaCJR6evo2m5oCQwUp9NR6bq2dIY0Z+IFvBkkw25JekQov8XXxjYxv956F2XQL+1w+ZNQ=
expires
Sun, 30 Oct 2022 07:26:23 GMT
flag-logo-60064-circle.svg
resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/ 		38 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/flag-logo-60064-circle.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
0d2de9dda47c03e6a3531fb1247bd8d8fbde26300e786646491cca688c63e585

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

unused62
8096267
date
Thu, 27 Oct 2022 15:13:06 GMT
content-encoding
gzip
x-amz-request-id
2FX09Z641HRVBMM6
content-length
14136
x-amz-id-2
6UabHHU/PGFnf9xLISLeyINxczRTTVI9XmbOLwToqPt49ya7fEDU6L7dJbFi8UYh6ECU8L6oEgI=
last-modified
Thu, 30 Jan 2020 23:12:36 GMT
server
AmazonS3
etag
"32c798475d7dd420aeca864eb3bf5ad7"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=255225
accept-ranges
bytes
expires
Sun, 30 Oct 2022 14:06:51 GMT
flag-logo-60236-circle.svg
resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/ 		77 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/flag-logo-60236-circle.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
916e8a29c96ab9665eabd2474f34273cbb783725720b812e789544d43446bd80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:06 GMT
content-encoding
gzip
last-modified
Thu, 30 Jan 2020 23:12:38 GMT
server
AmazonS3
x-amz-request-id
CCEQQQG39EFS2Y3J
etag
"ddf2edbba777d6493bdd39dab223da8c"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=480444
accept-ranges
bytes
content-length
29788
x-amz-id-2
bzt0xcbYjTdHbpiaz/ebjcZsxvvYj1guhdEyJA2PmWFyMS0I7Ye7NW7JfmEf6YCbw0Wd+I5jU80=
expires
Wed, 02 Nov 2022 04:40:30 GMT
flag-logo-60447-circle.svg
resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/ 		55 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/flag-logo-60447-circle.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
955cb5a84a5a4d49250dc0d8d2d435e55fa4f639a04d05f96dee3404e929b29e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:06 GMT
content-encoding
gzip
last-modified
Thu, 30 Jan 2020 23:12:39 GMT
server
AmazonS3
x-amz-request-id
7QTGTGN2DTDR3TJ4
etag
"a16c521dffb52791a1fbe0e1e00fc6a1"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=390333
accept-ranges
bytes
content-length
21430
x-amz-id-2
MS3h0mNbgIV8P0k03zt9iva0pbH5VVEVbWNzRLAwwtKoP2QQBraX9CH4Vz7/5WUCTLoaPjW5WYQ=
expires
Tue, 01 Nov 2022 03:38:39 GMT
flag-logo-60076-circle.svg
resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/ 		18 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/flag-logo-60076-circle.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
4ce9c10ab57d1ed39bffeec2b9b684c51e9a988a7ffb78d62aa27a7432e0a2db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:06 GMT
content-encoding
gzip
last-modified
Thu, 30 Jan 2020 23:12:37 GMT
server
AmazonS3
x-amz-request-id
4VT7R0YYKRJA1EA4
etag
"537c3ceb54b608f6e197a8e78eb82db7"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=480181
accept-ranges
bytes
content-length
7975
x-amz-id-2
SxtyYogLfsdqiwEv80zNxqc/rQVs6Sx+GZpiV6bc/vlJdyAQqikgeWxbEhkwHS23GmySQP7vREM=
expires
Wed, 02 Nov 2022 04:36:07 GMT
flag-logo-60074-circle.svg
resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/ 		79 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/flag-logo-60074-circle.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b9601e8996d34afa66d47eaab3da1613f0aac05fc41795da234518a4935af108

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:06 GMT
content-encoding
gzip
last-modified
Thu, 30 Jan 2020 23:12:37 GMT
server
AmazonS3
x-amz-request-id
MW066NJF3Q7JYN9H
etag
"95b05d4fbf5f5fe35aa879eee71e78de"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=347372
accept-ranges
bytes
content-length
31080
x-amz-id-2
ol8MsKTW9GY0zZjETkMvhFot9X/jgew5p67TwSlINNv5dx5nrI9MqIQCWTD/QDp5xy+GuBMJU+w=
expires
Mon, 31 Oct 2022 15:42:38 GMT
flag-logo-60513-circle.svg
resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/flag-logo-60513-circle.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
flag-logo-60065-circle.svg
resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/ 		81 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/flag-logo-60065-circle.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b3a48abb99c0b64e06d2a49113310a908ddd9f847228ea4ecc9fd909049726e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:06 GMT
content-encoding
gzip
last-modified
Thu, 30 Jan 2020 23:12:36 GMT
server
AmazonS3
x-amz-request-id
DXBQJZQMQK0V81CZ
etag
"1d6bbd6de75bf1a433c5c2a6b12df747"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=390382
accept-ranges
bytes
content-length
32001
x-amz-id-2
FePQYyi2r3mMlTM6nql+6yV8r6RhS03jKtUcW8+wsqy5DM8Q2q6PiQfPIxCIioRmA0yBNlvc3Cw=
expires
Tue, 01 Nov 2022 03:39:28 GMT
flag-logo-60061-circle.svg
resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/ 		82 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/flag-logo-60061-circle.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
79bf187ed897e816349e7e3d9fc20bca96ee20c8cc8b0984c4e5d72abc5af96c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:06 GMT
content-encoding
gzip
last-modified
Thu, 30 Jan 2020 23:12:36 GMT
server
AmazonS3
x-amz-request-id
M5K95RTQMKYG2V2E
etag
"24b9e701383bf5e106dc4c9b55cbf597"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=231139
accept-ranges
bytes
content-length
34068
x-amz-id-2
jSiLN8WlElO+YuN2VvOboQxi6nAP42pQwEPMH9e2EsR1j2Z5fTiTW8Effc/C1k0GlDGvhkpvByg=
expires
Sun, 30 Oct 2022 07:25:25 GMT
flag-logo-60317-circle.svg
resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/ 		80 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/flag-logo-60317-circle.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f924b3dc1e9ec83050cd30a1ac1c1de69533694dd7bf75127d3d263cb8143e58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:06 GMT
content-encoding
gzip
last-modified
Thu, 30 Jan 2020 23:12:39 GMT
server
AmazonS3
x-amz-request-id
EK6X47C71KEB1F80
etag
"75fb091679a579381ab60f7f8676b40e"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=408933
accept-ranges
bytes
content-length
37031
x-amz-id-2
/d2brt1mYAKlROxWEKv+OyrTIZGzzdUvnRISy1KnjK6u5S8LuHcpB+CiuXGSqv7lhRvInYLljwY=
expires
Tue, 01 Nov 2022 08:48:39 GMT
flag-logo-60574-circle.svg
resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/flag-logo-60574-circle.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
flag-logo-60059-circle.svg
resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/ 		10 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/flag-logo-60059-circle.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
80e3fe06d9bd6f80969712e11ce98c508c85172c61b1b008a13531611dec3d1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:06 GMT
content-encoding
gzip
last-modified
Thu, 30 Jan 2020 23:12:35 GMT
server
AmazonS3
x-amz-request-id
A93PXG5PYPAMT2B1
etag
"1c836f5b44ffc06c4c60488135618288"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=341681
accept-ranges
bytes
content-length
3804
x-amz-id-2
4h8JN2aalj5M8w3yFcmazyABYW+54xD3RfVtC1uw3AaRoQ3F3C6TgiUAiIQFNlbLDUotK33ESIk=
expires
Mon, 31 Oct 2022 14:07:47 GMT
flag-logo-60573-circle.svg
resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/ 		27 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/flag-logo-60573-circle.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5697c2b6fa51a55ac5b49b53978bae77f7451698bc8f3c92d8884d20785ac9eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:06 GMT
content-encoding
gzip
last-modified
Thu, 30 Jan 2020 23:12:39 GMT
server
AmazonS3
x-amz-request-id
MQKVHA1M3MXP1QES
etag
"5e6b5b43162e5cad23d0efeca0f7353c"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=347462
accept-ranges
bytes
content-length
9954
x-amz-id-2
uXA6Ff/+tHPy3MXzhAvaCmpr4toQYjzO8N2511NwIsmY3d1/siNF7RjEpwr/wifXcsa679arQxM=
expires
Mon, 31 Oct 2022 15:44:08 GMT
flag-logo-60075-circle.svg
resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/ 		17 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/flag-logo-60075-circle.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3facd49f80156aa2677f03d46560337259127946176489089f2f95e36fb2fc97

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:06 GMT
content-encoding
gzip
last-modified
Thu, 30 Jan 2020 23:12:37 GMT
server
AmazonS3
x-amz-request-id
KTKXR57QM063V40K
etag
"d92c23c528d0262bd9aee7447423f4bd"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=341760
accept-ranges
bytes
content-length
6534
x-amz-id-2
hijdKsQaehvDuduUMXBoZ/sjSu5Isp+0fFmPqPjselAcDqnJu4HpQ6CzU3FxJ59Y+tkHLABz7ZI=
expires
Mon, 31 Oct 2022 14:09:06 GMT
flag-logo-60072-circle.svg
resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/ 		46 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/flag-logo-60072-circle.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c16ab40f059688c5b36843c3fe5ed989cc24092c408173c1f5a6caf6f06eaf3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:06 GMT
content-encoding
gzip
last-modified
Thu, 30 Jan 2020 23:12:36 GMT
server
AmazonS3
x-amz-request-id
HQSFZE6FEARTE0R7
etag
"5b251caf23296188a6ee807c985e77ca"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=480415
accept-ranges
bytes
content-length
14580
x-amz-id-2
mFQVs8pHLwuFpkq/3ehs7FBhN8YhJD9w+F/KzOdlbtlDTzSLBDNJeeG4AUYCziixmecNc6z5SQE=
expires
Wed, 02 Nov 2022 04:40:01 GMT
flag-logo-60220-circle.svg
resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/ 		98 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/flag-logo-60220-circle.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b5174a319b6c7ecf95baed2be088a70ed37bf471453517b781945756340973b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:06 GMT
content-encoding
gzip
last-modified
Thu, 30 Jan 2020 23:12:38 GMT
server
AmazonS3
x-amz-request-id
7QTJYH2AVZHS64MC
etag
"81955d2a176039c1c6a79ddb9b8b1f81"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=347293
accept-ranges
bytes
content-length
69116
x-amz-id-2
6ZQltDNK48/lTVr8p5cJLRW2shaOf5lj0J6Y5sZJFiaQylSSfvNBHz2phiAluS/m5dhBi4uh8NA=
expires
Mon, 31 Oct 2022 15:41:19 GMT
flag-logo-61423-circle.svg
resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/ 		10 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/flag-logo-61423-circle.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
62946b9242790912548a6dc92f1ef4f28c5996100aba8adf240c56560b7970f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:06 GMT
content-encoding
gzip
last-modified
Thu, 30 Jan 2020 23:12:39 GMT
server
AmazonS3
x-amz-request-id
6BSMY7EN1T679YYD
etag
"9a3fd61165c5bc53615eb9799384e0a2"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=390361
accept-ranges
bytes
content-length
7216
x-amz-id-2
/Hm1fZ5A2na+zKAeDQPh0h6hp7qDfyPynIcV8akHmEA4Xx1xuMTforQVHJpep3OQtF4A11HEoB4=
expires
Tue, 01 Nov 2022 03:39:07 GMT
flag-logo-60006-circle.svg
resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/ 		96 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/flag-logo-60006-circle.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
0a48eafbbacb5e3c696788e271d239c55678188b091bf5354d0c0aa61beb344d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:06 GMT
content-encoding
gzip
last-modified
Thu, 30 Jan 2020 23:12:35 GMT
server
AmazonS3
x-amz-request-id
DXBMXXDJBVENVKM1
etag
"508f95996ebccd6d728c495253c5a236"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=347313
accept-ranges
bytes
content-length
69746
x-amz-id-2
gMgQdbFgnYbaVNKIpgSHi+1oeqkNmrBzYqWuWH56VmK6k+A56A/yvVI15ShlCbtPbLbi1Gn/UsE=
expires
Mon, 31 Oct 2022 15:41:39 GMT
flag-logo-61574-circle.svg
resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/ 		18 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/flag-logo-61574-circle.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b4480d145384b70b3eaaa402f9424f66e054514096ef2d0104980b90f9b30f96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:06 GMT
content-encoding
gzip
last-modified
Wed, 16 Dec 2020 03:33:44 GMT
server
AmazonS3
x-amz-request-id
Q1S5V01G2MM2B95A
etag
"4089d35c111bd3c05741038300152cad"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=234579
accept-ranges
bytes
content-length
7517
x-amz-id-2
0uBWxgkZXIaVtK9R+lBmfyB2WhG421HfksU69xrihywL0RHuX45uRJ7VSAVGcj+ZTNaL/mI/zAJ5QcyhdZoIXg==
expires
Sun, 30 Oct 2022 08:22:45 GMT
flag-logo-60007-circle.svg
resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/ 		99 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/flag-logo-60007-circle.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
769a8be69561df7e3a5d63fe64d3e90db527ce5f8c4696e4b5a0633ff8bcbbf0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:06 GMT
content-encoding
gzip
last-modified
Thu, 30 Jan 2020 23:12:35 GMT
server
AmazonS3
x-amz-request-id
8QNPJZGJX7QKH19Y
etag
"c3be5d15eabbad92d5368ac8a33ed6e4"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=347366
accept-ranges
bytes
content-length
70643
x-amz-id-2
e4w1TTWSEgPQU+B1q3kN9M5isydkZcJZ+4Bt16sDrl+hYduwQn1zZ6F14kXw3oXOt9rIRqztWLI=
expires
Mon, 31 Oct 2022 15:42:32 GMT
flag-logo-60003-circle.svg
resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/ 		75 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/flag-logo-60003-circle.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b757a3c06478bfebfe4b76150068131d9ea683fb96495e900bd1450bf3d6f376

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:06 GMT
content-encoding
gzip
last-modified
Thu, 30 Jan 2020 23:12:34 GMT
server
AmazonS3
x-amz-request-id
QY9Q0411NKJ7ZNZC
etag
"cd00a5cdba5b4abc4648f9ecafc601f8"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=446121
accept-ranges
bytes
content-length
58141
x-amz-id-2
xwJc+7nlin6HmZ9DVz96EdKLQUfqsaljCBnCVBWCL/Sz2DQu06BKi5EL0thVnqNAG6VbWdu5k7c=
expires
Tue, 01 Nov 2022 19:08:27 GMT
flag-logo-60008-circle.svg
resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/ 		78 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/flag-logo-60008-circle.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
13f342a42978ce651f1abc095cc488bb67b22bd20aa0f6084f712947cbdd40c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:06 GMT
content-encoding
gzip
last-modified
Thu, 30 Jan 2020 23:12:35 GMT
server
AmazonS3
x-amz-request-id
57J55Q1WQ3RZFXJW
etag
"899f2d29fbd10d6b89f98e3f3837df91"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=390312
accept-ranges
bytes
content-length
22425
x-amz-id-2
KuVNNA1dJbLHj14jH/YApjzwgYM0Hk9eijgm/WUC0c13/SqwULjGmnLrIrYCTFsqzV/VfgtDAv8=
expires
Tue, 01 Nov 2022 03:38:18 GMT
flag-logo-60001-circle.svg
resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/ 		81 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/flag-logo-60001-circle.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
de7c465bfae286ec197af398056dc491c86fe3c931aff5b50bffb43a38ddebe6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:06 GMT
content-encoding
gzip
last-modified
Thu, 30 Jan 2020 23:12:34 GMT
server
AmazonS3
x-amz-request-id
TC6DBZ09ZNFXY5Z3
etag
"0edbab4f1b0de42384f48dd49943ef77"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=347416
accept-ranges
bytes
content-length
57017
x-amz-id-2
NgCFNYd4Y3Xw1YA0Yhjp/hJbaBfA+c/T3fT+ApRfm6fnKr8j46m/wiNcEwOMa315TmWa8j4bIMo=
expires
Mon, 31 Oct 2022 15:43:22 GMT
flag-logo-60239-circle.svg
resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/ 		58 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/flag-logo-60239-circle.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7b53cf8fd397d3942b28a8ff876fd47c00972892db54c1ee6cf7c2e3ef2bc70a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:06 GMT
content-encoding
gzip
last-modified
Thu, 30 Jan 2020 23:12:38 GMT
server
AmazonS3
x-amz-request-id
XQ7MGN3ZKRGXB28T
etag
"5998b86aa4b029bb5cd2e89bee771f5c"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=341754
accept-ranges
bytes
content-length
38149
x-amz-id-2
DXrOpBSVHS8ODQeyVx/yov0jjXxDP5A+HU1UAi61jGvM4a805sJX24CA3sBpv1O5fyjM8SaDb7o=
expires
Mon, 31 Oct 2022 14:09:00 GMT
flag-logo-60005-circle.svg
resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/ 		216 KB
159 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/flag-logo-60005-circle.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
631c1a9ce05c6f41ad17495ffbe00e9ef93e77603ecc64226afb01d109ff2b30

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:06 GMT
content-encoding
gzip
last-modified
Thu, 30 Jan 2020 23:12:34 GMT
server
AmazonS3
x-amz-request-id
DXBR1J43T1NT3MM1
etag
"1c7e763ab8f0d3758317748d0fa064fb"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=446114
accept-ranges
bytes
content-length
162268
x-amz-id-2
h3ct287aQm6/BAaSTzQQ74ouXwJkv4ImPeKOBpXBp1/5X09fk40eLQGzmimDfxmBzcMqsQn8/bU=
expires
Tue, 01 Nov 2022 19:08:20 GMT
flag-logo-60004-circle.svg
resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/ 		141 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/flag-logo-60004-circle.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
44da28de4528a10054a15045e824c804016a7df0fb2727cf6767d02b6b282c84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:06 GMT
content-encoding
gzip
last-modified
Thu, 30 Jan 2020 23:12:34 GMT
server
AmazonS3
x-amz-request-id
FAWCHR4C737P1F19
etag
"51a8da0001e06df3841dc2ff4febb156"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=351345
accept-ranges
bytes
content-length
105242
x-amz-id-2
Ni7WJj6eH2O+o4VW8H1EKhV3DIRRCSdENd0R7lPETe7qHZj0iK1vYcs2h95LLg7HOxMP2AtYiR4=
expires
Mon, 31 Oct 2022 16:48:51 GMT
flag-logo-60002-circle.svg
resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/ 		95 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/flag-logo-60002-circle.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a40c955ff680651b9a0b86214332ab847242b9805080717a5e594cbe2ec8fe78

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:06 GMT
content-encoding
gzip
last-modified
Thu, 30 Jan 2020 23:12:34 GMT
server
AmazonS3
x-amz-request-id
57JE4Y4CC3NJV9E0
etag
"496c2566f2060c2625ad1a099b467159"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=347338
accept-ranges
bytes
content-length
67067
x-amz-id-2
/POVy/S+/okKxuQW+9PgihVMAJLzfHUvrsefuA6EaYBCOAx3S13Vv11FRcjkbTY27EFVbssJu1Y=
expires
Mon, 31 Oct 2022 15:42:04 GMT
arrow_left_black.png
s3-ap-southeast-2.amazonaws.com/resources.newsplus.com.au/resources/cs/chronicle/images/sports/icon/ 		295 B
651 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/resources.newsplus.com.au/resources/cs/chronicle/images/sports/icon/arrow_left_black.png
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/tgc-sports-scoreboardv2/assets/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.132.103 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
d6a2262db41d6daa01a55bff2ad51439054c6b051f070f0b2c3ecb7a3c482489

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://resourcesssl.newscdn.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 27 Oct 2022 15:13:07 GMT
Last-Modified
Tue, 23 Jan 2018 04:27:10 GMT
Server
AmazonS3
x-amz-request-id
4HWPCBQ39JWRCGCK
ETag
"f55d1ae7b7bc941af883ba0e4179a13a"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
295
x-amz-id-2
KZFM8Fb2oGfuv5az+qxf+fxn9opqpw8gmmVWxWS7vEXs3Jr9llPT1MPoXVXtebJhlx1uzxIKlac=
arrow_right_black.png
s3-ap-southeast-2.amazonaws.com/resources.newsplus.com.au/resources/cs/chronicle/images/sports/icon/ 		294 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/resources.newsplus.com.au/resources/cs/chronicle/images/sports/icon/arrow_right_black.png
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/tgc-sports-scoreboardv2/assets/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.132.103 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
0ec76d4b6ed8c436113f06a582c476855e784f3226de982d3df06453a35eae3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://resourcesssl.newscdn.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 27 Oct 2022 15:13:07 GMT
Last-Modified
Tue, 23 Jan 2018 04:27:38 GMT
Server
AmazonS3
x-amz-request-id
4HWYGBXAQQ5988BZ
ETag
"0213d7039af05f02cbd9551d0dec8d53"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
294
x-amz-id-2
/2lV5KURBgTOCYjj7xU5dJgplUaTVp/QNnerGis59ZOrOKVGCGJXXwGJyq7z6DBjhw1HehPOuy0=
cm
trc.taboola.com/sg/adobe/1/ Frame 2CC3 		43 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Thu, 27 Oct 2022 15:13:05 GMT
via
1.1 varnish
x-served-by
cache-hhn4038-HHN
server
nginx
x-timer
S1666883585.252984,VS0,VE9
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
main.19.8.359.js
static.adsafeprotected.com/ Frame 62CB 		196 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.359.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x90|1&pubId=36557831&chanId=171498791&placementId=5969529023&pubCreative=138409518499&pubOrder=3004275014&cb=48380703&custom=video,comments,story,mc_widget&custom3=168400391&adsafe_par&impId=d82f34bf-5609-11ed-bf76-0a8b1a8f9703
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5fe4cee60703157514ce978943393746a979a9db391171751c1a112d87a2d94f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 17:48:32 GMT
x-amz-version-id
C3H4tKfF2WwZtgWb4iM6h3Ga9eoMcVrA
content-encoding
gzip
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
77074
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 26 Oct 2022 15:25:21 GMT
server
AmazonS3
etag
W/"f74cf064aebe76070098bdc393232df8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
Lmq0nzcSOBTyBMfIYov3E_YXyONvnLFonT2_UpQs6kMpWNd2jXfAhA==
5fe61c8b533204850a490d4d-adobeorg.xml
newscorpau.hb.omtrdc.net/settings/ 		228 B
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://newscorpau.hb.omtrdc.net/settings/5fe61c8b533204850a490d4d-adobeorg.xml?r=1666883585270
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/heartbeat/v2.2.0/MediaSDK.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
0e4e46fa1aa04c24e793912d7aabaa2f2b0f7dc03d73cf74fbe12cb84f062554
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:05 GMT
x-content-type-options
nosniff
last-modified
Thu, 13 Oct 2022 09:00:16 GMT
server
jag
etag
"27000183d092a900"
access-control-allow-methods
GET, OPTIONS
content-type
application/xml; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
228
x-xss-protection
1; mode=block
s13581135902150
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.4/ 		43 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.4/s13581135902150
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 27 Oct 2022 15:13:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy"
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Fri, 28 Oct 2022 15:13:05 GMT
server
jag
etag
3579605241964101632-4619840066599601844
vary
*
content-type
image/gif;charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
expires
Wed, 26 Oct 2022 15:13:05 GMT
/
newscorpau.hb.omtrdc.net/ 		0
16 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://newscorpau.hb.omtrdc.net/?s:sc:rsid=newscorpau-hsweb%2Cnewscorpau-global&s:sc:tracking_server=metrics.heraldsun.com.au&h:sc:ssl=1&s:sp:player_name=NewsCorp%20Brightcove%20Video%20Player&s:sp:hb_version=js-2.2.0.223-05c3c4&l:sp:hb_api_lvl=4&s:event:sid=1666883585273467586033&s:event:type=start&l:event:duration=0&l:event:playhead=0&l:event:ts=1666883585283&l:event:prev_ts=-1&s:asset:type=main&s:asset:name=Qatar%20World%20Cup%202022&s:asset:video_id=6313008703112&s:asset:publisher=5FE61C8B533204850A490D4D%40AdobeOrg&l:asset:length=109&s:stream:type=vod&l:stream:bitrate=5000&l:stream:fps=24&l:stream:dropped_frames=10&l:stream:startup_time=0&s:meta:brand=herald%20sun&s:meta:site=herald%20sun%20web&s:meta:videoSource=afp_videography&s:meta:advtType=CSAI&s:meta:a.media.network=herald%20sun&s:meta:mediacontenttype=Standard&s:meta:mediaautoplayanalytics=anonymous%7Cundefined%7Cerror%7Cyes&s:meta:playlistOrder=1&s:meta:accessType=free&s:meta:CastingStatus=CHROMECAST&s:meta:a.media.streamType=video
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/heartbeat/v2.2.0/MediaSDK.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 27 Oct 2022 15:13:05 GMT
cache-control
no-cache, no-store, max-age=0, no-transform, private
x-content-type-options
nosniff
server
jag
x-xss-protection
1; mode=block
truncated
/ 		403 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
359ae88af34132a98271ad73e6915d0d2bf125c3b8f5a0c03162c619ba249800

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin
https://www.heraldsun.com.au
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
ff17b6cd6448b7679f6566158fc8920a
content.api.news/v3/images/bin/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/ff17b6cd6448b7679f6566158fc8920a
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
cba168029774d08af251e1cff7c8d1efb50bd69fedb82c54d5994a171113025c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:05 GMT
x-check-cacheable
YES
edge-cache-tag
ff17b6cd6448b7679f6566158fc8920a
content-length
6784
last-modified
Thu, 27 Oct 2022 01:18:14 GMT
server
Akamai Image Manager
x-serial
1220
etag
7fb33f8567dbfcf9767ef955d82a1d3b-ff17b6cd6448b7679f6566158fc8920a-0
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5133916
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Mon, 26 Dec 2022 01:18:21 GMT
tracker
metrics.brightcove.com/v2/ 		35 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=5e4db17f73ec5d5431bc1c38&account=5348771529001&destination=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&platform_version=6.63.5&player=players.brightcove.com%2F5348771529001%2F938M1Zecs_default&player_name=%5BPROD%5D%20-%20v6.63&source=https%3A%2F%2Fcontent.isentia.io%2F&time=1666883585264&event=play_request&video=6313008703112&video_name=Qatar%20World%20Cup%202022&video_duration=109&media_url=https%3A%2F%2Fmanifest.prod.boltdns.net%2Fmanifest%2Fv1%2Fhls%2Fv4%2Fclear%2F5348771529001%2F6ba274fa-fdf1-44ad-b7cd-df5a23811950%2F10s%2Fmaster.m3u8%3Ffastly_token%3DNjM3ZThmYmRfMzA2NjU5NGJiNjJmNDhmNWJjNTIwNDBlZTY3OTc3ZDFiZmI2ZGZhMjlhY2Q5OThjZTJjM2UyNDVjNGM3ZjQ0NA%253D%253D&seq=5_0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
cache-control
must-revalidate,no-cache,no-store
via
1.1 google
date
Thu, 27 Oct 2022 15:13:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
integrator.js
adservice.google.sk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.sk/adsid/integrator.js?domain=www.heraldsun.com.au
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.heraldsun.com.au
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=video%40heraldsun.com.au&g=36976&p=6313008703112&i=Qatar%20World%20Cup%202022&g0=sport%2Cfootball%2Cvideo%2Ccomments%2Cstory%2Cmc_widget%2Cpc.ct.restricted&g1=Joe%20Barton&u=C4OI13DBQVbPBxz3_t&t=CmSbjECR3UWgCA6F-cDYXCPUDooAc3&x=0&y=0&V=136&VS=BCN&n=1&b=10441&_vd=0&_vi=FIFA%20World%20Cup%20Qatar%3A%20Socceroos%20protest%20human%20rights%20abuses%20%7C%20Herald%20Sun&_vp=heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805&_vh=heraldsun.com.au&_pu=5LINFCrnAmMrNRWh&_pt=ByhM-2D2VRkKBkcxbdB8B8RMoaLs4&_pr=https%3A%2F%2Fcontent.isentia.io%2F&_vdd=heraldsun.com.au&_vt=ct&_vs=s3&_vcs=0&_vbr=-1&_vvs=5.716&_vpt=0&_vtn=https%3A%2F%2Fcf-images.ap-southeast-2.prod.boltdns.net%2Fv1%2Fstatic%2F5348771529001%2F6ba274fa-fdf1-44ad-b7cd-df5a23811950%2F803fe2ee-489f-4d4e-ab94-82cfe978c0b3%2F152x85%2Fmatch%2Fimage.jpg&_vaup=unkn&_vce=0&c=0.1&W=0&R=0&I=1&E=0&j=75&tz=0&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.198.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-198-241.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 27 Oct 2022 15:13:05 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
main.19.8.359.js
static.adsafeprotected.com/ Frame 02AF 		196 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.359.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171498791&placementId=4682990628&pubCreative=138234092474&pubOrder=305536031&cb=116793390&custom=video,comments,story,mc_widget&custom3=168400391&adsafe_par&impId=d82f34b9-5609-11ed-bf76-0a8b1a8f9703
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5fe4cee60703157514ce978943393746a979a9db391171751c1a112d87a2d94f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 17:48:32 GMT
x-amz-version-id
C3H4tKfF2WwZtgWb4iM6h3Ga9eoMcVrA
content-encoding
gzip
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
77074
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 26 Oct 2022 15:25:21 GMT
server
AmazonS3
etag
W/"f74cf064aebe76070098bdc393232df8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
8mx9100o9gZXhaXoXy4jJZccfdtVEEcBN-T4XIdi-6LcdP8pDtkzRQ==
main.19.8.359.js
static.adsafeprotected.com/ Frame 67E5 		196 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.359.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171498791&placementId=4682990628&pubCreative=138234025548&pubOrder=305536031&cb=549720203&custom=video,comments,story,mc_widget&custom3=168400391&adsafe_par&impId=d82f34bc-5609-11ed-bf76-0a8b1a8f9703
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5fe4cee60703157514ce978943393746a979a9db391171751c1a112d87a2d94f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 17:48:32 GMT
x-amz-version-id
C3H4tKfF2WwZtgWb4iM6h3Ga9eoMcVrA
content-encoding
gzip
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
77074
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 26 Oct 2022 15:25:21 GMT
server
AmazonS3
etag
W/"f74cf064aebe76070098bdc393232df8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
xiKD-YdDjIw9u9JmSt7Ygco0OqHGBR4XFyKKwrZbi_YCydPwSVGBDw==
sca.17.6.2.js
static.adsafeprotected.com/ Frame CAA0 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
3109009
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
YW5q6hfvx4Q_dcB8qqCw-h1-ZuOP6NhOHdZmzKAhqGoEt1REF53juw==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|2&pubId=20970311&chanId=171498791&placementId=4682990628&pubCreative=138234025461&pubOrder=305536031&cb=691231990&custom=video,comments,story,mc_widget&custom3=168400391&adsafe_par&impId=d82f34ba-5609-11ed-bf76-0a8b1a8f9703&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:25c7bc1f-c813-f3c3-d390-279fa584c77a,c:sg11Er,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-79666768cd-zrwgs,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:800.6840.1.1,am:i,cc:800.6840.1.1,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:474,mot:0,app:0,maw:0,fm:tltDEiB+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1n*.10507%7C1n1%7C1o1%7C1p1%7C1q1%7C1r1%7C1s1%7C1t%7C1u%7C1v,idMap:1n*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:495,oid:db033bb3-5609-11ed-9f3c-6e855a8d9f42,v:19.8.359,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.167.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-167-95.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:05 GMT
server
nginx
x-server-name
app16.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
main.19.8.359.js
static.adsafeprotected.com/ Frame 899B 		196 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.359.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=171498791&placementId=4682990628&pubCreative=138234082439&pubOrder=305536031&cb=1847994274&custom=video,comments,story,mc_widget&custom3=168400391&adsafe_par&impId=d82f34bd-5609-11ed-bf76-0a8b1a8f9703
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5fe4cee60703157514ce978943393746a979a9db391171751c1a112d87a2d94f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 17:48:32 GMT
x-amz-version-id
C3H4tKfF2WwZtgWb4iM6h3Ga9eoMcVrA
content-encoding
gzip
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
77074
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 26 Oct 2022 15:25:21 GMT
server
AmazonS3
etag
W/"f74cf064aebe76070098bdc393232df8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
CPEhGc-Miyyfk7DF9rRIW8YlGTNDQQAtZ-kvJHlo55d28MuJS87LkQ==
main.19.8.359.js
static.adsafeprotected.com/ Frame 6113 		196 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.359.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171498791&placementId=4682990628&pubCreative=138386539437&pubOrder=305536031&cb=933584361&custom=video,comments,story,mc_widget&custom3=168400391&adsafe_par&impId=d82f34be-5609-11ed-bf76-0a8b1a8f9703
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5fe4cee60703157514ce978943393746a979a9db391171751c1a112d87a2d94f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 17:48:32 GMT
x-amz-version-id
C3H4tKfF2WwZtgWb4iM6h3Ga9eoMcVrA
content-encoding
gzip
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
77074
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 26 Oct 2022 15:25:21 GMT
server
AmazonS3
etag
W/"f74cf064aebe76070098bdc393232df8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
iAXmNKRWfQBbVKCu3VsptS2ElV0e_s6fzqEcH7Sj2w_1nwtxyZ5rkw==
0
sync.1rx.io/usersync/adobe/ Frame 2CC3 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/adobe/0?dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 Amsterdam, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:05 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 8D8B 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
3109009
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
om0icENIPi7t2hJM-KOvbdGgCq-Ctgkp8v2sJFgQzHP447kdGQZm2Q==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|1&pubId=20970311&chanId=171498791&placementId=4682990628&pubCreative=138234143368&pubOrder=305536031&cb=407886589&custom=video,comments,story,mc_widget&custom3=168400391&adsafe_par&impId=d82f34bb-5609-11ed-bf76-0a8b1a8f9703&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:16f886c2-e3c9-5e6c-a8dc-38e2c2195686,c:sg11Gb,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-79666768cd-r6zzn,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:1274.959.1.1,am:i,cc:1274.959.1.1,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:590,mot:0,app:0,maw:0,fm:tltDEiE+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1n1%7C1n2%7C1o*.10507%7C1o1%7C1p1%7C1q1%7C1r1%7C1s1%7C1t%7C1u%7C1v,idMap:1o*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:599,oid:db033bee-5609-11ed-ac6c-3a3556dd593a,v:19.8.359,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.167.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-167-95.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:05 GMT
server
nginx
x-server-name
app13.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=25c7bc1f-c813-f3c3-d390-279fa584c77a&tv=%7Bc:sg11Gu,pingTime:-2,time:621,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:209,beZ:210,mfA:682,cmA:684,inA:684,inZ:687,prA:687,prZ:694,si:704,poA:705,poZ:724,cmZ:724,mfZ:724,loA:782,loZ:785,ltA:829,ltZ:829,mdA:210,mdZ:339%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:494%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:621,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:494,wc:0.0.1600.1200,ac:800.6840.1.1,am:i,cc:800.6840.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B144~0%5D,as:%5B144~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tltDEiB+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1n*.10507%7C1n1%7C1o1%7C1p1%7C1q1%7C1r1%7C1s1%7C1t%7C1u%7C1v,idMap:1n*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,siq:496,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/sport/football_1,google_ads_iframe_/5129/ndm.hwt/sport/football_1__container__,ad-block-728x90-2%5D,sinceFw:124,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:05 GMT
server
nginx
x-server-name
dt02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
ads
pubads.g.doubleclick.net/gampad/ Frame F416 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?gdfp_req=1&output=xml_vmap1&unviewed_position_start=1&url=https%3A%2F%2Fintegralads.com&correlator=174778470731127&hl=en&cmsid=5591&description_url=https%3A%2F%2Fintegralads.com&ad_rule=1&pvid&env=vp&sz=427x240&cust_params=ap%3Don%26vsite%3Dheraldsun%26prod%3Dvideo%26kw%3Dplayers%20association%2CInternational%20Labor%20Organisation%2CMitchell%20Duke%2Chuman%20rights%20record%2CJamie%20Maclaren%2CArab%20nation%2Chuman%20rights%2Cmoral%20leadership%2Cshowpiece%20event%2CAgence%20France%20Presse%2COceania%2CMike%20Owen%2CWestern%20Asia%2CQatar%2Csame-sex%20relationship%20laws%2Cconservative%20estimation%2CJoe%20Linus%20Barton%2CPeter%20Tatchell%2CKathryn%20Gill%2CFIFA%2CInternational%2CGetty%20Images%20Inc.%2CAustralia%20and%20New%20Zealand%2Cmigrant%20labour%2Cpenalty-shootout%20hero%2CMat%20Ryan%2Cmigrant%20workers%2Cruler%20sheik%2Cmigrant%20resource%20centre%2CTamim%20bin%20Hamad%20al-Thani%2Cgay%20rights%20activist%2CProfessional%20Footballers%20Association%2Cprofound%20human%20rights%2CInternational%20Trade%20Union%20Confederation%2CAsia%2Cbold%20statement%2CAustralia%2Chuman%20rights%20abuses%2Csame-sex%20relationships%2Ccontroversial%20same-sex%20relationship%2CAndrew%20Redmayne%2CGroup%20D%20SA%26pltype%3Dother%26ph%3D0%26pw%3D0%26plo%3D1%26source%3DAFP_Videography%26muted%3Dyes%26pos%3D1%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26id%3Dd83d3e3b-5609-11ed-bac8-0af16f05f78d%26grm_vv%3D40%2C50%2C60%2C70%26vw_vv%3D40%2C50%2C60%2C70%2C80%26nk%3D4266bc4de45aa575d451af048646f817%26sec1%3Dsport%26sec2%3Dfootball%26siteview%3D1%26pagetype%3Dvideo%2Ccomments%2Cstory%2Cmc_widget%26aid%3D06ae81845d541688c402efd2ac9e7805%26pid%3Dnone%26tts%3Dn%26ttm%3Dn%26us%3Db%26s%3D0%26adl%3Dfalse%26sno%3D0%26snol%3D&iu=%2F5129%2Fndm.hwt%2Fsport%2Ffootball&vid=6313008703112&vpa=click&vpmute=1&sdkv=h.3.541.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&ciu_szs=728x90%7C970x250%7C970x50%7C1000x100%2C728x90%2C300x250%7C300x600%2C300x250%2C1000x50%7C728x1%2C4x4%2C300x90%7C315x90%2C1x1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=brightcove%2Fplayer-ht&mpv=3.6.0&sdki=445&ptt=20&adk=1637021430&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.541.0&media_url=blob%3Ahttps%253a%2F%2Fwww.heraldsun.com.au%2F8ebbfef9-8584-429d-9eb7-a271e8767794&sid=DAD81463-BEB9-4477-A58C-24843B2A812C&a3p=EhkKDGxpdmVyYW1wLmNvbRIAGJ7_g9DBMEgA&nel=0&eid=44733378%2C44748969%2C44765701%2C44768716&ref=https%3A%2F%2Fcontent.isentia.io%2F&top=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&loc=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&dlt=1666883577658&idt=2827&dt=1666883585485&cookie=ID%3Da3e9de5b583b958b%3AT%3D1666883583%3AS%3DALNI_MaDhZfYBx3HJGqISRR68FvAJdJl4A&gpic=UID%3D00000b78cd9d50ad%3AT%3D1666883583%3ART%3D1666883583%3AS%3DALNI_Mbpb-jkguD3FOPBrIEKwxZt-BbZJg&scor=3470133702433304&ged=ve4_td7_tt5_pd7_la7000_er805.176.1320.1092_vi0.0.1200.1600_vp77_eb23147
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.541.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
18e977bdecd0ee8269a38b81cd109e7a974de2ace232e250a2cd0c1500bc6c19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1890
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=16f886c2-e3c9-5e6c-a8dc-38e2c2195686&tv=%7Bc:sg11GJ,pingTime:0,time:633,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:1,h:1,t:599%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:633,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:599,wc:0.0.1600.1200,ac:1274.959.1.1,am:i,cc:1274.959.1.1,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B42~100%5D,as:%5B42~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tltDEiE+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1n1%7C1n2%7C1o*.10507%7C1o1%7C1p1%7C1q1%7C1r1%7C1s1%7C1t%7C1u%7C1v,idMap:1o*,rmeas:1,rend:1,renddet:IMG.qs,siq:599%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:05 GMT
server
nginx
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
s16190819007246
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.4/ 		43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.4/s16190819007246?AQB=1&ndh=1&pf=1&t=27%2F9%2F2022%2015%3A13%3A5%204%200&cid.&newsnkidcookie.&id=4266bc4de45aa575d451af048646f817&as=1&.newsnkidcookie&.cid&vid=4266bc4de45aa575d451af048646f817&mid=44663009312486261422608925643828939322&aamlh=6&ce=UTF-8&ns=newscorpau&cdp=3&pageName=hs%7Csport%7Cmc_widget%7Csocceroos%E2%80%99%20world-first%20world%20cup%20protest&g=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&cc=AUD&events=event8%2Cevent54&v1=news%20corp%20au&v2=herald%20sun&v3=herald%20sun%20web&v4=sport&v5=football&v9=video%2Bcomments%2Bstory%2Bmc_widget&v10=D%3DpageName&v11=D%3Dvid&v12=not%20set&v14=anonymous&v15=restricted&v16=06ae81845d541688c402efd2ac9e7805&v17=socceroos%E2%80%99%20world-first%20world%20cup%20protest&v18=joe%20barton&v19=news%20corp%20australia%20sports%20newsroom&v20=2022-10-27%2007%3A36%3A00&v22=2%3A13%20AM%7CFriday&v24=New&v34=D%3Dg&v77=D%3Dmid&pe=lnk_o&pev2=event&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 28 Oct 2022 15:13:05 GMT
server
jag
etag
3579605242593017856-4619735237722127024
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
43
x-xss-protection
1; mode=block
expires
Wed, 26 Oct 2022 15:13:05 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022102401&jk=406378770922046&bg=!DwylDEjNAAZPh4lnb4c7ACkAdvg8Wu8aFD1oSOZTY0gFwicLsg1nR4W7BesCOTasYt_W0yzTQqyxWwIAAAEGUgAAAANoAQcKABY6awBHeb_5OcVk7RJYO9he7iavKWr7mQKv7IOPvZrtBQbbY9YgYgFqfV2rPcdvfWEVlJvaEpdZ3yvyogzp5o8zMzIl0xiKZwfsfBNFhtruhQVIjEdKOKxaPfxzIcJ7Ej-rB0PSV7T_qzuwbqXqxCpFRsD8FqXyi6wZXVYcIgXFeW4XoLMIZM3FU7yAO3jWMMCxJ_8MF3nLOalzP-9ZAKbSaA2gmNs7TpH4v_X2htqNtdVzTy3vN9JOyC2TsQEgXHpTvvngopC9xF_YnJZ_qJs02VfiSAqjC7czB1ZuKPj8Uf5Reo5274cQrPCbhntrRjpEqJhbvBosBTRhMdBc0nntw6GBMFUFirWCJccesTTSjsEGBvfiA0cQWHAQKGuJEkmU9lPaFRUlqaEZfYAUuBg-V47nsnmOrRm3QAuGYupbFDULvbQscLkDKu52OeoY0E0Wt34J4ScuW13Z4eGInNZAEVs6_Z4aDbXvm4oaQ389i7kM2tW3iw9Rlq34brg6rTd_2Metw0gfXtzqoMFMUTL_MLtSjZp6x6lZwDqDA8WSAw31GVNyaP8GebtprDCbmVBhdk6rd0iTkoraQSUry8qpLOqQVJeLFJivixqVipw3YBuIb3aq4BP1hAnsMpeCBnH3Rx5ipgJbTrfELmsa-X_T-QounE7oT7E6T7nOgW-ZQPB1qBd6oIWnC1sXSkvhqI3Wjy2ORROep_DNQLmrg6SYpkSlwJWhVgO61_NWWHkZFC9jmDBujFDngd7WJrYFFSL6R1l6YIGQQf3vY38Y2QAC8aDWbJPl3yeXmMrltJpG0WQGd0_OMdrDrg5LDx6j4T3VlftWoLrKyxzlAhgrFPjaULlQiPJXg7wixUJHpqvAqi_GOWHoVr7AahrD9Wi702p-yKCiI8RrpCcGRw8zZrrc0j9Oob2auGCe-uDzqVSqLyv2-BF9qEmq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
sca.17.6.2.js
static.adsafeprotected.com/ Frame AE36 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
3109009
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
1Pir2aGxefxActxOdwzuMzoF1mfTFVCezkzPOsQUKltW1gPvJGP4Lg==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=300x90|1&pubId=36557831&chanId=171498791&placementId=5969529023&pubCreative=138409518499&pubOrder=3004275014&cb=48380703&custom=video,comments,story,mc_widget&custom3=168400391&adsafe_par&impId=d82f34bf-5609-11ed-bf76-0a8b1a8f9703&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:b69d6115-d715-966a-6ca0-742a76fed2a1,c:sg11HQ,sl:inView,em:true,fr:true,thd:1,mn:jsserver-experiment-primary-5f6d559c5-48tjr,rg:ie,pt:1-2-3-4-5-6-7-8-9-10-11-12-13-14-15,wc:0.0.1600.1200,ac:1124.794.300.90,am:i,cc:1124.794.300.90,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:317,mot:0,app:0,maw:0,fm:tltDEoD+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1n1%7C1n2%7C1o1%7C1o2%7C1p1%7C1q1%7C1r1%7C1s*.10507%7C1s1%7C1t%7C1u,idMap:1s*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:331,oid:db033c06-5609-11ed-97df-1e72da43981c,v:19.8.359,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.167.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-167-95.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:05 GMT
server
nginx
x-server-name
app19.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=16f886c2-e3c9-5e6c-a8dc-38e2c2195686&tv=%7Bc:sg11I3,pingTime:-2,time:715,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:188,beZ:189,mfA:777,cmA:778,inA:778,inZ:779,prA:779,prZ:783,si:787,poA:787,poZ:797,cmZ:797,mfZ:797,loA:828,loZ:830,ltA:902,ltZ:902,mdA:189,mdZ:362%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:1,h:1,t:599%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:715,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:599,wc:0.0.1600.1200,ac:1274.959.1.1,am:i,cc:1274.959.1.1,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B124~100%5D,as:%5B124~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tltDEiE+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1n1%7C1n2%7C1o*.10507%7C1o1%7C1p1%7C1q1%7C1r1%7C1s1%7C1t%7C1u%7C1v,idMap:1o*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:IMG.qs,siq:599,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/sport/football_2,google_ads_iframe_/5129/ndm.hwt/sport/football_2__container__,ad-block-300x250-1,rhc,story%5D,sinceFw:115,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:05 GMT
server
nginx
x-server-name
dt17.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
/
newscorpau.hb.omtrdc.net/ 		0
16 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://newscorpau.hb.omtrdc.net/?s:sc:rsid=newscorpau-hsweb%2Cnewscorpau-global&s:sc:tracking_server=metrics.heraldsun.com.au&h:sc:ssl=1&s:user:mid=44663009312486261422608925643828939322&s:user:id=4266bc4de45aa575d451af048646f817&s:aam:blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&l:aam:loc_hint=6&s:cuser:newsnkidcookie.id=4266bc4de45aa575d451af048646f817&s:cuser:newsnkidcookie.as=1&s:sp:player_name=NewsCorp%20Brightcove%20Video%20Player&s:sp:hb_version=js-2.2.0.223-05c3c4&l:sp:hb_api_lvl=4&s:event:sid=1666883585273467586033&s:event:type=aa_start&l:event:duration=0&l:event:playhead=0&l:event:ts=1666883585401&l:event:prev_ts=-1&s:asset:type=main&s:asset:name=Qatar%20World%20Cup%202022&s:asset:video_id=6313008703112&s:asset:publisher=5FE61C8B533204850A490D4D%40AdobeOrg&l:asset:length=109&s:stream:type=vod&l:stream:bitrate=5000&l:stream:fps=24&l:stream:dropped_frames=10&l:stream:startup_time=0
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/heartbeat/v2.2.0/MediaSDK.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 27 Oct 2022 15:13:05 GMT
cache-control
no-cache, no-store, max-age=0, no-transform, private
x-content-type-options
nosniff
server
jag
x-xss-protection
1; mode=block
sca.17.6.2.js
static.adsafeprotected.com/ Frame CBDF 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
3109009
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
b0A2oVe037I04Celhcz49C8r6rAxDGWxlf5PF0GUhq0OCR5VviWg3Q==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|1&pubId=20970311&chanId=171498791&placementId=4682990628&pubCreative=138234092474&pubOrder=305536031&cb=116793390&custom=video,comments,story,mc_widget&custom3=168400391&adsafe_par&impId=d82f34b9-5609-11ed-bf76-0a8b1a8f9703&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:e2fb49ea-e6ae-df74-7934-5bc3272a49b2,c:sg11Iu,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-79666768cd-8pt8f,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:266,mot:0,app:0,maw:0,fm:tltDEq9+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m*.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1o2%7C1p1%7C1q1%7C1r1%7C1s1%7C1s2%7C1t%7C1u,idMap:1m*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:277,oid:db038a77-5609-11ed-b6dd-124c208b3440,v:19.8.359,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.167.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-167-95.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:05 GMT
server
nginx
x-server-name
app14.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sca.17.6.2.js
static.adsafeprotected.com/ Frame 6E0D 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
3109009
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
8CeyiNBKWA0xj6964AgS55DEfIoedeoAc7CMIEgvKSkZu2dcJun0kw==
mon
pixel.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|2&pubId=20970311&chanId=171498791&placementId=4682990628&pubCreative=138234025548&pubOrder=305536031&cb=549720203&custom=video,comments,story,mc_widget&custom3=168400391&adsafe_par&impId=d82f34bc-5609-11ed-bf76-0a8b1a8f9703&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:754b79d0-ce9b-ee54-da9b-33b338b8dba2,c:sg11IN,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-79666768cd-lhffk,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:1274.3878.1.1,am:i,cc:1274.3878.1.1,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:285,mot:0,app:0,maw:0,fm:tltDEqb+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1m2%7C1n1%7C1n2%7C1o1%7C1o2%7C1p*.10507%7C1p1%7C1q1%7C1r1%7C1s1%7C1s2%7C1t%7C1u,idMap:1p*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:294,oid:db075a72-5609-11ed-a758-9e0912bcabf9,v:19.8.359,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.167.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-167-95.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:05 GMT
server
nginx
x-server-name
app10.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b69d6115-d715-966a-6ca0-742a76fed2a1&tv=%7Bc:sg11J5,pingTime:0,time:408,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:331%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:408,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:331,wc:0.0.1600.1200,ac:1124.794.300.90,am:i,cc:1124.794.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B89~100%5D,as:%5B89~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tltDEoD+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1n1%7C1n2%7C1o1%7C1o2%7C1p1%7C1q1%7C1r1%7C1s*.10507%7C1s1%7C1t%7C1u,idMap:1s*,rmeas:1,rend:1,renddet:IMG.qs,siq:331%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:05 GMT
server
nginx
x-server-name
dt15.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sca.17.6.2.js
static.adsafeprotected.com/ Frame EE4D 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
3109009
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
9h_2RYJatB7lKnaNl7Wfvu8vzEWQJSF3S7FnG_g1dF-wzO3jr8EhMA==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=10x10|1&pubId=20970311&chanId=171498791&placementId=4682990628&pubCreative=138234082439&pubOrder=305536031&cb=1847994274&custom=video,comments,story,mc_widget&custom3=168400391&adsafe_par&impId=d82f34bd-5609-11ed-bf76-0a8b1a8f9703&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:3522688d-97ec-996e-67fc-3bedfbb87cbc,c:sg11Jn,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-79666768cd-nc2q6,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:0.6881.10.10,am:i,cc:0.6881.10.10,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:274,mot:0,app:0,maw:0,fm:tltDEqV+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1m2%7C1n1%7C1n2%7C1o1%7C1o2%7C1p1%7C1p2%7C1q*.10507%7C1q1%7C1r1%7C1s1%7C1s2%7C1t%7C1u,idMap:1q*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:A.qs.tn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:285,oid:db0e3907-5609-11ed-8896-46e0148ececc,v:19.8.359,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.167.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-167-95.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:05 GMT
server
nginx
x-server-name
app13.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sca.17.6.2.js
static.adsafeprotected.com/ Frame 2A28 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
3109009
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
jN2T3jHI-VwYb2-z-6SSvK0bvYjuIuleoMVIdnI-UtexvcpogqSoiw==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|1&pubId=20970311&chanId=171498791&placementId=4682990628&pubCreative=138386539437&pubOrder=305536031&cb=933584361&custom=video,comments,story,mc_widget&custom3=168400391&adsafe_par&impId=d82f34be-5609-11ed-bf76-0a8b1a8f9703&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:9ba9948d-fbfa-5819-416d-30d9231f2636,c:sg11JF,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-79666768cd-vm22m,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:387.3182.1.1,am:i,cc:387.3182.1.1,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:291,mot:0,app:0,maw:0,fm:tltDEqX+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1m2%7C1n1%7C1n2%7C1o1%7C1o2%7C1p1%7C1p2%7C1q1%7C1q2%7C1r*.10507%7C1r1%7C1s1%7C1s2%7C1t%7C1u,idMap:1r*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:300,oid:db0a682e-5609-11ed-b13e-ee8266386236,v:19.8.359,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.167.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-167-95.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:05 GMT
server
nginx
x-server-name
app07.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame B4FF 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss9pk2p7IcahbNncJK-2qjh3SrlSjDGrx7Qw39LjDyYa6bY7NFcA-5ijx-KT98usj10T8Jnw5a3x6uyvBwYdioO2JyiyP4DgxRn-aRHYboDt_6Jq36b&sig=Cg0ArKJSzNmaCX1VDwVkEAE&id=lidar2&mcvt=1085&p=632,1124,722,1424&mtos=1085,1085,1085,1085,1085&tos=1085,0,0,0,0&v=20221026&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=886342014&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666883584240&rpt=381&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b69d6115-d715-966a-6ca0-742a76fed2a1&tv=%7Bc:sg11Km,pingTime:-2,time:487,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:607,beZ:609,mfA:924,cmA:925,inA:925,inZ:927,prA:927,prZ:933,si:938,poA:938,poZ:949,cmZ:949,mfZ:949,loA:1019,loZ:1020,ltA:1093,ltZ:1093,mdA:609,mdZ:668%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:331%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:487,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:331,wc:0.0.1600.1200,ac:1124.794.300.90,am:i,cc:1124.794.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B168~100%5D,as:%5B168~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tltDEoD+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1o2%7C1p.10507%7C1p1%7C1q1%7C1r1%7C1s*.10507%7C1s1%7C1t%7C1u,idMap:1s*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:IMG.qs,siq:331,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/sport/football_6,google_ads_iframe_/5129/ndm.hwt/sport/football_6__container__,ad-block-300x90-1,rhc,story%5D,sinceFw:155,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:05 GMT
server
nginx
x-server-name
dt16.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=e2fb49ea-e6ae-df74-7934-5bc3272a49b2&tv=%7Bc:sg11KN,pingTime:-2,time:420,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:811,beZ:813,mfA:1077,cmA:1078,inA:1078,inZ:1079,prA:1079,prZ:1085,si:1088,poA:1088,poZ:1097,cmZ:1097,mfZ:1097,loA:1180,loZ:1182,ltA:1230,ltZ:1230,mdA:813,mdZ:874%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:276%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:420,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:276,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B153~0%5D,as:%5B153~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tltDEoD+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m*.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1o2%7C1p.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s.10507%7C1s1%7C1s2%7C1t%7C1u,idMap:1m*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.us,siq:277,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/sport/football_0,google_ads_iframe_/5129/ndm.hwt/sport/football_0__container__,ad-block-728x90-1%5D,sinceFw:142,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:05 GMT
server
nginx
x-server-name
dt18.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=754b79d0-ce9b-ee54-da9b-33b338b8dba2&tv=%7Bc:sg11KS,pingTime:-2,time:423,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:620,beZ:621,mfA:905,cmA:905,inA:905,inZ:906,prA:906,prZ:910,si:914,poA:914,poZ:923,cmZ:923,mfZ:923,loA:1005,loZ:1007,ltA:1043,ltZ:1043,mdA:622,mdZ:697%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:294%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:423,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:294,wc:0.0.1600.1200,ac:1274.3878.1.1,am:i,cc:1274.3878.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B137~0%5D,as:%5B137~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tltDEoD+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m.10507%7C1m1%7C1m2%7C1n1%7C1n2%7C1o1%7C1o2%7C1p*.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s.10507%7C1s1%7C1s2%7C1t%7C1u,idMap:1p*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,siq:294,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/sport/football_3,google_ads_iframe_/5129/ndm.hwt/sport/football_3__container__,ad-block-300x250-2,rhc,story%5D,sinceFw:129,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:05 GMT
server
nginx
x-server-name
dt19.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=3522688d-97ec-996e-67fc-3bedfbb87cbc&tv=%7Bc:sg11KW,pingTime:-2,time:381,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:620,beZ:621,mfA:894,cmA:894,inA:894,inZ:895,prA:895,prZ:900,si:905,poA:905,poZ:912,cmZ:912,mfZ:912,loA:975,loZ:976,ltA:1001,ltZ:1001,mdA:622,mdZ:680%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:10,h:10,t:284%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:381,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:284,wc:0.0.1600.1200,ac:0.6881.10.10,am:i,cc:0.6881.10.10,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B107~0%5D,as:%5B107~10.10%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tltDEq9+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m.10507%7C1m1%7C1m2%7C1n1%7C1n2%7C1o1%7C1o2%7C1p.10507%7C1p1%7C1p2%7C1q*.10507%7C1q1%7C1r.10507%7C1r1%7C1s1%7C1s2%7C1t%7C1u,idMap:1q*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:A.qs.tn,siq:285,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/sport/football_4,google_ads_iframe_/5129/ndm.hwt/sport/football_4__container__,ad-block-1000x50-1%5D,sinceFw:95,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:05 GMT
server
nginx
x-server-name
dt21.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=9ba9948d-fbfa-5819-416d-30d9231f2636&tv=%7Bc:sg11L0,pingTime:-2,time:383,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:647,beZ:648,mfA:938,cmA:938,inA:938,inZ:939,prA:939,prZ:943,si:947,poA:947,poZ:959,cmZ:959,mfZ:959,loA:1004,loZ:1006,ltA:1030,ltZ:1030,mdA:649,mdZ:719%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:1,h:1,t:300%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:383,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:300,wc:0.0.1600.1200,ac:387.3182.1.1,am:i,cc:387.3182.1.1,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B91~0%5D,as:%5B91~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tltDEq9+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m.10507%7C1m1%7C1m2%7C1n1%7C1n2%7C1o1%7C1o2%7C1p.10507%7C1p1%7C1p2%7C1q.10507%7C1q1%7C1q2%7C1r*.10507%7C1r1%7C1s1%7C1s2%7C1t%7C1u,idMap:1r*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:300,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/sport/football_5,google_ads_iframe_/5129/ndm.hwt/sport/football_5__container__,ad-block-4x4-1,story-primary,story-body,story%5D,sinceFw:83,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:05 GMT
server
nginx
x-server-name
dt29.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
validate
assets.vidora.com/v1/ 		0
310 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://assets.vidora.com/v1/validate?api_key=newsau_video.93DFAEA2BB0A788E1466709DFF2B086C
Requested by
Host: assets.vidora.com
URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:b600:4:77d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 27 Oct 2022 15:13:06 GMT
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
server
openresty/1.21.4.1
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
iZZq3uRYI2gFWdgVyrGdpvInbaYZ9CfmPIFrVEJBAAjEouXKTAQoyA==
expires
Thu, 27 Oct 2022 15:13:05 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame F416 		18 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F5129%2Fndm.hwt%2Fsport%2Ffootball&sz=427x240&ciu_szs=728x90%7C970x250%7C970x50%7C1000x100%2C728x90%2C300x250%7C300x600%2C300x250%2C1000x50%7C728x1%2C4x4%2C300x90%7C315x90%2C1x1&cust_params=ap%3Don%26vsite%3Dheraldsun%26prod%3Dvideo%26kw%3Dplayers%20association%2CInternational%20Labor%20Organisation%2CMitchell%20Duke%2Chuman%20rights%20record%2CJamie%20Maclaren%2CArab%20nation%2Chuman%20rights%2Cmoral%20leadership%2Cshowpiece%20event%2CAgence%20France%20Presse%2COceania%2CMike%20Owen%2CWestern%20Asia%2CQatar%2Csame-sex%20relationship%20laws%2Cconservative%20estimation%2CJoe%20Linus%20Barton%2CPeter%20Tatchell%2CKathryn%20Gill%2CFIFA%2CInternational%2CGetty%20Images%20Inc.%2CAustralia%20and%20New%20Zealand%2Cmigrant%20labour%2Cpenalty-shootout%20hero%2CMat%20Ryan%2Cmigrant%20workers%2Cruler%20sheik%2Cmigrant%20resource%20centre%2CTamim%20bin%20Hamad%20al-Thani%2Cgay%20rights%20activist%2CProfessional%20Footballers%20Association%2Cprofound%20human%20rights%2CInternational%20Trade%20Union%20Confederation%2CAsia%2Cbold%20statement%2CAustralia%2Chuman%20rights%20abuses%2Csame-sex%20relationships%2Ccontroversial%20same-sex%20relationship%2CAndrew%20Redmayne%2CGroup%20D%20SA%26pltype%3Dother%26ph%3D0%26pw%3D0%26plo%3D1%26source%3DAFP_Videography%26muted%3Dyes%26pos%3D1%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26id%3Dd83d3e3b-5609-11ed-bac8-0af16f05f78d%26grm_vv%3D40%2C50%2C60%2C70%26vw_vv%3D40%2C50%2C60%2C70%2C80%26nk%3D4266bc4de45aa575d451af048646f817%26sec1%3Dsport%26sec2%3Dfootball%26siteview%3D1%26pagetype%3Dvideo%2Ccomments%2Cstory%2Cmc_widget%26aid%3D06ae81845d541688c402efd2ac9e7805%26pid%3Dnone%26tts%3Dn%26ttm%3Dn%26us%3Db%26s%3D0%26adl%3Dfalse%26sno%3D0%26snol%3D&url=https%3A%2F%2Fintegralads.com&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fintegralads.com&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F106.0.5249.119%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=1&lip=true&min_ad_duration=0&max_ad_duration=60000&vrid=2231&sid=DAD81463-BEB9-4477-A58C-24843B2A812C&adk=1637021430&correlator=174778470731127&ctv=0&dlt=1666883577658&dt=1666883585844&ged=ve4_td8_tt6_pd8_la8000_er805.176.1320.1092_vi0.0.1200.1600_vp77_ts1_eb23147&idt=2827&is_amp=0&loc=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&omid_p=Google1%2Fh.3.541.0&osd=2&ptt=20&ref=https%3A%2F%2Fcontent.isentia.io%2F&scor=3470133702433304&sdk_apis=2%2C7%2C8&top=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vis=1&u_so=l&eid=44733378%2C44748969%2C44765701%2C44768716&hl=en&frm=0&cmsid=5591&media_url=blob%3Ahttps%253a%2F%2Fwww.heraldsun.com.au%2F8ebbfef9-8584-429d-9eb7-a271e8767794&mpt=brightcove%2Fplayer-ht&mpv=3.6.0&sdki=445&sdkv=h.3.541.0&sdr=1&video_doc_id=6313008703112&vpa=click&vpmute=1&nel=0&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&kfa=0&tfcd=0&a3p=EhkKDGxpdmVyYW1wLmNvbRIAGJ7_g9DBMEgA&cookie=ID%3Da3e9de5b583b958b%3AT%3D1666883583%3AS%3DALNI_MaDhZfYBx3HJGqISRR68FvAJdJl4A&gpic=UID%3D00000b78cd9d50ad%3AT%3D1666883583%3ART%3D1666883583%3AS%3DALNI_Mbpb-jkguD3FOPBrIEKwxZt-BbZJg
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.541.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
cb91c8d19add9d665b3bb231e19a4113f5f0218cfd4b53d3ecb0a97122343483
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3822
x-xss-protection
0
google-lineitem-id
5249645958
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138298193489
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=25c7bc1f-c813-f3c3-d390-279fa584c77a&tv=%7Bc:sg11N1,pingTime:-10,time:1026,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA2LjAuNTI0OS4xMTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1666883585882%7C%7C621d750660e1e81ffc5e7233e0ed8b26%7C%7C11b89db74b56b4ba918674d36e95a672%7C%7C02fe521238d5a9dd9b09c964af83b670%7C%7C890c07a3780bacdf5430752e49dcffa8%7C%7C1aabc3bf68f72f279b743345ab348fcd%7C%7C1d09b74a00aeb5ba6cca5f53971fcc18%7C%7Ce9487135ad4528f10484083e2cbb3fb8%7C%7C1663701684,env:%7Bar:self.0%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:05 GMT
server
nginx
x-server-name
dt06.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=16f886c2-e3c9-5e6c-a8dc-38e2c2195686&tv=%7Bc:sg11NQ,time:1074,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1074,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:599,wc:0.0.1600.1200,ac:1274.959.1.1,am:i,cc:1274.959.1.1,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B483~100%5D,as:%5B483~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:342,fm:tltDEiE+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m.10507%7C1m1%7C1n1%7C1n2%7C1o*.10507%7C1o1%7C1p.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s.10507%7C1s1%7C1t%7C1u%7C1v,idMap:1o*,rmeas:1,rend:1,renddet:IMG.qs,siq:599,sis:831%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:06 GMT
server
nginx
x-server-name
dt16.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b69d6115-d715-966a-6ca0-742a76fed2a1&tv=%7Bc:sg11NV,time:708,type:e,env:%7Bar:self.0%7D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:709,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:331,wc:0.0.1600.1200,ac:1124.794.300.90,am:i,cc:1124.794.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B390~100%5D,as:%5B390~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:200,fm:tltDEoD+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1o2%7C1p.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s*.10507%7C1s1%7C1t%7C1u,idMap:1s*,rmeas:1,rend:1,renddet:IMG.qs,siq:331,sis:520%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:06 GMT
server
nginx
x-server-name
dt19.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=e2fb49ea-e6ae-df74-7934-5bc3272a49b2&tv=%7Bc:sg11NZ,time:618,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:618,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:276,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B351~0%5D,as:%5B351~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tltDEoD+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m*.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1o2%7C1p.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s.10507%7C1s1%7C1s2%7C1t%7C1u,idMap:1m*,rmeas:1,rend:0,renddet:IMG.us,siq:277,sis:436%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:06 GMT
server
nginx
x-server-name
dt20.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=754b79d0-ce9b-ee54-da9b-33b338b8dba2&tv=%7Bc:sg11O0,time:617,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:617,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:294,wc:0.0.1600.1200,ac:1274.3878.1.1,am:i,cc:1274.3878.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B331~0%5D,as:%5B331~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tltDEoD+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m.10507%7C1m1%7C1m2%7C1n1%7C1n2%7C1o1%7C1o2%7C1p*.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s.10507%7C1s1%7C1s2%7C1t%7C1u,idMap:1p*,rmeas:1,rend:0,renddet:IMG.us,siq:294,sis:442%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:06 GMT
server
nginx
x-server-name
dt21.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=3522688d-97ec-996e-67fc-3bedfbb87cbc&tv=%7Bc:sg11O0,time:571,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:571,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:284,wc:0.0.1600.1200,ac:0.6881.10.10,am:i,cc:0.6881.10.10,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B297~0%5D,as:%5B297~10.10%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tltDEq9+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m.10507%7C1m1%7C1m2%7C1n1%7C1n2%7C1o1%7C1o2%7C1p.10507%7C1p1%7C1p2%7C1q*.10507%7C1q1%7C1r.10507%7C1r1%7C1s1%7C1s2%7C1t%7C1u,idMap:1q*,rmeas:1,rend:1,renddet:A.qs.tn,siq:285,sis:406%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:06 GMT
server
nginx
x-server-name
dt22.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=9ba9948d-fbfa-5819-416d-30d9231f2636&tv=%7Bc:sg11O1,time:570,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:570,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:300,wc:0.0.1600.1200,ac:387.3182.1.1,am:i,cc:387.3182.1.1,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B278~0%5D,as:%5B278~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tltDEq9+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m.10507%7C1m1%7C1m2%7C1n1%7C1n2%7C1o1%7C1o2%7C1p.10507%7C1p1%7C1p2%7C1q.10507%7C1q1%7C1q2%7C1r*.10507%7C1r1%7C1s1%7C1s2%7C1t%7C1u,idMap:1r*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:300,sis:422%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:06 GMT
server
nginx
x-server-name
dt23.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=754b79d0-ce9b-ee54-da9b-33b338b8dba2&tv=%7Bc:sg11OI,pingTime:-10,time:661,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA2LjAuNTI0OS4xMTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1666883585882%7C%7C621d750660e1e81ffc5e7233e0ed8b26%7C%7C11b89db74b56b4ba918674d36e95a672%7C%7C02fe521238d5a9dd9b09c964af83b670%7C%7C890c07a3780bacdf5430752e49dcffa8%7C%7C1aabc3bf68f72f279b743345ab348fcd%7C%7C1d09b74a00aeb5ba6cca5f53971fcc18%7C%7Ce9487135ad4528f10484083e2cbb3fb8%7C%7C1663701684,sca:%7Bspg:25c7bc1f-c813-f3c3-d390-279fa584c77a%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:06 GMT
server
nginx
x-server-name
dt08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
csi
csi.gstatic.com/ Frame F416 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l9r7g27y&c=5146495086163&slotId=2573247543081.5&qqid=CP-ImaDZgPsCFRa3dwodZ5oGLg&gqid=AaBaY_GBO8Wd3gOS3IKgDw&fb=ima_html5-lima&sdkv=h.3.541.0&ppt=brightcove%2Fplayer-ht&ppv=3.6.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vast_v=4.0&vmfc=4&vhc=0&ghmsh_eids=44733378%2C44748969%2C44765701%2C44768716
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.541.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:06 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F416 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsspzfuW9NfIbTo8JRAyT5lPKTwkElpqthnx8NvJY1G7Dio-SUU1kQhdXyCro1C8zEEPSwlbDRC5CIYB6gxpJG0vc6cSZYI59vvcX1_DDNC3DAgZZ4a2vg18f2sDCCVELIPEgZnqmyS9JaLOmW0OUfbv0EJ7Yc3Kqq-oV30Nb6h3ekdFWXpnYFO1i-dZcB9rbuotalJzxqvuwIXG-VzeOVgUPy4En7ZYfYwVOorVq83gi53asuRbLn2YEnrWJ6mTd2dh18EvLsy-2-HbMUOMCpXPs8eS96vWx7gQNzvv71BMHsa_saVYU4ZlgpspWE_Pjligut6ymOwxGhE&sai=AMfl-YRJxNZBobvbgOeECGJ3VS0b_J74Zk4AE3yu1uilg8Bp339aXrSd7CaF9HzNY4m2Yj9voZmyqaBv7jXMyC-fpwLujc4A7x54CRmVoVhTyLYyHq3eFHI5m05OEqGxP9PNUQ&sig=Cg0ArKJSzLKN1S8Z4XcBEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&sdkv=h.3.541.0&vci=CmQIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjUyNDk2NDU5NTgyDDEzODI5ODE5MzQ4OUC5AVIhCGIQDyUAAIA_KAE6DDEzODI5ODE5MzQ4OUIER0RGUFAAGAE.&adurl=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
jsvid
pixel.adsafeprotected.com/ 		238 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jsvid?videoId=ea0ca42dc1ff6307fe10771d64b6425b&anId=928981&campId=916x515&chanId=/5129/ndm.hwt/sport/football&placementId=5249645958&pubCreative=138298193489
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/vans-adapter-google-ima.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.167.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-167-95.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
daf748aa78bb4d092b39fe186fb5d71df23051b0a2c80e531e99c2b6fcd96fb0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:06 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
tracker
metrics.brightcove.com/v2/ 		35 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=5e4db17f73ec5d5431bc1c38&account=5348771529001&destination=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&platform_version=6.63.5&player=players.brightcove.com%2F5348771529001%2F938M1Zecs_default&player_name=%5BPROD%5D%20-%20v6.63&source=https%3A%2F%2Fcontent.isentia.io%2F&event=ad_start&video=6313008703112&video_name=Qatar%20World%20Cup%202022&video_duration=109&media_url=https%3A%2F%2Fmanifest.prod.boltdns.net%2Fmanifest%2Fv1%2Fhls%2Fv4%2Fclear%2F5348771529001%2F6ba274fa-fdf1-44ad-b7cd-df5a23811950%2F10s%2Fmaster.m3u8%3Ffastly_token%3DNjM3ZThmYmRfMzA2NjU5NGJiNjJmNDhmNWJjNTIwNDBlZTY3OTc3ZDFiZmI2ZGZhMjlhY2Q5OThjZTJjM2UyNDVjNGM3ZjQ0NA%253D%253D&time=1666883586064&seq=6_0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
cache-control
must-revalidate,no-cache,no-store
via
1.1 google
date
Thu, 27 Oct 2022 15:13:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
csi
csi.gstatic.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~l9r7g1x7&c=5146495086163&slotId=2573247543081.5&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:06 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
file.mp4
r2---sn-4g5ednsz.gvt1.com/videoplayback/id/79243673d2a75171/itag/18/source/gfp_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1666905186/sparams/acao,ctier,ex...
Redirect Chain
  • https://redirector.gvt1.com/videoplayback/id/79243673d2a75171/itag/18/source/gfp_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1666905186/sparams/ip,ipbits,e...
  • https://r2---sn-4g5ednsz.gvt1.com/videoplayback/id/79243673d2a75171/itag/18/source/gfp_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1666905186/sparams/acao,...
15 KB
15 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://r2---sn-4g5ednsz.gvt1.com/videoplayback/id/79243673d2a75171/itag/18/source/gfp_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1666905186/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/0686CC0BA9BFD04555C05BC11DD2280583B09A91.262F3F01B9CE674A1AE8F1577918BF8B62E9EBFC/key/cms1/cms_redirect/yes/mh/Bl/mip/2001:1b60:1010:2:1011:fbc1:ce7e:9f47/mm/28/mn/sn-4g5ednsz/ms/nvh/mt/1666882855/mv/u/mvi/2/pl/36/file/file.mp4
Protocol
H3
Server
2a00:1450:4001:6c::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
275f5949b25822667e45802442749d2577795339deb1dab9e5b4fc0b4bb283bf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

client-protocol
quic
date
Thu, 27 Oct 2022 15:13:06 GMT
x-content-type-options
nosniff
last-modified
Wed, 18 Dec 2019 00:56:16 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
Content-Range
bytes 0-15003/15004
cache-control
private, max-age=21300
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
15004
expires
Thu, 27 Oct 2022 15:13:06 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:06 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r2---sn-4g5ednsz.gvt1.com/videoplayback/id/79243673d2a75171/itag/18/source/gfp_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1666905186/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/0686CC0BA9BFD04555C05BC11DD2280583B09A91.262F3F01B9CE674A1AE8F1577918BF8B62E9EBFC/key/cms1/cms_redirect/yes/mh/Bl/mip/2001:1b60:1010:2:1011:fbc1:ce7e:9f47/mm/28/mn/sn-4g5ednsz/ms/nvh/mt/1666882855/mv/u/mvi/2/pl/36/file/file.mp4
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
711
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=3522688d-97ec-996e-67fc-3bedfbb87cbc&tv=%7Bc:sg11QU,pingTime:-10,time:751,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA2LjAuNTI0OS4xMTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1666883585882%7C%7C621d750660e1e81ffc5e7233e0ed8b26%7C%7C11b89db74b56b4ba918674d36e95a672%7C%7C02fe521238d5a9dd9b09c964af83b670%7C%7C890c07a3780bacdf5430752e49dcffa8%7C%7C1aabc3bf68f72f279b743345ab348fcd%7C%7C1d09b74a00aeb5ba6cca5f53971fcc18%7C%7Ce9487135ad4528f10484083e2cbb3fb8%7C%7C1663701684,sca:%7Bspg:25c7bc1f-c813-f3c3-d390-279fa584c77a%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:06 GMT
server
nginx
x-server-name
dt11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sca.17.6.2.js
static.adsafeprotected.com/ Frame EEDD 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805?btr=23e3f2c389fc12ce08c4a6d59e7c39dd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
3109010
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
cJd4Tu5nKu_31KfpTxWKfALaTIey8lXU4N-KifoABMpuyVRUKsbzRQ==
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928981&asId=3a078cf4-cebb-b2c8-d1f6-b1d4de8a0b3c&tv=%7Bc:sg11RP,pingTime:-8,time:25,type:l,vv:3.6.0,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:25,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:176.805.916.515,am:v,cc:176.805.916.515,piv:77,obst:0,th:0,reas:v,bkn:%7Bpiv:%5B19~75%5D,as:%5B19~916.515%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jsvid,dtt:0,fm:tltDEDy+1*.928981%7C11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1m2%7C1n1%7C1n2%7C1o1%7C1o2%7C1p1%7C1p2%7C1q1%7C1q2%7C1r1%7C1r2%7C1s1%7C1s2%7C1t%7C1u,idMap:1*,rmeas:1,rend:1,renddet:env,siq:24%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:06 GMT
server
nginx
x-server-name
dt22.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928981&asId=3a078cf4-cebb-b2c8-d1f6-b1d4de8a0b3c&tv=%7Bc:sg11SZ,pingTime:-2,time:97,type:a,im:%7BpBlk:49,sf:0,pom:1,prf:%7BbeA:16991,beZ:16993,mfA:16994,cmA:16995,inA:16996,inZ:17002,prA:17002,prZ:17009,si:17015,poA:17017,bl:17040,poZ:17040,cmZ:17040,mfZ:17040,loA:17053,loZ:17055,ltA:17088,ltZ:17088%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:77,vs:o,r:v,w:916,h:515,t:23%7D%5D,ve:%7BvEventCount:1,vEvents:%5B%7Bt:-94,tp:adLoaded,sl:o,volume:0,ad_duration:1,height:0,width:0%7D%5D%7D,vv:3.6.0,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:97,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:176.805.916.515,am:v,cc:176.805.916.515,piv:77,obst:0,th:0,reas:v,bkn:%7Bpiv:%5B91~75%5D,as:%5B91~916.515%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jsvid,dtt:0,fm:tltDEiB+1*.928981%7C11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m.10507%7C1m1%7C1m2%7C1n.10507%7C1n1%7C1n2%7C1o.10507%7C1o1%7C1o2%7C1p.10507%7C1p1%7C1p2%7C1q.10507%7C1q1%7C1q2%7C1r.10507%7C1r1%7C1r2%7C1s.10507%7C1s1%7C1s2%7C1t%7C1u,idMap:1*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:env,siq:24,slid:%5Bprimary-media,story%5D,sinceFw:70,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:06 GMT
server
nginx
x-server-name
dt08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805&u=5LINFCrnAmMrNRWh&d=heraldsun.com.au&g=36976&g0=sport%2Cfootball%2Cvideo%2Ccomments%2Cstory%2Cmc_widget%2Cpc.ct.restricted&g1=Joe%20Barton&n=1&f=00001&c=0.11&x=0&m=0&y=7630&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=4&r=https%3A%2F%2Fcontent.isentia.io%2F&b=10319&t=ByhM-2D2VRkKBkcxbdB8B8RMoaLs4&V=136&tz=0&_acct=anon&_vi=Qatar%20World%20Cup%202022&_vp=6313008703112&_vdd=video%40heraldsun.com.au&_vs=s3&_vt=ct&_vap=&_vtn=https%3A%2F%2Fcf-images.ap-southeast-2.prod.boltdns.net%2Fv1%2Fstatic%2F5348771529001%2F6ba274fa-fdf1-44ad-b7cd-df5a23811950%2F803fe2ee-489f-4d4e-ab94-82cfe978c0b3%2F152x85%2Fmatch%2Fimage.jpg&_vd=0&sn=3&sv=QGWasB1RixZBl84vYOP84pClHEvS&sr=https%3A%2F%2Fcontent.isentia.io%2F&sd=1&im=065b0ed2&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.198.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-198-241.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 27 Oct 2022 15:13:06 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928981&asId=3a078cf4-cebb-b2c8-d1f6-b1d4de8a0b3c&tv=%7Bc:sg11Ve,time:236,type:e,im:%7BpWait:11%7D,vv:3.6.0,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:236,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:176.805.916.515,am:v,cc:176.805.916.515,piv:77,obst:0,th:0,reas:v,bkn:%7Bpiv:%5B230~75%5D,as:%5B230~916.515%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jsvid,dtt:199,fm:tltDEiB+1*.928981%7C11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m.10507%7C1m1%7C1m2%7C1n.10507%7C1n1%7C1n2%7C1o.10507%7C1o1%7C1o2%7C1p.10507%7C1p1%7C1p2%7C1q.10507%7C1q1%7C1q2%7C1r.10507%7C1r1%7C1r2%7C1s.10507%7C1s1%7C1s2%7C1t%7C1u,idMap:1*,rmeas:1,rend:1,renddet:env,siq:24%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:06 GMT
server
nginx
x-server-name
dt22.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=16f886c2-e3c9-5e6c-a8dc-38e2c2195686&tv=%7Bc:sg11Xm,pingTime:1,time:1664,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:1,h:1,t:599%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1664,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:599,wc:0.0.1600.1200,ac:1274.959.1.1,am:i,cc:1274.959.1.1,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1073~100%5D,as:%5B1073~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:162,fm:tltDEiE+1.928981%7C11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m.10507%7C1m1%7C1n1%7C1n2%7C1o*.10507%7C1o1%7C1p.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s.10507%7C1s1%7C1t%7C1u%7C1v,idMap:1o*,rmeas:1,rend:1,renddet:IMG.qs,siq:599,sis:831%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:06 GMT
server
nginx
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=16f886c2-e3c9-5e6c-a8dc-38e2c2195686&tv=%7Bc:sg11Xn,pingTime:1,time:1665,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:1,h:1,t:599%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1665,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:599,wc:0.0.1600.1200,ac:1274.959.1.1,am:i,cc:1274.959.1.1,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1074~100%5D,as:%5B1074~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:162,fm:tltDEiE+1.928981%7C11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m.10507%7C1m1%7C1n1%7C1n2%7C1o*.10507%7C1o1%7C1p.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s.10507%7C1s1%7C1t%7C1u%7C1v,idMap:1o*,rmeas:1,rend:1,renddet:IMG.qs,siq:599,sis:831%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:06 GMT
server
nginx
x-server-name
dt16.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=16f886c2-e3c9-5e6c-a8dc-38e2c2195686&tv=%7Bc:sg11Xn,pingTime:1,time:1665,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:1,h:1,t:599%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1665,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:599,wc:0.0.1600.1200,ac:1274.959.1.1,am:i,cc:1274.959.1.1,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1074~100%5D,as:%5B1074~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:162,fm:tltDEiE+1.928981%7C11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m.10507%7C1m1%7C1n1%7C1n2%7C1o*.10507%7C1o1%7C1p.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s.10507%7C1s1%7C1t%7C1u%7C1v,idMap:1o*,rmeas:1,rend:1,renddet:IMG.qs,siq:599,sis:831,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:06 GMT
server
nginx
x-server-name
dt18.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=16f886c2-e3c9-5e6c-a8dc-38e2c2195686&tv=%7Bc:sg11Xn,pingTime:1,time:1666,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:1,h:1,t:599%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1666,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:599,wc:0.0.1600.1200,ac:1274.959.1.1,am:i,cc:1274.959.1.1,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1075~100%5D,as:%5B1075~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:162,fm:tltDEiE+1.928981%7C11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m.10507%7C1m1%7C1n1%7C1n2%7C1o*.10507%7C1o1%7C1p.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s.10507%7C1s1%7C1t%7C1u%7C1v,idMap:1o*,rmeas:1,rend:1,renddet:IMG.qs,siq:599,sis:831,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:06 GMT
server
nginx
x-server-name
dt19.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
/
pubads.g.doubleclick.net/pagead/interaction/ Frame F416 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BquPmAaBaY7-EPJbu3gPntJrwAsqO1tBFAAAAEAEg35irHzgBWNHs25mDBGCVgoCAsAeyAQ9pbnRlZ3JhbGFkcy5jb226AQo0NTB4NTBfeG1syAEF2gEYaHR0cHM6Ly9pbnRlZ3JhbGFkcy5jb20vqQLI8rOkLaWlPsACAuACAOoCHC81MTI5L25kbS5od3Qvc3BvcnQvZm9vdGJhbGz4AoXSHoADAZADyAaYA-QKqAMB4AQB0gUGEIb7nMcTkAYBoAYjqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwHgBwHSCBEIgOGAEBABGB0yAqoCOgKAQNgIAoAKBZgLAdAVAfgWAYAXAQ&sigh=m8vPGI93oKk&label=video_ad_loaded&sdkv=h.3.541.0&vci=CmQIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjUyNDk2NDU5NTgyDDEzODI5ODE5MzQ4OUC5AVIhCGIQDyUAAIA_KAE6DDEzODI5ODE5MzQ4OUIER0RGUFAAGAE.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=9ba9948d-fbfa-5819-416d-30d9231f2636&tv=%7Bc:sg11XN,pingTime:-10,time:1176,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA2LjAuNTI0OS4xMTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1666883585882%7C%7C621d750660e1e81ffc5e7233e0ed8b26%7C%7C11b89db74b56b4ba918674d36e95a672%7C%7C02fe521238d5a9dd9b09c964af83b670%7C%7C890c07a3780bacdf5430752e49dcffa8%7C%7C1aabc3bf68f72f279b743345ab348fcd%7C%7C1d09b74a00aeb5ba6cca5f53971fcc18%7C%7Ce9487135ad4528f10484083e2cbb3fb8%7C%7C1663701684,sca:%7Bspg:25c7bc1f-c813-f3c3-d390-279fa584c77a%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:06 GMT
server
nginx
x-server-name
dt23.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
view
securepubads.g.doubleclick.net/pcs/ Frame F416 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuJ68a0lS5A4RCSPjMtWYVoVBEeGHzoVdfo2QmIrH-o2iOaJIAGZZ3dry26dpNDIHWzeFREis8Y9jYYrXsY1wBbY15a_iqfBaqzJlmSzf3kxod__Ps87P0rvgI5Bjz2SuKulMhk5D9Zq3jA-R2XExYEb1sfynDFFKBnqddhm2VyZiveUscZkA8QTqenhtMGTBLZv-nNGu8m4wSWdSji2Lr3BSk5LR7KTpptIjMOxEReuQsHxiytzdoTHylUfSBdMN0kOH5JrBGytk_wFlJsc7iyN7EWKsswh0AeGEzaNIjIteDZsGMRtgyKerZSdggR0v6tqQgD0OC6&sai=AMfl-YRdoq8TWrxFaTckHT01bcPF5O1c7yd5ObLJyOWVkYIVXdIcBrEv574-1UxRRVbmTD9-_r7CE-n2EA7P3r2of0RV6fH0GwxOK2VRYxfn6WFCybcUKiMmRkruCyhUYYDsMw&sig=Cg0ArKJSzNvEgDz8vso-EAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&sdkv=h.3.541.0&adurl=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
/
pubads.g.doubleclick.net/pagead/interaction/ Frame F416 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BquPmAaBaY7-EPJbu3gPntJrwAsqO1tBFAAAAEAEg35irHzgBWNHs25mDBGCVgoCAsAeyAQ9pbnRlZ3JhbGFkcy5jb226AQo0NTB4NTBfeG1syAEF2gEYaHR0cHM6Ly9pbnRlZ3JhbGFkcy5jb20vqQLI8rOkLaWlPsACAuACAOoCHC81MTI5L25kbS5od3Qvc3BvcnQvZm9vdGJhbGz4AoXSHoADAZADyAaYA-QKqAMB4AQB0gUGEIb7nMcTkAYBoAYjqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwHgBwHSCBEIgOGAEBABGB0yAqoCOgKAQNgIAoAKBZgLAdAVAfgWAYAXAQ&sigh=m8vPGI93oKk&label=vast_creativeview&ad_mt=0&acvw=sv%3D940%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D805,176,1320,1092%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D1068%26vmtime%3D-1%26is%3D275%26cs%3D274%26c%3D0.76%26mc%3D0.76%26nc%3D0.76%26mv%3D0%26nv%3D0%26lte%3D0.76%26ces%26femt%3D5604%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D0,3,0,0,0%26avms%3Dexc%26qi%3D884652952%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D0%26psa%3D0%26pnmm%3D1666883580092%26ptlt%3D1666883586555%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.18%26t%3D1666883586049&sdkv=h.3.541.0&vci=CmcIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjUyNDk2NDU5NTgyDDEzODI5ODE5MzQ4OUC5AVIkCGIQDyUAAIA_KAE6DDEzODI5ODE5MzQ4OUIER0RGUEj2A1AAGAE.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame F416 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BquPmAaBaY7-EPJbu3gPntJrwAsqO1tBFAAAAEAEg35irHzgBWNHs25mDBGCVgoCAsAeyAQ9pbnRlZ3JhbGFkcy5jb226AQo0NTB4NTBfeG1syAEF2gEYaHR0cHM6Ly9pbnRlZ3JhbGFkcy5jb20vqQLI8rOkLaWlPsACAuACAOoCHC81MTI5L25kbS5od3Qvc3BvcnQvZm9vdGJhbGz4AoXSHoADAZADyAaYA-QKqAMB4AQB0gUGEIb7nMcTkAYBoAYjqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwHgBwHSCBEIgOGAEBABGB0yAqoCOgKAQNgIAoAKBZgLAdAVAfgWAYAXAQ&sigh=m8vPGI93oKk&label=videoclickedtoplay&ad_mt=0&acvw=sv%3D940%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D805,176,1320,1092%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D1068%26vmtime%3D-1%26is%3D275%26cs%3D274%26c%3D0.76%26mc%3D0.76%26nc%3D0.76%26mv%3D0%26nv%3D0%26lte%3D0.76%26ces%26femt%3D5604%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D0,3,0,0,0%26avms%3Dexc%26qi%3D884652952%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D0%26psa%3D0%26pnmm%3D1666883580092%26ptlt%3D1666883586555%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.18%26t%3D1666883586049&sdkv=h.3.541.0&vci=CmcIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjUyNDk2NDU5NTgyDDEzODI5ODE5MzQ4OUC5AVIkCGIQDyUAAIA_KAE6DDEzODI5ODE5MzQ4OUIER0RGUEj2A1AAGAE.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F416 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssX1bA29t3ODewQRO510gy-CqAL-bfag0jALVRpVQC0ZSUJ6g-9rLmXVlvEopQlkbV3XQbZ2D11RFdAdrwnW7wRiU_Io2p7W9TDGeb83ZFbYVMc5zM3&sig=Cg0ArKJSzAxbnUH4mdw0EAE&id=lidarv&acvw=sv%3D940%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D805,176,1320,1092%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D1068%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D0.76%26mc%3D0.76%26nc%3D0.76%26mv%3D0%26nv%3D0%26lte%3D0.76%26ces%26femt%3D5604%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D0,3,0,0,0%26avms%3Dexc%26qi%3D884652952%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D0%26psa%3D0%26pnmm%3D1666883580092%26ptlt%3D1666883586557%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.18%26t%3D1666883586049&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame F416 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BquPmAaBaY7-EPJbu3gPntJrwAsqO1tBFAAAAEAEg35irHzgBWNHs25mDBGCVgoCAsAeyAQ9pbnRlZ3JhbGFkcy5jb226AQo0NTB4NTBfeG1syAEF2gEYaHR0cHM6Ly9pbnRlZ3JhbGFkcy5jb20vqQLI8rOkLaWlPsACAuACAOoCHC81MTI5L25kbS5od3Qvc3BvcnQvZm9vdGJhbGz4AoXSHoADAZADyAaYA-QKqAMB4AQB0gUGEIb7nMcTkAYBoAYjqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwHgBwHSCBEIgOGAEBABGB0yAqoCOgKAQNgIAoAKBZgLAdAVAfgWAYAXAQ&sigh=m8vPGI93oKk&label=part2viewed&ad_mt=0&acvw=sv%3D940%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D805,176,1320,1092%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D1068%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D0.76%26mc%3D0.76%26nc%3D0.76%26mv%3D0%26nv%3D0%26lte%3D0.76%26ces%26femt%3D5604%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D0,3,0,0,0%26avms%3Dexc%26qi%3D884652952%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D0%26psa%3D0%26pnmm%3D1666883580092%26ptlt%3D1666883586559%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.18%26t%3D1666883586049&sdkv=h.3.541.0&vci=CmcIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjUyNDk2NDU5NTgyDDEzODI5ODE5MzQ4OUC5AVIkCGIQDyUAAIA_KAE6DDEzODI5ODE5MzQ4OUIER0RGUEj2A1AAGAE.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame F416 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BquPmAaBaY7-EPJbu3gPntJrwAsqO1tBFAAAAEAEg35irHzgBWNHs25mDBGCVgoCAsAeyAQ9pbnRlZ3JhbGFkcy5jb226AQo0NTB4NTBfeG1syAEF2gEYaHR0cHM6Ly9pbnRlZ3JhbGFkcy5jb20vqQLI8rOkLaWlPsACAuACAOoCHC81MTI5L25kbS5od3Qvc3BvcnQvZm9vdGJhbGz4AoXSHoADAZADyAaYA-QKqAMB4AQB0gUGEIb7nMcTkAYBoAYjqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwHgBwHSCBEIgOGAEBABGB0yAqoCOgKAQNgIAoAKBZgLAdAVAfgWAYAXAQ&sigh=m8vPGI93oKk&label=admute&ad_mt=0&acvw=sv%3D940%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D805,176,1320,1092%26tos%3D0,11,0,0,0%26mtos%3D0,11,11,11,11%26amtos%3D0,0,0,0,0%26mcvt%3D11%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D11%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D11%26pst%3D-1%26dur%3D1068%26vmtime%3D-1%26dvs%3D11%26dfvs%3D0%26dvpt%3D11%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D0.76%26mc%3D0.76%26nc%3D0.76%26mv%3D0%26nv%3D0%26lte%3D0.76%26ces%26femt%3D5604%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D0,3,0,0,0%26avms%3Dexc%26qi%3D884652952%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D0%26psa%3D0%26pnmm%3D1666883580092%26ptlt%3D1666883586561%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,11,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.18%26t%3D1666883586049&sdkv=h.3.541.0&vci=CmcIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjUyNDk2NDU5NTgyDDEzODI5ODE5MzQ4OUC5AVIkCGIQDyUAAIA_KAE6DDEzODI5ODE5MzQ4OUIER0RGUEj2A1AAGAE.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?videoId=ea0ca42dc1ff6307fe10771d64b6425b&anId=928981&campId=916x515&chanId=/5129/ndm.hwt/sport/football&placementId=5249645958&pubCreative=138298193489&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:3a078cf4-cebb-b2c8-d1f6-b1d4de8a0b3c,c:sg11RN,sl:outOfView,em:false,fr:true,thd:1,mn:jsserver-primary-79666768cd-dmnhz,rg:ie,pt:2-5-15,wc:0.0.1600.1200,ac:176.805.916.515,am:v,cc:176.805.916.515,piv:77,obst:0,th:0,reas:v,mu:10000,br:c,bru:c,an:n,oam:0,vc:jv3,scm:publ2.grpm2.vidqua_4_so_2,mtim:3,mot:0,app:0,maw:0,fm:tltDEDy+1*.928981%7C11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1m2%7C1n1%7C1n2%7C1o1%7C1o2%7C1p1%7C1p2%7C1q1%7C1q2%7C1r1%7C1r2%7C1s1%7C1s2%7C1t%7C1u,idMap:1*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:env,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:jsvid,et:24,oid:dbd4208c-5609-11ed-bbf3-724aa679c50d,v:19.8.359,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0,x_vv:3.6.0,x_vanstag:cm,x_xcamp:916x515,x_xplac:5249645958,x_xpc:ima
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.167.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-167-95.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:06 GMT
server
nginx
x-server-name
app15.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
s11809410738356
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.4/ 		43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.4/s11809410738356?AQB=1&ndh=1&pf=1&t=27%2F9%2F2022%2015%3A13%3A6%204%200&cid.&newsnkidcookie.&id=4266bc4de45aa575d451af048646f817&as=1&.newsnkidcookie&.cid&vid=4266bc4de45aa575d451af048646f817&mid=44663009312486261422608925643828939322&aamlh=6&ce=UTF-8&ns=newscorpau&cdp=3&pageName=hs%7Csport%7Cmc_widget%7Csocceroos%E2%80%99%20world-first%20world%20cup%20protest&g=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&cc=AUD&events=event8&v1=news%20corp%20au&v2=herald%20sun&v3=herald%20sun%20web&v4=sport&v5=football&v9=video%2Bcomments%2Bstory%2Bmc_widget&v10=D%3DpageName&v11=D%3Dvid&v12=not%20set&v14=anonymous&v15=restricted&v16=06ae81845d541688c402efd2ac9e7805&v17=socceroos%E2%80%99%20world-first%20world%20cup%20protest&v18=joe%20barton&v19=news%20corp%20australia%20sports%20newsroom&v20=2022-10-27%2007%3A36%3A00&v22=2%3A13%20AM%7CFriday&v24=New&v34=D%3Dg&v77=D%3Dmid&v145=0&pe=lnk_o&pev2=event&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&lrt=248&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 28 Oct 2022 15:13:07 GMT
server
jag
etag
3579605247716360192-4619645706981403456
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
43
x-xss-protection
1; mode=block
expires
Wed, 26 Oct 2022 15:13:07 GMT
e60430629ad7695bf6043df4cbd99475
content.api.news/v3/images/bin/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/e60430629ad7695bf6043df4cbd99475
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-28.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
3e85783fbaed2334ed570946c818df54dca935576304ac2beb6a0a7bce6e10c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:07 GMT
last-modified
Wed, 26 Oct 2022 20:10:43 GMT
server
Akamai Image Manager
etag
6bbb469281b53f67bf8b2336337af555-e60430629ad7695bf6043df4cbd99475-0
edge-cache-tag
e60430629ad7695bf6043df4cbd99475
content-type
image/webp
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5115350
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
4514
expires
Sun, 25 Dec 2022 20:08:57 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=16f886c2-e3c9-5e6c-a8dc-38e2c2195686&tv=%7Bc:sg11Yt,pingTime:-10,time:1733,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA2LjAuNTI0OS4xMTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1666883585882%7C%7C621d750660e1e81ffc5e7233e0ed8b26%7C%7C11b89db74b56b4ba918674d36e95a672%7C%7C02fe521238d5a9dd9b09c964af83b670%7C%7C890c07a3780bacdf5430752e49dcffa8%7C%7C1aabc3bf68f72f279b743345ab348fcd%7C%7C1d09b74a00aeb5ba6cca5f53971fcc18%7C%7Ce9487135ad4528f10484083e2cbb3fb8%7C%7C1663701684,sca:%7Bspg:25c7bc1f-c813-f3c3-d390-279fa584c77a%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:06 GMT
server
nginx
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b69d6115-d715-966a-6ca0-742a76fed2a1&tv=%7Bc:sg11Zv,pingTime:1,time:1426,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:331%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1426,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:331,wc:0.0.1600.1200,ac:1124.794.300.90,am:i,cc:1124.794.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1107~100%5D,as:%5B1107~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:158,fm:tltDEoD+1.928981%7C11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1o2%7C1p.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s*.10507%7C1s1%7C1t%7C1u,idMap:1s*,rmeas:1,rend:1,renddet:IMG.qs,siq:331,sis:520%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:06 GMT
server
nginx
x-server-name
dt16.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b69d6115-d715-966a-6ca0-742a76fed2a1&tv=%7Bc:sg11Zv,pingTime:1,time:1426,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:331%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1427,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:331,wc:0.0.1600.1200,ac:1124.794.300.90,am:i,cc:1124.794.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1108~100%5D,as:%5B1108~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:158,fm:tltDEoD+1.928981%7C11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1o2%7C1p.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s*.10507%7C1s1%7C1t%7C1u,idMap:1s*,rmeas:1,rend:1,renddet:IMG.qs,siq:331,sis:520%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:06 GMT
server
nginx
x-server-name
dt18.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b69d6115-d715-966a-6ca0-742a76fed2a1&tv=%7Bc:sg11Zw,pingTime:1,time:1427,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:331%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1427,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:331,wc:0.0.1600.1200,ac:1124.794.300.90,am:i,cc:1124.794.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1108~100%5D,as:%5B1108~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:158,fm:tltDEoD+1.928981%7C11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1o2%7C1p.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s*.10507%7C1s1%7C1t%7C1u,idMap:1s*,rmeas:1,rend:1,renddet:IMG.qs,siq:331,sis:520,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:06 GMT
server
nginx
x-server-name
dt19.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b69d6115-d715-966a-6ca0-742a76fed2a1&tv=%7Bc:sg11Zw,pingTime:1,time:1427,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:331%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1427,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:331,wc:0.0.1600.1200,ac:1124.794.300.90,am:i,cc:1124.794.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1108~100%5D,as:%5B1108~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:158,fm:tltDEoD+1.928981%7C11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1o2%7C1p.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s*.10507%7C1s1%7C1t%7C1u,idMap:1s*,rmeas:1,rend:1,renddet:IMG.qs,siq:331,sis:520,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:06 GMT
server
nginx
x-server-name
dt20.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b69d6115-d715-966a-6ca0-742a76fed2a1&tv=%7Bc:sg121U,pingTime:-10,time:1575,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA2LjAuNTI0OS4xMTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1666883585882%7C%7C621d750660e1e81ffc5e7233e0ed8b26%7C%7C11b89db74b56b4ba918674d36e95a672%7C%7C02fe521238d5a9dd9b09c964af83b670%7C%7C890c07a3780bacdf5430752e49dcffa8%7C%7C1aabc3bf68f72f279b743345ab348fcd%7C%7C1d09b74a00aeb5ba6cca5f53971fcc18%7C%7Ce9487135ad4528f10484083e2cbb3fb8%7C%7C1663701684,sca:%7Bspg:25c7bc1f-c813-f3c3-d390-279fa584c77a%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:06 GMT
server
nginx
x-server-name
dt22.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=e2fb49ea-e6ae-df74-7934-5bc3272a49b2&tv=%7Bc:sg122L,pingTime:-10,time:1534,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA2LjAuNTI0OS4xMTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1666883585882%7C%7C621d750660e1e81ffc5e7233e0ed8b26%7C%7C11b89db74b56b4ba918674d36e95a672%7C%7C02fe521238d5a9dd9b09c964af83b670%7C%7C890c07a3780bacdf5430752e49dcffa8%7C%7C1aabc3bf68f72f279b743345ab348fcd%7C%7C1d09b74a00aeb5ba6cca5f53971fcc18%7C%7Ce9487135ad4528f10484083e2cbb3fb8%7C%7C1663701684,sca:%7Bspg:25c7bc1f-c813-f3c3-d390-279fa584c77a%7D,env:%7Bnr_p:1,nr_publ1:1,nr_grpm1:1%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:06 GMT
server
nginx
x-server-name
dt28.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
/
pubads.g.doubleclick.net/pagead/interaction/ Frame F416 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BquPmAaBaY7-EPJbu3gPntJrwAsqO1tBFAAAAEAEg35irHzgBWNHs25mDBGCVgoCAsAeyAQ9pbnRlZ3JhbGFkcy5jb226AQo0NTB4NTBfeG1syAEF2gEYaHR0cHM6Ly9pbnRlZ3JhbGFkcy5jb20vqQLI8rOkLaWlPsACAuACAOoCHC81MTI5L25kbS5od3Qvc3BvcnQvZm9vdGJhbGz4AoXSHoADAZADyAaYA-QKqAMB4AQB0gUGEIb7nMcTkAYBoAYjqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwHgBwHSCBEIgOGAEBABGB0yAqoCOgKAQNgIAoAKBZgLAdAVAfgWAYAXAQ&sigh=m8vPGI93oKk&label=videoplaytime25&ad_mt=476&acvw=sv%3D940%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D805,176,1320,1092%26tos%3D0,508,0,0,0%26mtos%3D0,508,508,508,508%26amtos%3D0,0,0,0,0%26mcvt%3D508%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D508%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D212%26pst%3D413%26dur%3D1068%26vmtime%3D475%26dvs%3D497%26dfvs%3D0%26dvpt%3D497%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D4370%26c%3D0.76%26mc%3D0.76%26nc%3D0.76%26mv%3D0%26nv%3D0%26qmt%3D0,508,508,508,508%26qnc%3D0.76%26qmv%3D0%26qnv%3D0%26lte%3D0.76%26ces%26femt%3D5604%26femvt%3D0%26emc%3D6%26emuc%3D0%26emb%3D0,5,0,0,0%26avms%3Dexc%26qi%3D884652952%26psm%3D-2147483647%26psv%3D-2147483647%26psfv%3D0%26psa%3D0%26pnmm%3D1666883580092%26ptlt%3D1666883587058%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,508,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.18%26t%3D1666883586049&sdkv=h.3.541.0&vci=CmcIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjUyNDk2NDU5NTgyDDEzODI5ODE5MzQ4OUC5AVIkCGIQDyUAAIA_KAE6DDEzODI5ODE5MzQ4OUIER0RGUEj2A1AAGAE.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928981&asId=3a078cf4-cebb-b2c8-d1f6-b1d4de8a0b3c&tv=%7Bc:sg1261,pingTime:-4,time:905,type:m,clog:%5B%7Bpiv:77,vs:o,r:v,w:916,h:515,t:23%7D,%7Bvs:i,r:,t:461%7D%5D,ve:%7BvEventCount:5,vEvents:%5B%7Bt:-94,tp:adLoaded,sl:o,volume:0,ad_duration:1,height:0,width:0%7D,%7Bt:413,tp:adImpression,sl:o,volume:0,ad_duration:1,height:0,width:0,x_vv:3.6.0,x_vanstag:cm,x_xcamp:916x515,x_xplac:5249645958,x_xpc:ima%7D,%7Bt:427,tp:adStarted,sl:o,volume:0,ad_duration:1,height:0,width:0%7D,%7Bt:428,tp:adVideoStart,sl:o,volume:0,ad_duration:1,height:0,width:0%7D,%7Bt:904,tp:adVideoFirstQuartile,sl:i,volume:0,ad_duration:1,height:0,width:0%7D%5D%7D,vv:3.6.0,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:444,o:461,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:176.805.916.515,am:v,cc:176.805.916.515,piv:77,obst:0,th:0,reas:v,bkn:%7Bpiv:%5B455~75%5D,as:%5B455~916.515%5D%7D%7D,%7Bsl:i,t:461,wc:0.0.1600.1200,ac:176.805.916.515,am:v,cc:176.805.916.515,piv:77,obst:0,th:0,reas:,bkn:%7Bpiv:%5B444~75%5D,as:%5B444~916.515%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:jsvid,dtt:171,fm:tltDEiB+1*.928981%7C11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m.10507%7C1m1%7C1m2%7C1n.10507%7C1n1%7C1n2%7C1o.10507%7C1o1%7C1o2%7C1p.10507%7C1p1%7C1p2%7C1q.10507%7C1q1%7C1q2%7C1r.10507%7C1r1%7C1r2%7C1s.10507%7C1s1%7C1s2%7C1t%7C1u,idMap:1*,rmeas:1,rend:1,renddet:env,siq:24%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:07 GMT
server
nginx
x-server-name
dt24.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
/
pubads.g.doubleclick.net/pagead/interaction/ Frame F416 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BquPmAaBaY7-EPJbu3gPntJrwAsqO1tBFAAAAEAEg35irHzgBWNHs25mDBGCVgoCAsAeyAQ9pbnRlZ3JhbGFkcy5jb226AQo0NTB4NTBfeG1syAEF2gEYaHR0cHM6Ly9pbnRlZ3JhbGFkcy5jb20vqQLI8rOkLaWlPsACAuACAOoCHC81MTI5L25kbS5od3Qvc3BvcnQvZm9vdGJhbGz4AoXSHoADAZADyAaYA-QKqAMB4AQB0gUGEIb7nMcTkAYBoAYjqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwHgBwHSCBEIgOGAEBABGB0yAqoCOgKAQNgIAoAKBZgLAdAVAfgWAYAXAQ&sigh=m8vPGI93oKk&label=videoplaytime50&ad_mt=743&acvw=sv%3D940%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D805,176,1320,1092%26tos%3D0,775,0,0,0%26mtos%3D0,775,775,775,775%26amtos%3D0,0,0,0,0%26mcvt%3D775%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D775%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D413%26pst%3D413%26dur%3D1068%26vmtime%3D742%26dvs%3D267%26dfvs%3D0%26dvpt%3D267%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D4882%26c%3D0.76%26mc%3D0.76%26nc%3D0.76%26mv%3D0%26nv%3D0%26qmt%3D0,267,267,267,267%26qnc%3D0.76%26qmv%3D0%26qnv%3D0%26lte%3D0.76%26ces%26femt%3D5604%26femvt%3D0%26emc%3D8%26emuc%3D0%26emb%3D0,7,0,0,0%26avms%3Dexc%26qi%3D884652952%26psm%3D-2147483647%26psv%3D-2147483647%26psfv%3D0%26psa%3D0%26pnmm%3D1666883580092%26ptlt%3D1666883587324%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,775,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.18%26t%3D1666883586049&sdkv=h.3.541.0&vci=CmcIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjUyNDk2NDU5NTgyDDEzODI5ODE5MzQ4OUC5AVIkCGIQDyUAAIA_KAE6DDEzODI5ODE5MzQ4OUIER0RGUEj2A1AAGAE.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928981&asId=3a078cf4-cebb-b2c8-d1f6-b1d4de8a0b3c&tv=%7Bc:sg12am,pingTime:-4,time:1174,type:m,clog:%5B%7Bpiv:77,vs:o,r:v,w:916,h:515,t:23%7D,%7Bvs:i,r:,t:461%7D%5D,ve:%7BvEventCount:6,vEvents:%5B%7Bt:-94,tp:adLoaded,sl:o,volume:0,ad_duration:1,height:0,width:0%7D,%7Bt:413,tp:adImpression,sl:o,volume:0,ad_duration:1,height:0,width:0,x_vv:3.6.0,x_vanstag:cm,x_xcamp:916x515,x_xplac:5249645958,x_xpc:ima%7D,%7Bt:427,tp:adStarted,sl:o,volume:0,ad_duration:1,height:0,width:0%7D,%7Bt:428,tp:adVideoStart,sl:o,volume:0,ad_duration:1,height:0,width:0%7D,%7Bt:904,tp:adVideoFirstQuartile,sl:i,volume:0,ad_duration:1,height:0,width:0%7D,%7Bt:1172,tp:adVideoMidpoint,sl:i,volume:0,ad_duration:1,height:0,width:0%7D%5D%7D,vv:3.6.0,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:713,o:461,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:176.805.916.515,am:v,cc:176.805.916.515,piv:77,obst:0,th:0,reas:v,bkn:%7Bpiv:%5B455~75%5D,as:%5B455~916.515%5D%7D%7D,%7Bsl:i,t:461,wc:0.0.1600.1200,ac:176.805.916.515,am:v,cc:176.805.916.515,piv:77,obst:0,th:0,reas:,bkn:%7Bpiv:%5B713~75%5D,as:%5B713~916.515%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:jsvid,dtt:149,fm:tltDEiB+1*.928981%7C11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m.10507%7C1m1%7C1m2%7C1n.10507%7C1n1%7C1n2%7C1o.10507%7C1o1%7C1o2%7C1p.10507%7C1p1%7C1p2%7C1q.10507%7C1q1%7C1q2%7C1r.10507%7C1r1%7C1r2%7C1s.10507%7C1s1%7C1s2%7C1t%7C1u,idMap:1*,rmeas:1,rend:1,renddet:env,siq:24%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:07 GMT
server
nginx
x-server-name
dt11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928981&asId=3a078cf4-cebb-b2c8-d1f6-b1d4de8a0b3c&tv=%7Bc:sg12az,pingTime:-10,time:1187,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA2LjAuNTI0OS4xMTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1666883585882%7C%7C621d750660e1e81ffc5e7233e0ed8b26%7C%7C11b89db74b56b4ba918674d36e95a672%7C%7C02fe521238d5a9dd9b09c964af83b670%7C%7C890c07a3780bacdf5430752e49dcffa8%7C%7C1aabc3bf68f72f279b743345ab348fcd%7C%7C1d09b74a00aeb5ba6cca5f53971fcc18%7C%7Ce9487135ad4528f10484083e2cbb3fb8%7C%7C1663701684,sca:%7Bspg:25c7bc1f-c813-f3c3-d390-279fa584c77a%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:07 GMT
server
nginx
x-server-name
dt08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
/
pubads.g.doubleclick.net/pagead/interaction/ Frame F416 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BquPmAaBaY7-EPJbu3gPntJrwAsqO1tBFAAAAEAEg35irHzgBWNHs25mDBGCVgoCAsAeyAQ9pbnRlZ3JhbGFkcy5jb226AQo0NTB4NTBfeG1syAEF2gEYaHR0cHM6Ly9pbnRlZ3JhbGFkcy5jb20vqQLI8rOkLaWlPsACAuACAOoCHC81MTI5L25kbS5od3Qvc3BvcnQvZm9vdGJhbGz4AoXSHoADAZADyAaYA-QKqAMB4AQB0gUGEIb7nMcTkAYBoAYjqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwHgBwHSCBEIgOGAEBABGB0yAqoCOgKAQNgIAoAKBZgLAdAVAfgWAYAXAQ&sigh=m8vPGI93oKk&label=videoplaytime75&ad_mt=1010&acvw=sv%3D940%26cb%3Dima%26e%3D3%26nas%3D1%26sdk%3Dh%26p%3D805,176,1320,1092%26tos%3D0,1057,0,0,0%26mtos%3D0,1057,1057,1057,1057%26amtos%3D0,0,0,0,0%26mcvt%3D1057%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D1057%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D613%26pst%3D413%26dur%3D1068%26vmtime%3D1010%26dvs%3D282%26dfvs%3D0%26dvpt%3D282%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D4882%26c%3D0.76%26mc%3D0.76%26nc%3D0.76%26mv%3D0%26nv%3D0%26qmt%3D0,282,282,282,282%26qnc%3D0.76%26qmv%3D0%26qnv%3D0%26lte%3D0.76%26ces%26femt%3D5604%26femvt%3D0%26emc%3D9%26emuc%3D0%26emb%3D0,8,0,0,0%26avms%3Dexc%26qi%3D884652952%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D0%26psa%3D0%26pnmm%3D1666883580092%26ptlt%3D1666883587606%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,1057,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.18%26t%3D1666883586049&sdkv=h.3.541.0&vci=CmcIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjUyNDk2NDU5NTgyDDEzODI5ODE5MzQ4OUC5AVIkCGIQDyUAAIA_KAE6DDEzODI5ODE5MzQ4OUIER0RGUEj2A1AAGAE.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928981&asId=3a078cf4-cebb-b2c8-d1f6-b1d4de8a0b3c&tv=%7Bc:sg12eW,pingTime:-4,time:1458,type:m,clog:%5B%7Bpiv:77,vs:o,r:v,w:916,h:515,t:23%7D,%7Bvs:i,r:,t:461%7D%5D,ve:%7BvEventCount:7,vEvents:%5B%7Bt:-94,tp:adLoaded,sl:o,volume:0,ad_duration:1,height:0,width:0%7D,%7Bt:413,tp:adImpression,sl:o,volume:0,ad_duration:1,height:0,width:0,x_vv:3.6.0,x_vanstag:cm,x_xcamp:916x515,x_xplac:5249645958,x_xpc:ima%7D,%7Bt:427,tp:adStarted,sl:o,volume:0,ad_duration:1,height:0,width:0%7D,%7Bt:428,tp:adVideoStart,sl:o,volume:0,ad_duration:1,height:0,width:0%7D,%7Bt:904,tp:adVideoFirstQuartile,sl:i,volume:0,ad_duration:1,height:0,width:0%7D,%7Bt:1172,tp:adVideoMidpoint,sl:i,volume:0,ad_duration:1,height:0,width:0%7D,%7Bt:1456,tp:adVideoThirdQuartile,sl:i,volume:0,ad_duration:1,height:0,width:0%7D%5D%7D,vv:3.6.0,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:997,o:461,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:176.805.916.515,am:v,cc:176.805.916.515,piv:77,obst:0,th:0,reas:v,bkn:%7Bpiv:%5B455~75%5D,as:%5B455~916.515%5D%7D%7D,%7Bsl:i,t:461,wc:0.0.1600.1200,ac:176.805.916.515,am:v,cc:176.805.916.515,piv:77,obst:0,th:0,reas:,bkn:%7Bpiv:%5B997~75%5D,as:%5B997~916.515%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:jsvid,dtt:169,fm:tltDEiB+1*.928981%7C11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m.10507%7C1m1%7C1m2%7C1n.10507%7C1n1%7C1n2%7C1o.10507%7C1o1%7C1o2%7C1p.10507%7C1p1%7C1p2%7C1q.10507%7C1q1%7C1q2%7C1r.10507%7C1r1%7C1r2%7C1s.10507%7C1s1%7C1s2%7C1t%7C1u,idMap:1*,rmeas:1,rend:1,renddet:env,siq:24%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:07 GMT
server
nginx
x-server-name
dt25.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b69d6115-d715-966a-6ca0-742a76fed2a1&tv=%7Bc:sg12fn,pingTime:2,time:2410,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:331%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2410,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:331,wc:0.0.1600.1200,ac:1124.794.300.90,am:i,cc:1124.794.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2091~100%5D,as:%5B2091~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:140,fm:tltDEoD+1.928981%7C11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1o2%7C1p.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s*.10507%7C1s1%7C1t%7C1u,idMap:1s*,rmeas:1,rend:1,renddet:IMG.qs,siq:331,sis:520%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:07 GMT
server
nginx
x-server-name
dt28.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b69d6115-d715-966a-6ca0-742a76fed2a1&tv=%7Bc:sg12fo,pingTime:2,time:2411,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:331%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2411,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:331,wc:0.0.1600.1200,ac:1124.794.300.90,am:i,cc:1124.794.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2092~100%5D,as:%5B2092~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:140,fm:tltDEoD+1.928981%7C11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1o2%7C1p.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s*.10507%7C1s1%7C1t%7C1u,idMap:1s*,rmeas:1,rend:1,renddet:IMG.qs,siq:331,sis:520%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:07 GMT
server
nginx
x-server-name
dt29.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
/
pubads.g.doubleclick.net/pagead/interaction/ Frame F416 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BquPmAaBaY7-EPJbu3gPntJrwAsqO1tBFAAAAEAEg35irHzgBWNHs25mDBGCVgoCAsAeyAQ9pbnRlZ3JhbGFkcy5jb226AQo0NTB4NTBfeG1syAEF2gEYaHR0cHM6Ly9pbnRlZ3JhbGFkcy5jb20vqQLI8rOkLaWlPsACAuACAOoCHC81MTI5L25kbS5od3Qvc3BvcnQvZm9vdGJhbGz4AoXSHoADAZADyAaYA-QKqAMB4AQB0gUGEIb7nMcTkAYBoAYjqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwHgBwHSCBEIgOGAEBABGB0yAqoCOgKAQNgIAoAKBZgLAdAVAfgWAYAXAQ&sigh=m8vPGI93oKk&label=videoplaytime100&ad_mt=1068&acvw=sv%3D940%26cb%3Dima%26e%3D4%26nas%3D1%26sdk%3Dh%26p%3D805,176,1320,1092%26p0%3D805,176,1320,1092%26p1%3D805,176,1320,1092%26p2%3D805,176,1320,1092%26p3%3D805,176,1320,1092%26tos%3D0,1113,0,0,0%26mtos%3D0,1113,1113,1113,1113%26amtos%3D0,0,0,0,0%26mtos1%3D0,508,0%26mtos2%3D0,267,0%26mtos3%3D0,282,0%26mcvt%3D1113%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26a3%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D1113%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D613%26pst%3D413%26dur%3D1068%26vmtime%3D1068%26dvs%3D56%26dfvs%3D0%26dvpt%3D56%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D4882%26c%3D0.76%26c0%3D0.76%26c1%3D0.76%26c2%3D0.76%26c3%3D0.76%26mc%3D0.76%26nc%3D0.76%26mv%3D0%26nv%3D0%26qmt%3D0,56,56,56,56%26qnc%3D0.76%26qmv%3D0%26qnv%3D0%26lte%3D0.76%26ces%26femt%3D5604%26femvt%3D0%26emc%3D9%26emuc%3D0%26emb%3D0,8,0,0,0%26avms%3Dexc%26qi%3D884652952%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D0%26psa%3D0%26pnmm%3D1666883580092%26ptlt%3D1666883587662%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,1113,0%26ss0%3D0.18%26ss1%3D0.18%26ss2%3D0.18%26ss3%3D0.18&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.18%26t%3D1666883586049&sdkv=h.3.541.0&vci=CmcIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjUyNDk2NDU5NTgyDDEzODI5ODE5MzQ4OUC5AVIkCGIQDyUAAIA_KAE6DDEzODI5ODE5MzQ4OUIER0RGUEj2A1AAGAE.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928981&asId=3a078cf4-cebb-b2c8-d1f6-b1d4de8a0b3c&tv=%7Bc:sg12fP,pingTime:-4,time:1513,type:m,clog:%5B%7Bpiv:77,vs:o,r:v,w:916,h:515,t:23%7D,%7Bvs:i,r:,t:461%7D%5D,ve:%7BvEventCount:8,vEvents:%5B%7Bt:-94,tp:adLoaded,sl:o,volume:0,ad_duration:1,height:0,width:0%7D,%7Bt:413,tp:adImpression,sl:o,volume:0,ad_duration:1,height:0,width:0,x_vv:3.6.0,x_vanstag:cm,x_xcamp:916x515,x_xplac:5249645958,x_xpc:ima%7D,%7Bt:427,tp:adStarted,sl:o,volume:0,ad_duration:1,height:0,width:0%7D,%7Bt:428,tp:adVideoStart,sl:o,volume:0,ad_duration:1,height:0,width:0%7D,%7Bt:904,tp:adVideoFirstQuartile,sl:i,volume:0,ad_duration:1,height:0,width:0%7D,%7Bt:1172,tp:adVideoMidpoint,sl:i,volume:0,ad_duration:1,height:0,width:0%7D,%7Bt:1456,tp:adVideoThirdQuartile,sl:i,volume:0,ad_duration:1,height:0,width:0%7D,%7Bt:1511,tp:adVideoComplete,sl:i,volume:0,ad_duration:1,height:0,width:0%7D%5D%7D,vv:3.6.0,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:1052,o:461,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:176.805.916.515,am:v,cc:176.805.916.515,piv:77,obst:0,th:0,reas:v,bkn:%7Bpiv:%5B455~75%5D,as:%5B455~916.515%5D%7D%7D,%7Bsl:i,t:461,wc:0.0.1600.1200,ac:176.805.916.515,am:v,cc:176.805.916.515,piv:77,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1052~75%5D,as:%5B1052~916.515%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:jsvid,dtt:169,fm:tltDEiB+1*.928981%7C11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m.10507%7C1m1%7C1m2%7C1n.10507%7C1n1%7C1n2%7C1o.10507%7C1o1%7C1o2%7C1p.10507%7C1p1%7C1p2%7C1q.10507%7C1q1%7C1q2%7C1r.10507%7C1r1%7C1r2%7C1s.10507%7C1s1%7C1s2%7C1t%7C1u,idMap:1*,rmeas:1,rend:1,renddet:env,siq:24%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:07 GMT
server
nginx
x-server-name
dt16.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928981&asId=3a078cf4-cebb-b2c8-d1f6-b1d4de8a0b3c&tv=%7Bc:sg12fQ,pingTime:-1,time:1514,type:u,clog:%5B%7Bpiv:77,vs:o,r:v,w:916,h:515,t:23%7D,%7Bvs:i,r:,t:461%7D%5D,ve:%7BvEventCount:8,vEvents:%5B%7Bt:-94,tp:adLoaded,sl:o,volume:0,ad_duration:1,height:0,width:0%7D,%7Bt:413,tp:adImpression,sl:o,volume:0,ad_duration:1,height:0,width:0,x_vv:3.6.0,x_vanstag:cm,x_xcamp:916x515,x_xplac:5249645958,x_xpc:ima%7D,%7Bt:427,tp:adStarted,sl:o,volume:0,ad_duration:1,height:0,width:0%7D,%7Bt:428,tp:adVideoStart,sl:o,volume:0,ad_duration:1,height:0,width:0%7D,%7Bt:904,tp:adVideoFirstQuartile,sl:i,volume:0,ad_duration:1,height:0,width:0%7D,%7Bt:1172,tp:adVideoMidpoint,sl:i,volume:0,ad_duration:1,height:0,width:0%7D,%7Bt:1456,tp:adVideoThirdQuartile,sl:i,volume:0,ad_duration:1,height:0,width:0%7D,%7Bt:1511,tp:adVideoComplete,sl:i,volume:0,ad_duration:1,height:0,width:0%7D%5D%7D,ndt:6,vv:3.6.0,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:1053,o:461,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:176.805.916.515,am:v,cc:176.805.916.515,piv:77,obst:0,th:0,reas:v,bkn:%7Bpiv:%5B455~75%5D,as:%5B455~916.515%5D%7D%7D,%7Bsl:i,t:461,wc:0.0.1600.1200,ac:176.805.916.515,am:v,cc:176.805.916.515,piv:77,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1053~75%5D,as:%5B1053~916.515%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:jsvid,dtt:169,metricIdList:%5Bpubl2,grpm2,vidqua_4_so_2%5D,fm:tltDEiB+1*.928981%7C11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m.10507%7C1m1%7C1m2%7C1n.10507%7C1n1%7C1n2%7C1o.10507%7C1o1%7C1o2%7C1p.10507%7C1p1%7C1p2%7C1q.10507%7C1q1%7C1q2%7C1r.10507%7C1r1%7C1r2%7C1s.10507%7C1s1%7C1s2%7C1t%7C1u,idMap:1*,rmeas:1,rend:1,renddet:env,lt:5,siq:24%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:07 GMT
server
nginx
x-server-name
dt18.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
tracker
metrics.brightcove.com/v2/ 		35 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=5e4db17f73ec5d5431bc1c38&account=5348771529001&destination=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&platform_version=6.63.5&player=players.brightcove.com%2F5348771529001%2F938M1Zecs_default&player_name=%5BPROD%5D%20-%20v6.63&source=https%3A%2F%2Fcontent.isentia.io%2F&event=ad_end&web_ad_info=%7B%22plugin%22%3A%22ima3%22%2C%22pluginVersion%22%3A%223.6.0%22%2C%22adTech%22%3A%22html5%22%2C%22requestMode%22%3A%22onplay%22%2C%22timeout%22%3A4200%2C%22adType%22%3A%22preroll%22%2C%22adPodLength%22%3A1%2C%22adPodId%22%3A0%2C%22creativeFormat%22%3A%5B%22video%2Fmp4%22%5D%2C%22creativeLength%22%3A%5B1%5D%2C%22creativeId%22%3A%5B%22138298193489%22%5D%2C%22creativeIndex%22%3A%5B0%5D%2C%22wrapperCreativeIds%22%3A%5B%5B%5D%5D%2C%22adId%22%3A%5B%225249645958%22%5D%2C%22adTitle%22%3A%5B%22CCPA%2FGDPR%20Video%20Blocking%20-%20427x240v%22%5D%2C%22adSystem%22%3A%5B%22GDFP%22%5D%2C%22firstPlayedAdIndex%22%3A0%2C%22startedInAdPod%22%3A%5B0%5D%2C%22completedInAdPod%22%3A%5B0%5D%2C%22prerollDelay%22%3A1317%2C%22firstPlayInSession%22%3A1666883585264%2C%22adsRequest%22%3A1666883585307%2C%22adsResponseReceived%22%3A1666883585772%2C%22adsLoading%22%3A%5B1666883586061%5D%2C%22adsAdStarted%22%3A%5B1666883586581%5D%2C%22adsAdEnded%22%3A%5B1666883587666%5D%7D&video=6313008703112&video_name=Qatar%20World%20Cup%202022&video_duration=109&media_url=https%3A%2F%2Fmanifest.prod.boltdns.net%2Fmanifest%2Fv1%2Fhls%2Fv4%2Fclear%2F5348771529001%2F6ba274fa-fdf1-44ad-b7cd-df5a23811950%2F10s%2Fmaster.m3u8%3Ffastly_token%3DNjM3ZThmYmRfMzA2NjU5NGJiNjJmNDhmNWJjNTIwNDBlZTY3OTc3ZDFiZmI2ZGZhMjlhY2Q5OThjZTJjM2UyNDVjNGM3ZjQ0NA%253D%253D&time=1666883587675&seq=7_0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
cache-control
must-revalidate,no-cache,no-store
via
1.1 google
date
Thu, 27 Oct 2022 15:13:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
truncated
/ 		331 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0530fb7842f7fca7293ecc5f0e24057e3cfa5bdbe8c53dde3681d121587ceb53

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ac0bd519a8891b6e8fbb9b92dbc62e6259fd3f457fbfb3b9ce24e37e719310e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
master.m3u8
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5348771529001/6ba274fa-fdf1-44ad-b7cd-df5a23811950/10s/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5348771529001/6ba274fa-fdf1-44ad-b7cd-df5a23811950/10s/master.m3u8?fastly_token=NjM3ZThmYmRfMzA2NjU5NGJiNjJmNDhmNWJjNTIwNDBlZTY3OTc3ZDFiZmI2ZGZhMjlhY2Q5OThjZTJjM2UyNDVjNGM3ZjQ0NA%3D%3D
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/5348771529001/938M1Zecs_default/index.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ BC
Resource Hash
2f1c6751bd5336afb2205ee3a54990dd15cca1ccd286a6bcb177e814ac18ab52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:07 GMT
via
1.1 varnish
age
0
x-powered-by
BC
x-cache
MISS
x-bolt-device-group
desktop-chrome
content-length
2842
x-served-by
cache-hhn4026-HHN
x-device-group
desktop-chrome
x-timer
S1666883588.736967,VS0,VE70
x-powered-from
gantry
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Server,Range,Content-Length,Content-Range
cache-control
s-maxage=1209600, max-age=1209600
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits
0
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=video%40heraldsun.com.au&g=36976&p=6313008703112&i=Qatar%20World%20Cup%202022&g0=sport%2Cfootball%2Cvideo%2Ccomments%2Cstory%2Cmc_widget%2Cpc.ct.restricted&g1=Joe%20Barton&u=C4OI13DBQVbPBxz3_t&t=CmSbjECR3UWgCA6F-cDYXCPUDooAc3&x=0&y=0&V=136&VS=BCN&n=1&b=10441&_vd=0&_vi=FIFA%20World%20Cup%20Qatar%3A%20Socceroos%20protest%20human%20rights%20abuses%20%7C%20Herald%20Sun&_vp=heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805&_vh=heraldsun.com.au&_pu=5LINFCrnAmMrNRWh&_pt=ByhM-2D2VRkKBkcxbdB8B8RMoaLs4&_pr=https%3A%2F%2Fcontent.isentia.io%2F&_vdd=heraldsun.com.au&_vt=ct&_vs=s2&_vcs=1&_vbr=-1&_vvs=8.121&_vpt=0&_vtn=https%3A%2F%2Fcf-images.ap-southeast-2.prod.boltdns.net%2Fv1%2Fstatic%2F5348771529001%2F6ba274fa-fdf1-44ad-b7cd-df5a23811950%2F803fe2ee-489f-4d4e-ab94-82cfe978c0b3%2F152x85%2Fmatch%2Fimage.jpg&_vaup=unkn&_vce=0&c=0.14&W=0&R=1&I=0&E=0&j=20&tz=0&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.198.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-198-241.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 27 Oct 2022 15:13:07 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
rendition.m3u8
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5348771529001/6ba274fa-fdf1-44ad-b7cd-df5a23811950/7a58b8b7-a773-4446-afaf-e8c4596a04b4/10s/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5348771529001/6ba274fa-fdf1-44ad-b7cd-df5a23811950/7a58b8b7-a773-4446-afaf-e8c4596a04b4/10s/rendition.m3u8?fastly_token=NjM3ZjhlMDdfNTlkOGI1ZjQ1ODgyNDQ3ZTVjODA5N2IwZmUwYzc5ZjlhOWVlYzQ0MzkyNTU2NzhhNTA1MjlmMzY0NzNiZDgwMQ%3D%3D
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/5348771529001/938M1Zecs_default/index.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ BC
Resource Hash
3ed575ad31b68b5ced21693c80283579e6cfebe1e3d88add1a7717623dd595ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:08 GMT
via
1.1 varnish
age
0
x-powered-by
BC
x-cache
MISS
content-length
4470
x-served-by
cache-hhn4026-HHN
x-device-group
desktop-chrome
x-timer
S1666883588.864797,VS0,VE338
x-powered-from
gantry
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Server,Range,Content-Length,Content-Range
cache-control
s-maxage=1209600, max-age=1209600
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits
0
rendition.m3u8
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5348771529001/6ba274fa-fdf1-44ad-b7cd-df5a23811950/686f491b-1fae-4cd0-8a51-fac7e848ab77/10s/ 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5348771529001/6ba274fa-fdf1-44ad-b7cd-df5a23811950/686f491b-1fae-4cd0-8a51-fac7e848ab77/10s/rendition.m3u8?fastly_token=NjM3ZjhlMDdfZjhlNzk0NjE5Mjk4MjVkNWY3Nzk0NTAzZjk1MTk3ZmUzODVjYWI3NzNjNmUzMjlmZjViMzgxYTRmNDI3Y2VhNQ%3D%3D
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/5348771529001/938M1Zecs_default/index.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ BC
Resource Hash
5727f4eac5b367cdfd4803a35073527c22666150dc202ff76abc31588a098731

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:08 GMT
via
1.1 varnish
age
0
x-powered-by
BC
x-cache
MISS
content-length
4856
x-served-by
cache-hhn4026-HHN
x-device-group
desktop-chrome
x-timer
S1666883588.276250,VS0,VE389
x-powered-from
gantry
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Server,Range,Content-Length,Content-Range
cache-control
s-maxage=1209600, max-age=1209600
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits
0
segment0.ts
nws-bolt-amd-prod.akamaized.net/media/v1/hls/v4/clear/5348771529001/6ba274fa-fdf1-44ad-b7cd-df5a23811950/7a58b8b7-a773-4446-afaf-e8c4596a04b4/5x/ 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nws-bolt-amd-prod.akamaized.net/media/v1/hls/v4/clear/5348771529001/6ba274fa-fdf1-44ad-b7cd-df5a23811950/7a58b8b7-a773-4446-afaf-e8c4596a04b4/5x/segment0.ts?akamai_token=exp=1669303815~acl=/media/v1/hls/v4/clear/5348771529001/6ba274fa-fdf1-44ad-b7cd-df5a23811950/7a58b8b7-a773-4446-afaf-e8c4596a04b4/*~hmac=cde91f26aa82e071b0b1d265de9c3848d5fad1df2fdf56a00b8fea0b6b57da8b
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/5348771529001/938M1Zecs_default/index.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
184.24.77.198 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-198.deploy.static.akamaitechnologies.com
Software
/ BC
Resource Hash
2cc504c4018dc57148a51287d6338aad454d119d7ec047174a59c3f867148bc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

X-Cache-Hits
1
Date
Thu, 27 Oct 2022 15:13:08 GMT
X-Amz-Cf-Pop
SYD62-P2
X-Powered-By
BC
Backend-IP
18.67.108.195
BC-MID
true
Connection
keep-alive
Akamai-Mon-Iucid-Del
733363
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
1173496
X-Served-By
cache-syd10152-SYD
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
X-Timer
S1666816907.193431,VS0,VE2
X-Powered-From
gantry
ETag
"e9c85882f4171d86cac17f09dae7c532"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del
Cache-Control
public, max-age=31469368
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
X-Amz-Cf-Id
MHDOlSo-OEjp5lC-7hWwY6FgNEmBZdoBFxb4B2WC8YpYT_CMZTXu6Q==
Expires
Thu, 26 Oct 2023 20:42:36 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b69d6115-d715-966a-6ca0-742a76fed2a1&tv=%7Bc:sg12vu,pingTime:3,time:3409,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:331%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:3409,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:331,wc:0.0.1600.1200,ac:1124.794.300.90,am:i,cc:1124.794.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B3090~100%5D,as:%5B3090~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:138,fm:tltDEoD+1.928981%7C11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1o2%7C1p.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s*.10507%7C1s1%7C1t%7C1u,idMap:1s*,rmeas:1,rend:1,renddet:IMG.qs,siq:331,sis:520%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:08 GMT
server
nginx
x-server-name
dt19.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b69d6115-d715-966a-6ca0-742a76fed2a1&tv=%7Bc:sg12vu,pingTime:3,time:3409,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:331%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:3409,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:331,wc:0.0.1600.1200,ac:1124.794.300.90,am:i,cc:1124.794.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B3090~100%5D,as:%5B3090~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:138,fm:tltDEoD+1.928981%7C11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1o2%7C1p.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s*.10507%7C1s1%7C1t%7C1u,idMap:1s*,rmeas:1,rend:1,renddet:IMG.qs,siq:331,sis:520%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:08 GMT
server
nginx
x-server-name
dt20.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
segment0.ts
nws-bolt-amd-prod.akamaized.net/media/v1/hls/v4/clear/5348771529001/6ba274fa-fdf1-44ad-b7cd-df5a23811950/686f491b-1fae-4cd0-8a51-fac7e848ab77/5x/ 		218 KB
219 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nws-bolt-amd-prod.akamaized.net/media/v1/hls/v4/clear/5348771529001/6ba274fa-fdf1-44ad-b7cd-df5a23811950/686f491b-1fae-4cd0-8a51-fac7e848ab77/5x/segment0.ts?akamai_token=exp=1669303816~acl=/media/v1/hls/v4/clear/5348771529001/6ba274fa-fdf1-44ad-b7cd-df5a23811950/686f491b-1fae-4cd0-8a51-fac7e848ab77/*~hmac=54e976059c93510ee39aed31a0506d3a34175c2761848c1cd47d7dae7946d8a0
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/5348771529001/938M1Zecs_default/index.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
184.24.77.198 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-198.deploy.static.akamaitechnologies.com
Software
/ BC
Resource Hash
16d5eea328825426ed5cbf4813b8bdfd97852eaa76902d9ca810a18cffe11146

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

X-Cache-Hits
1
Date
Thu, 27 Oct 2022 15:13:08 GMT
X-Amz-Cf-Pop
SYD62-P2
X-Powered-By
BC
Backend-IP
18.67.108.32
BC-MID
true
Connection
keep-alive
Akamai-Mon-Iucid-Del
733363
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
222968
X-Served-By
cache-syd10138-SYD
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
X-Timer
S1666816907.228813,VS0,VE1
X-Powered-From
gantry
ETag
"b321d99e8248b55b2b9bb04041804934"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del
Cache-Control
public, max-age=31469318
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
X-Amz-Cf-Id
PjGbSjgVTevvSHDCaC4Ncxg8huX5H7688wpKzt-AsvnsZNpQsWCCqg==
Expires
Thu, 26 Oct 2023 20:41:46 GMT
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805&u=5LINFCrnAmMrNRWh&d=heraldsun.com.au&g=36976&g0=sport%2Cfootball%2Cvideo%2Ccomments%2Cstory%2Cmc_widget%2Cpc.ct.restricted&g1=Joe%20Barton&n=1&f=00001&c=0.15&x=0&m=0&y=7630&o=1600&w=1200&j=30&R=0&W=0&I=1&E=5&e=0&r=https%3A%2F%2Fcontent.isentia.io%2F&b=10319&t=ByhM-2D2VRkKBkcxbdB8B8RMoaLs4&V=136&tz=0&_acct=anon&_vi=Qatar%20World%20Cup%202022&_vp=6313008703112&_vdd=video%40heraldsun.com.au&_vs=s2&_vt=ct&_vap=&_vtn=https%3A%2F%2Fcf-images.ap-southeast-2.prod.boltdns.net%2Fv1%2Fstatic%2F5348771529001%2F6ba274fa-fdf1-44ad-b7cd-df5a23811950%2F803fe2ee-489f-4d4e-ab94-82cfe978c0b3%2F152x85%2Fmatch%2Fimage.jpg&_vd=0&sn=4&sv=QGWasB1RixZBl84vYOP84pClHEvS&sr=https%3A%2F%2Fcontent.isentia.io%2F&sd=1&im=065b0ed2&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.198.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-198-241.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 27 Oct 2022 15:13:08 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
segment1.ts
nws-bolt-amd-prod.akamaized.net/media/v1/hls/v4/clear/5348771529001/6ba274fa-fdf1-44ad-b7cd-df5a23811950/686f491b-1fae-4cd0-8a51-fac7e848ab77/5x/ 		233 KB
234 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nws-bolt-amd-prod.akamaized.net/media/v1/hls/v4/clear/5348771529001/6ba274fa-fdf1-44ad-b7cd-df5a23811950/686f491b-1fae-4cd0-8a51-fac7e848ab77/5x/segment1.ts?akamai_token=exp=1669303816~acl=/media/v1/hls/v4/clear/5348771529001/6ba274fa-fdf1-44ad-b7cd-df5a23811950/686f491b-1fae-4cd0-8a51-fac7e848ab77/*~hmac=54e976059c93510ee39aed31a0506d3a34175c2761848c1cd47d7dae7946d8a0
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/5348771529001/938M1Zecs_default/index.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
184.24.77.198 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-198.deploy.static.akamaitechnologies.com
Software
/ BC
Resource Hash
8e972a373c50c4489bbeb728ebebf9a0c0556bfb5ce1fc05d6e0312676dc8e71

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

X-Cache-Hits
1
Date
Thu, 27 Oct 2022 15:13:08 GMT
X-Amz-Cf-Pop
SYD62-P2
X-Powered-By
BC
Backend-IP
18.67.108.15
BC-MID
true
Connection
keep-alive
Akamai-Mon-Iucid-Del
733363
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
238384
X-Served-By
cache-syd10152-SYD
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
X-Timer
S1666816907.387202,VS0,VE1
X-Powered-From
gantry
ETag
"a4f2a63c00129d6815e7ed0a1fcef062"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del
Cache-Control
public, max-age=31469310
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
X-Amz-Cf-Id
tv4zs5CCyJNxVPhCS7joE_2NpwNRCU1BP8m0yPko4VWZhSJdsbZJCw==
Expires
Thu, 26 Oct 2023 20:41:38 GMT
social
am-trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/social?route=AM:AM:V&lti=deflated&ri=4f7409ecd2d627636c1a323a2d674b54&sd=v2_db71b15ffda1b93bac026227b46cfc94_4f464d79-e4e7-4701-9c99-6153d7c32bee-tucta54257a_1666883578_1666883578_CJrkkBYQgPNHGOrTg9DBMCABKAEwODib4wlAiIoQSMWG2ANQouwQWABgAGi0ovD79tOEkd4BcAA&ui=4f464d79-e4e7-4701-9c99-6153d7c32bee-tucta54257a&pi=/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805&wi=-8549985283888529367&pt=text&vi=1666883578346&st=social-share&d=%7B%22data%22%3A%5B%7B%22name%22%3A%22video%22%2C%22type%22%3A%22player-div%22%2C%22m%22%3A%22video%22%2C%22v%22%3A4%2C%22badgeUrl%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd%22%2C%22location%22%3A%22below-fold%22%2C%22locationX%22%3A176%2C%22locationY%22%3A805%2C%22timestamp%22%3A1666883589004%2C%22isMobile%22%3Afalse%2C%22screenResX%22%3A1600%2C%22screenResY%22%3A1200%2C%22pubDate%22%3Anull%7D%5D%7D&tim=15%3A13%3A09.010&id=1271&llvl=2&cv=20221027-5-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 27 Oct 2022 15:13:09 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
tracker
metrics.brightcove.com/v2/ 		35 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=5e4db17f73ec5d5431bc1c38&account=5348771529001&destination=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&platform_version=6.63.5&player=players.brightcove.com%2F5348771529001%2F938M1Zecs_default&player_name=%5BPROD%5D%20-%20v6.63&source=https%3A%2F%2Fcontent.isentia.io%2F&time=1666883588994&event=video_view&start_time_ms=7366&video=6313008703112&video_name=Qatar%20World%20Cup%202022&video_duration=109&media_url=https%3A%2F%2Fmanifest.prod.boltdns.net%2Fmanifest%2Fv1%2Fhls%2Fv4%2Fclear%2F5348771529001%2F6ba274fa-fdf1-44ad-b7cd-df5a23811950%2F10s%2Fmaster.m3u8%3Ffastly_token%3DNjM3ZThmYmRfMzA2NjU5NGJiNjJmNDhmNWJjNTIwNDBlZTY3OTc3ZDFiZmI2ZGZhMjlhY2Q5OThjZTJjM2UyNDVjNGM3ZjQ0NA%253D%253D&seq=8_0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
cache-control
must-revalidate,no-cache,no-store
via
1.1 google
date
Thu, 27 Oct 2022 15:13:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
segment2.ts
nws-bolt-amd-prod.akamaized.net/media/v1/hls/v4/clear/5348771529001/6ba274fa-fdf1-44ad-b7cd-df5a23811950/686f491b-1fae-4cd0-8a51-fac7e848ab77/5x/ 		215 KB
216 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nws-bolt-amd-prod.akamaized.net/media/v1/hls/v4/clear/5348771529001/6ba274fa-fdf1-44ad-b7cd-df5a23811950/686f491b-1fae-4cd0-8a51-fac7e848ab77/5x/segment2.ts?akamai_token=exp=1669303816~acl=/media/v1/hls/v4/clear/5348771529001/6ba274fa-fdf1-44ad-b7cd-df5a23811950/686f491b-1fae-4cd0-8a51-fac7e848ab77/*~hmac=54e976059c93510ee39aed31a0506d3a34175c2761848c1cd47d7dae7946d8a0
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/5348771529001/938M1Zecs_default/index.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
184.24.77.198 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-198.deploy.static.akamaitechnologies.com
Software
/ BC
Resource Hash
d9bbd2edfb4a743ff0c90c258e85aaa8be066d9c8024800129625e6993de21fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

X-Cache-Hits
1
Date
Thu, 27 Oct 2022 15:13:09 GMT
X-Amz-Cf-Pop
SYD1-C2
X-Powered-By
BC
Backend-IP
13.224.177.69
BC-MID
true
Connection
keep-alive
Akamai-Mon-Iucid-Del
733363
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
219960
X-Served-By
cache-syd10154-SYD
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
X-Timer
S1666816908.500992,VS0,VE1
X-Powered-From
gantry
ETag
"943d35d58d52a97b1ef7ccfbe4b80c1c"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del
Cache-Control
public, max-age=31469270
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
X-Amz-Cf-Id
UMyvE_kItofVKV9uFmt5RwY4pdwRwDO_frxkyVW6EWrZOGWL-yBVig==
Expires
Thu, 26 Oct 2023 20:40:59 GMT
s14236199100789
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.4/ 		43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.4/s14236199100789?AQB=1&ndh=1&pf=1&t=27%2F9%2F2022%2015%3A13%3A9%204%200&cid.&newsnkidcookie.&id=4266bc4de45aa575d451af048646f817&as=1&.newsnkidcookie&.cid&vid=4266bc4de45aa575d451af048646f817&mid=44663009312486261422608925643828939322&aamlh=6&ce=UTF-8&ns=newscorpau&cdp=3&pageName=hs%7Csport%7Cmc_widget%7Csocceroos%E2%80%99%20world-first%20world%20cup%20protest&g=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&cc=AUD&events=event8%2Cevent35&v1=news%20corp%20au&v2=herald%20sun&v3=herald%20sun%20web&v4=sport&v5=football&v9=video%2Bcomments%2Bstory%2Bmc_widget&v10=D%3DpageName&v11=D%3Dvid&v12=not%20set&v14=anonymous&v15=restricted&v16=06ae81845d541688c402efd2ac9e7805&v17=socceroos%E2%80%99%20world-first%20world%20cup%20protest&v18=joe%20barton&v19=news%20corp%20australia%20sports%20newsroom&v20=2022-10-27%2007%3A36%3A00&v22=2%3A13%20AM%7CFriday&v24=New&v34=D%3Dg&v77=D%3Dmid&pe=lnk_o&pev2=event&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&lrt=604&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 28 Oct 2022 15:13:09 GMT
server
jag
etag
3579605251322707968-4619373970842897141
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
43
x-xss-protection
1; mode=block
expires
Wed, 26 Oct 2022 15:13:09 GMT
segment3.ts
nws-bolt-amd-prod.akamaized.net/media/v1/hls/v4/clear/5348771529001/6ba274fa-fdf1-44ad-b7cd-df5a23811950/686f491b-1fae-4cd0-8a51-fac7e848ab77/5x/ 		203 KB
204 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nws-bolt-amd-prod.akamaized.net/media/v1/hls/v4/clear/5348771529001/6ba274fa-fdf1-44ad-b7cd-df5a23811950/686f491b-1fae-4cd0-8a51-fac7e848ab77/5x/segment3.ts?akamai_token=exp=1669303816~acl=/media/v1/hls/v4/clear/5348771529001/6ba274fa-fdf1-44ad-b7cd-df5a23811950/686f491b-1fae-4cd0-8a51-fac7e848ab77/*~hmac=54e976059c93510ee39aed31a0506d3a34175c2761848c1cd47d7dae7946d8a0
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/5348771529001/938M1Zecs_default/index.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
184.24.77.198 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-198.deploy.static.akamaitechnologies.com
Software
/ BC
Resource Hash
f2ae30fc0be761ea7af52d473b89b5a07b03893e185d94e09d024c89969417dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

X-Cache-Hits
1
Date
Thu, 27 Oct 2022 15:13:09 GMT
X-Amz-Cf-Pop
SYD1-C2
X-Powered-By
BC
Backend-IP
13.224.177.19
BC-MID
true
Connection
keep-alive
Akamai-Mon-Iucid-Del
733363
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
207928
X-Served-By
cache-syd10152-SYD
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
X-Timer
S1666816908.742397,VS0,VE1
X-Powered-From
gantry
ETag
"3a9b42407db997a551badc8eccd77e04"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del
Cache-Control
public, max-age=31469273
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
X-Amz-Cf-Id
LtjnSRiOkBFq0qInbzRKQKe-Gd8z4EWsPZDGgnXVIPS0WH3HQFbijg==
Expires
Thu, 26 Oct 2023 20:41:02 GMT
segment1.ts
nws-bolt-amd-prod.akamaized.net/media/v1/hls/v4/clear/5348771529001/6ba274fa-fdf1-44ad-b7cd-df5a23811950/7a58b8b7-a773-4446-afaf-e8c4596a04b4/5x/ 		2 MB
2 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nws-bolt-amd-prod.akamaized.net/media/v1/hls/v4/clear/5348771529001/6ba274fa-fdf1-44ad-b7cd-df5a23811950/7a58b8b7-a773-4446-afaf-e8c4596a04b4/5x/segment1.ts?akamai_token=exp=1669303815~acl=/media/v1/hls/v4/clear/5348771529001/6ba274fa-fdf1-44ad-b7cd-df5a23811950/7a58b8b7-a773-4446-afaf-e8c4596a04b4/*~hmac=cde91f26aa82e071b0b1d265de9c3848d5fad1df2fdf56a00b8fea0b6b57da8b
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/5348771529001/938M1Zecs_default/index.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
184.24.77.198 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-198.deploy.static.akamaitechnologies.com
Software
/ BC
Resource Hash
60f8a584d7ee6691d04772563e3cc0174bef3b3a2bae9b1d65792ab7fecacea6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

X-Cache-Hits
1
Date
Thu, 27 Oct 2022 15:13:09 GMT
X-Amz-Cf-Pop
SYD1-C2
X-Powered-By
BC
Backend-IP
13.224.177.69
BC-MID
true
Connection
keep-alive
Akamai-Mon-Iucid-Del
733363
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
1699896
X-Served-By
cache-syd10152-SYD
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
X-Timer
S1666816908.537255,VS0,VE2
X-Powered-From
gantry
ETag
"bfc89319d93e35d941f8da21cf8b583f"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del
Cache-Control
public, max-age=31469265
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
X-Amz-Cf-Id
l3aTqATSOOLJsY-uyqVL0W66oO9ir1ivb75MQmlN3hWd8FZ4N45TLg==
Expires
Thu, 26 Oct 2023 20:40:54 GMT
/
newscorpau.hb.omtrdc.net/ 		0
16 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://newscorpau.hb.omtrdc.net/?s:sc:rsid=newscorpau-hsweb%2Cnewscorpau-global&s:sc:tracking_server=metrics.heraldsun.com.au&h:sc:ssl=1&s:user:mid=44663009312486261422608925643828939322&s:user:id=4266bc4de45aa575d451af048646f817&s:aam:blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&l:aam:loc_hint=6&s:sp:player_name=NewsCorp%20Brightcove%20Video%20Player&s:sp:hb_version=js-2.2.0.223-05c3c4&l:sp:hb_api_lvl=4&s:event:sid=1666883585273467586033&s:event:type=start&l:event:duration=3975&l:event:playhead=0&l:event:ts=1666883589258&l:event:prev_ts=1666883585283&s:asset:type=main&s:asset:name=Qatar%20World%20Cup%202022&s:asset:video_id=6313008703112&s:asset:publisher=5FE61C8B533204850A490D4D%40AdobeOrg&l:asset:length=109&s:stream:type=vod&l:stream:bitrate=5000&l:stream:fps=24&l:stream:dropped_frames=10&l:stream:startup_time=0&s:meta:brand=herald%20sun&s:meta:site=herald%20sun%20web&s:meta:videoSource=afp_videography&s:meta:advtType=CSAI&s:meta:a.media.network=herald%20sun&s:meta:mediacontenttype=Standard&s:meta:mediaautoplayanalytics=anonymous%7Cundefined%7Cerror%7Cyes&s:meta:playlistOrder=1&s:meta:accessType=free&s:meta:CastingStatus=CHROMECAST&s:meta:a.media.streamType=video
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/heartbeat/v2.2.0/MediaSDK.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 27 Oct 2022 15:13:09 GMT
cache-control
no-cache, no-store, max-age=0, no-transform, private
x-content-type-options
nosniff
server
jag
x-xss-protection
1; mode=block
/
newscorpau.hb.omtrdc.net/ 		0
39 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://newscorpau.hb.omtrdc.net/?s:sc:rsid=newscorpau-hsweb%2Cnewscorpau-global&s:sc:tracking_server=metrics.heraldsun.com.au&h:sc:ssl=1&s:user:mid=44663009312486261422608925643828939322&s:user:id=4266bc4de45aa575d451af048646f817&s:aam:blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&l:aam:loc_hint=6&s:sp:player_name=NewsCorp%20Brightcove%20Video%20Player&s:sp:hb_version=js-2.2.0.223-05c3c4&l:sp:hb_api_lvl=4&s:event:sid=1666883585273467586033&s:event:type=play&l:event:duration=0&l:event:playhead=0&l:event:ts=1666883589258&l:event:prev_ts=-1&s:asset:type=main&s:asset:name=Qatar%20World%20Cup%202022&s:asset:video_id=6313008703112&s:asset:publisher=5FE61C8B533204850A490D4D%40AdobeOrg&l:asset:length=109&s:stream:type=vod&l:stream:bitrate=5000&l:stream:fps=24&l:stream:dropped_frames=10&l:stream:startup_time=0
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/heartbeat/v2.2.0/MediaSDK.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 27 Oct 2022 15:13:09 GMT
cache-control
no-cache, no-store, max-age=0, no-transform, private
x-content-type-options
nosniff
server
jag
x-xss-protection
1; mode=block
rendition.m3u8
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5348771529001/6ba274fa-fdf1-44ad-b7cd-df5a23811950/ad9aa343-4927-4993-a47a-7a88298f31db/10s/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5348771529001/6ba274fa-fdf1-44ad-b7cd-df5a23811950/ad9aa343-4927-4993-a47a-7a88298f31db/10s/rendition.m3u8?fastly_token=NjM3ZjhlMDdfN2U4M2U2ZGQwZDI4Y2Q0ZDY3NzA5MDQ1YmM1N2E2MzFkZTRkOWE0YTg0MmM1ZjgzYjY3YjE1ZjE3ZjJiNTVkNA%3D%3D
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/5348771529001/938M1Zecs_default/index.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ BC
Resource Hash
436666262c4d5bc7140c698d60b94a8023a42b587bff26180c71cb79268a0736

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 15:13:10 GMT
via
1.1 varnish
age
0
x-powered-by
BC
x-cache
MISS
content-length
4470
x-served-by
cache-hhn4026-HHN
x-device-group
desktop-chrome
x-timer
S1666883590.669840,VS0,VE383
x-powered-from
gantry
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Server,Range,Content-Length,Content-Range
cache-control
s-maxage=1209600, max-age=1209600
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b69d6115-d715-966a-6ca0-742a76fed2a1&tv=%7Bc:sg12LC,pingTime:4,time:4409,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:331%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:4409,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:331,wc:0.0.1600.1200,ac:1124.794.300.90,am:i,cc:1124.794.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B4090~100%5D,as:%5B4090~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:168,fm:tltDEoD+1.928981%7C11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1o2%7C1p.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s*.10507%7C1s1%7C1t%7C1u,idMap:1s*,rmeas:1,rend:1,renddet:IMG.qs,siq:331,sis:520%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:09 GMT
server
nginx
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b69d6115-d715-966a-6ca0-742a76fed2a1&tv=%7Bc:sg12LC,pingTime:4,time:4409,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:331%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:4409,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:331,wc:0.0.1600.1200,ac:1124.794.300.90,am:i,cc:1124.794.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B4090~100%5D,as:%5B4090~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:168,fm:tltDEoD+1.928981%7C11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1o2%7C1p.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s*.10507%7C1s1%7C1t%7C1u,idMap:1s*,rmeas:1,rend:1,renddet:IMG.qs,siq:331,sis:520%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:09 GMT
server
nginx
x-server-name
dt16.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
segment1.ts
nws-bolt-amd-prod.akamaized.net/media/v1/hls/v4/clear/5348771529001/6ba274fa-fdf1-44ad-b7cd-df5a23811950/ad9aa343-4927-4993-a47a-7a88298f31db/5x/ 		952 KB
953 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nws-bolt-amd-prod.akamaized.net/media/v1/hls/v4/clear/5348771529001/6ba274fa-fdf1-44ad-b7cd-df5a23811950/ad9aa343-4927-4993-a47a-7a88298f31db/5x/segment1.ts?akamai_token=exp=1669303817~acl=/media/v1/hls/v4/clear/5348771529001/6ba274fa-fdf1-44ad-b7cd-df5a23811950/ad9aa343-4927-4993-a47a-7a88298f31db/*~hmac=5b58902fc67744b972131a234e0d31534eb44449c9178ced2e326509cefe5f01
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/5348771529001/938M1Zecs_default/index.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
184.24.77.198 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-198.deploy.static.akamaitechnologies.com
Software
/ BC
Resource Hash
f83c43a9c785c84df27d052d4a055a8d0118a04da63e01a0938698de6add2d23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

X-Cache-Hits
0
Date
Thu, 27 Oct 2022 15:13:10 GMT
X-Amz-Cf-Pop
SYD62-P2
X-Powered-By
BC
Backend-IP
18.67.108.32
BC-MID
true
Connection
keep-alive
Akamai-Mon-Iucid-Del
733363
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
974968
X-Served-By
cache-syd10168-SYD
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
X-Timer
S1666816929.496515,VS0,VE139
X-Powered-From
gantry
ETag
"2ed4910b8b7c2a14acda9ea2fa4b7e30"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del
Cache-Control
public, max-age=31469336
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
X-Amz-Cf-Id
DTpXRK6EMufO2kBe_Ogy6CMgqV_d4llpwF8KpU1ePTa3hyzNj3f9Cw==
Expires
Thu, 26 Oct 2023 20:42:06 GMT
gn
secure-dcr.imrworldwide.com/cgi-bin/ 		44 B
596 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_c16_S&asn=defChnAsset&fp_id=olchelhm6qoyiuhmfohgnhnc5gr2x1666883579&fp_cr_tm=1666883579702&fp_acc_tm=1666883579702&fp_emm_tm=1666883579702&ve_id=&sessionId=hcs1tfauj8qi0uiicq7mte3jgp5gt1666883579&tl=Qatar%20World%20Cup%202022&prv=1&c6=vc,c16&ca=au-102695_c16_6313008703112&cg=hwt%20sport%20videos&c13=asid,P16C8D000-5514-4C76-9A96-5F57C2693396&c32=segA,NA&c33=segB,NA&c34=segC,NA&c15=apn,hwt%20sport%20videos&plugv=&playerv=&sup=1&segment2=&segment1=&forward=0&ad=0&cr=4_00_99_V1_00000&c9=devid,&enc=true&c1=nuid,a1bsqtzye8dxffeaxoqt8s66xqhal1666883579&at=view&rt=video&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16668835797196151&c30=bldv,6.0.0.623&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&sd=109.397&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=6313008703112&c3=st,c&c64=starttm,1666883588&adid=6313008703112&c58=isLive,false&c59=sesid,snmgmzqbsfwdnlvq1dgp8ziwco72o1666883585&c61=createtm,1666883589&c63=pipMode,&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c77=adsuprt,1&uoo=&evdata=&c71=ottflg,0&c72=otttyp,none&c44=progen,&davty=0&si=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&c66=mediaurl,&sdd=&c62=sendTime,1666883589&rnd=310169
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.119.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-119-144.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:10 GMT
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=16f886c2-e3c9-5e6c-a8dc-38e2c2195686&tv=%7Bc:sg12ZH,pingTime:5,time:5653,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:1,h:1,t:599%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5653,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:599,wc:0.0.1600.1200,ac:1274.959.1.1,am:i,cc:1274.959.1.1,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5062~100%5D,as:%5B5062~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:154,fm:tltDEiE+1.928981%7C11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m.10507%7C1m1%7C1n1%7C1n2%7C1o*.10507%7C1o1%7C1p.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s.10507%7C1s1%7C1t%7C1u%7C1v,idMap:1o*,rmeas:1,rend:1,renddet:IMG.qs,siq:599,sis:831%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:10 GMT
server
nginx
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=16f886c2-e3c9-5e6c-a8dc-38e2c2195686&tv=%7Bc:sg12ZI,pingTime:5,time:5654,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:1,h:1,t:599%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5654,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:599,wc:0.0.1600.1200,ac:1274.959.1.1,am:i,cc:1274.959.1.1,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5063~100%5D,as:%5B5063~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:154,fm:tltDEiE+1.928981%7C11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m.10507%7C1m1%7C1n1%7C1n2%7C1o*.10507%7C1o1%7C1p.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s.10507%7C1s1%7C1t%7C1u%7C1v,idMap:1o*,rmeas:1,rend:1,renddet:IMG.qs,siq:599,sis:831%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:10 GMT
server
nginx
x-server-name
dt08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
/
newscorpau.hb.omtrdc.net/ 		0
39 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://newscorpau.hb.omtrdc.net/?s:sc:rsid=newscorpau-hsweb%2Cnewscorpau-global&s:sc:tracking_server=metrics.heraldsun.com.au&h:sc:ssl=1&s:user:mid=44663009312486261422608925643828939322&s:user:id=4266bc4de45aa575d451af048646f817&s:aam:blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&l:aam:loc_hint=6&s:sp:player_name=NewsCorp%20Brightcove%20Video%20Player&s:sp:hb_version=js-2.2.0.223-05c3c4&l:sp:hb_api_lvl=4&s:event:sid=1666883585273467586033&s:event:type=play&l:event:duration=1002&l:event:playhead=1&l:event:ts=1666883590260&l:event:prev_ts=1666883589258&s:asset:type=main&s:asset:name=Qatar%20World%20Cup%202022&s:asset:video_id=6313008703112&s:asset:publisher=5FE61C8B533204850A490D4D%40AdobeOrg&l:asset:length=109&s:stream:type=vod&l:stream:bitrate=5000&l:stream:fps=24&l:stream:dropped_frames=10&l:stream:startup_time=0
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/heartbeat/v2.2.0/MediaSDK.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 27 Oct 2022 15:13:10 GMT
cache-control
no-cache, no-store, max-age=0, no-transform, private
x-content-type-options
nosniff
server
jag
x-xss-protection
1; mode=block
segment2.ts
nws-bolt-amd-prod.akamaized.net/media/v1/hls/v4/clear/5348771529001/6ba274fa-fdf1-44ad-b7cd-df5a23811950/ad9aa343-4927-4993-a47a-7a88298f31db/5x/ 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nws-bolt-amd-prod.akamaized.net/media/v1/hls/v4/clear/5348771529001/6ba274fa-fdf1-44ad-b7cd-df5a23811950/ad9aa343-4927-4993-a47a-7a88298f31db/5x/segment2.ts?akamai_token=exp=1669303817~acl=/media/v1/hls/v4/clear/5348771529001/6ba274fa-fdf1-44ad-b7cd-df5a23811950/ad9aa343-4927-4993-a47a-7a88298f31db/*~hmac=5b58902fc67744b972131a234e0d31534eb44449c9178ced2e326509cefe5f01
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/5348771529001/938M1Zecs_default/index.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
184.24.77.198 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-198.deploy.static.akamaitechnologies.com
Software
/ BC
Resource Hash
30febf5305fd5b7f50e0159126aa7d62a6554f0c3c4181aed44385a9aa2e0df9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

X-Cache-Hits
1
Date
Thu, 27 Oct 2022 15:13:10 GMT
X-Amz-Cf-Pop
SYD62-P2
X-Powered-By
BC
Backend-IP
18.67.108.195
BC-MID
true
Connection
keep-alive
Akamai-Mon-Iucid-Del
733363
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
1269752
X-Served-By
cache-syd10154-SYD
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
X-Timer
S1666817109.461733,VS0,VE1
X-Powered-From
gantry
ETag
"54b88b04a6d16bc2f733c6754c7a1aa7"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del
Cache-Control
public, max-age=31469397
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
X-Amz-Cf-Id
cqwbE89tErrRI1f_Mm3p6_ImGL3WNnUviPcKwK5oB5wBkEwZ66brew==
Expires
Thu, 26 Oct 2023 20:43:07 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b69d6115-d715-966a-6ca0-742a76fed2a1&tv=%7Bc:sg131K,pingTime:5,time:5409,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:331%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5409,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:331,wc:0.0.1600.1200,ac:1124.794.300.90,am:i,cc:1124.794.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5090~100%5D,as:%5B5090~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:164,fm:tltDEoD+1.928981%7C11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1o2%7C1p.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s*.10507%7C1s1%7C1t%7C1u,idMap:1s*,rmeas:1,rend:1,renddet:IMG.qs,siq:331,sis:520%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:10 GMT
server
nginx
x-server-name
dt15.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b69d6115-d715-966a-6ca0-742a76fed2a1&tv=%7Bc:sg131K,pingTime:5,time:5409,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:331%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5409,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:331,wc:0.0.1600.1200,ac:1124.794.300.90,am:i,cc:1124.794.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5090~100%5D,as:%5B5090~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:164,fm:tltDEoD+1.928981%7C11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1o2%7C1p.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s*.10507%7C1s1%7C1t%7C1u,idMap:1s*,rmeas:1,rend:1,renddet:IMG.qs,siq:331,sis:520%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:10 GMT
server
nginx
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
tracker
metrics.brightcove.com/v2/ 		35 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=5e4db17f73ec5d5431bc1c38&account=5348771529001&destination=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Ffootball%2Ffifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar%2Fnews-story%2F06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd&platform_version=6.63.5&player=players.brightcove.com%2F5348771529001%2F938M1Zecs_default&player_name=%5BPROD%5D%20-%20v6.63&source=https%3A%2F%2Fcontent.isentia.io%2F&time=1666883590717&usage=chromecastReceiver!2.3.1%2Chls-demuxed%2Chls-player-access%2Chls-timestamp-offset%2Cvariant%253Aen%2Cvhs-demuxed%2Cvhs-rendition-change-bandwidthupdate%2Cvhs-timestamp-offset&event=video_engagement&player_height=515&player_width=916&video_duration=108.32&video=6313008703112&video_name=Qatar%20World%20Cup%202022&rendition_url=https%3A%2F%2Fmanifest.prod.boltdns.net%2Fmanifest%2Fv1%2Fhls%2Fv4%2Fclear%2F5348771529001%2F6ba274fa-fdf1-44ad-b7cd-df5a23811950%2Fad9aa343-4927-4993-a47a-7a88298f31db%2F10s%2Frendition.m3u8%3Ffastly_token%3DNjM3ZjhlMDdfN2U4M2U2ZGQwZDI4Y2Q0ZDY3NzA5MDQ1YmM1N2E2MzFkZTRkOWE0YTg0MmM1ZjgzYjY3YjE1ZjE3ZjJiNTVkNA%253D%253D&rendition_indicated_bps=892100&rendition_mime_type=application%2Fvnd.apple.mpegurl&rendition_height=360&rendition_width=640&media_requests=7&media_transfer_duration=1565&media_bytes_transferred=4737600&measured_bps=16524881&media_seconds_loaded=59.68&rebuffering_seconds=1.3&forward_buffer_seconds=18.309366&media_url=https%3A%2F%2Fmanifest.prod.boltdns.net%2Fmanifest%2Fv1%2Fhls%2Fv4%2Fclear%2F5348771529001%2F6ba274fa-fdf1-44ad-b7cd-df5a23811950%2F10s%2Fmaster.m3u8%3Ffastly_token%3DNjM3ZThmYmRfMzA2NjU5NGJiNjJmNDhmNWJjNTIwNDBlZTY3OTc3ZDFiZmI2ZGZhMjlhY2Q5OThjZTJjM2UyNDVjNGM3ZjQ0NA%253D%253D&qos.derived_range=0..0&range=0..0&qos.bitrates=%7B%22bitrates%22%3A%5B%5B1666883589620%2C90661120%5D%5D%2C%22playlists%22%3A%5B%5B1666883590066%2C90661120%2C892100%5D%5D%2C%22rendered%22%3A%5B%5B1666883589135%2C1437700%5D%2C%5B1666883590714%2C892100%5D%5D%2C%22throughput%22%3A%5B%5B1666883589620%2C131496865%5D%5D%7D&qos.events.content.volumechange=%5B1666883580001%2C1666883580002%5D&qos.events.content.durationchange=1666883580016&qos.events.content.loadstart=1666883580017&qos.events.ad.play=1666883585264&qos.events.ad.ads-ad-started=1666883586581&qos.events.ad.loadedmetadata=1666883588872&qos.events.ad.loadeddata=1666883588993&qos.events.content.playing=1666883588994&qos.events.content.canplaythrough=1666883589007&qos.player.dimensions=%5B%5B1666883588872%2C%220x0%22%2C%22916x515.25%22%5D%5D&qos.player.pixelratio=%5B%5B1666883588872%2C1%5D%5D&qos.player.screendimensions=%5B%5B1666883588872%2C%221600x1200%22%5D%5D&qos.frames.dropped=0&qos.frames.corrupted=0&qos.frames.total=46&seq=9_0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
cache-control
must-revalidate,no-cache,no-store
via
1.1 google
date
Thu, 27 Oct 2022 15:13:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=e2fb49ea-e6ae-df74-7934-5bc3272a49b2&tv=%7Bc:sg135n,time:5540,type:e,env:%7Bnr_p:5%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:5540,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:276,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B5274~0%5D,as:%5B5274~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:147,fm:tltDEoD+1.928981%7C11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m*.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1o2%7C1p.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s.10507%7C1s1%7C1s2%7C1t%7C1u,idMap:1m*,rmeas:1,rend:0,renddet:IMG.us,siq:277,sis:436%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:10 GMT
server
nginx
x-server-name
dt24.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
segment3.ts
nws-bolt-amd-prod.akamaized.net/media/v1/hls/v4/clear/5348771529001/6ba274fa-fdf1-44ad-b7cd-df5a23811950/ad9aa343-4927-4993-a47a-7a88298f31db/5x/ 		767 KB
768 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nws-bolt-amd-prod.akamaized.net/media/v1/hls/v4/clear/5348771529001/6ba274fa-fdf1-44ad-b7cd-df5a23811950/ad9aa343-4927-4993-a47a-7a88298f31db/5x/segment3.ts?akamai_token=exp=1669303817~acl=/media/v1/hls/v4/clear/5348771529001/6ba274fa-fdf1-44ad-b7cd-df5a23811950/ad9aa343-4927-4993-a47a-7a88298f31db/*~hmac=5b58902fc67744b972131a234e0d31534eb44449c9178ced2e326509cefe5f01
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/5348771529001/938M1Zecs_default/index.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
184.24.77.198 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-198.deploy.static.akamaitechnologies.com
Software
/ BC
Resource Hash
367d8126fabf6dbaeb2230cb7df06de820c79c83de05836e252a4fbb5b1d0ba2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

X-Cache-Hits
1
Date
Thu, 27 Oct 2022 15:13:10 GMT
X-Amz-Cf-Pop
SYD1-C2
X-Powered-By
BC
Backend-IP
13.224.177.69
BC-MID
true
Connection
keep-alive
Akamai-Mon-Iucid-Del
733363
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
785464
X-Served-By
cache-syd10142-SYD
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
X-Timer
S1666817110.961862,VS0,VE2
X-Powered-From
gantry
ETag
"20b8fad9b5a7bd627d6d5a5bf0c4904a"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del
Cache-Control
public, max-age=31469430
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
X-Amz-Cf-Id
Wx-BvtwVh-KRtwyeMtlHeyh3HmuS92jVyUDemYT5Q2EsPnMxBkoE1g==
Expires
Thu, 26 Oct 2023 20:43:40 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b69d6115-d715-966a-6ca0-742a76fed2a1&tv=%7Bc:sg13hS,pingTime:6,time:6409,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:331%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:6409,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:331,wc:0.0.1600.1200,ac:1124.794.300.90,am:i,cc:1124.794.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B6090~100%5D,as:%5B6090~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:118,fm:tltDEoD+1.928981%7C11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1o2%7C1p.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s*.10507%7C1s1%7C1t%7C1u,idMap:1s*,rmeas:1,rend:1,renddet:IMG.qs,siq:331,sis:520%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:11 GMT
server
nginx
x-server-name
dt15.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b69d6115-d715-966a-6ca0-742a76fed2a1&tv=%7Bc:sg13hS,pingTime:6,time:6409,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:331%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:6409,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:331,wc:0.0.1600.1200,ac:1124.794.300.90,am:i,cc:1124.794.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B6090~100%5D,as:%5B6090~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:118,fm:tltDEoD+1.928981%7C11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1o2%7C1p.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s*.10507%7C1s1%7C1t%7C1u,idMap:1s*,rmeas:1,rend:1,renddet:IMG.qs,siq:331,sis:520%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:74e5:b428:3504:8805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 15:13:11 GMT
server
nginx
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		0
0
dt
dt.adsafeprotected.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/akam/13/a597217
Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/yxSK/m6Xk/LMG/LMy/Nj7w/9bz1c6rcaGz5/RSlQbENwKAI/ehQdU/l03WXMB
Domain
dt.adsafeprotected.com
URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b69d6115-d715-966a-6ca0-742a76fed2a1&tv=%7Bc:sg13y0,pingTime:7,time:7409,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:331%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:7409,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:331,wc:0.0.1600.1200,ac:1124.794.300.90,am:i,cc:1124.794.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B7090~100%5D,as:%5B7090~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:169,fm:tltDEoD+1.928981%7C11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1o2%7C1p.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s*.10507%7C1s1%7C1t%7C1u,idMap:1s*,rmeas:1,rend:1,renddet:IMG.qs,siq:331,sis:520%7D&br=c
Domain
dt.adsafeprotected.com
URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b69d6115-d715-966a-6ca0-742a76fed2a1&tv=%7Bc:sg13y0,pingTime:7,time:7409,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:331%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:7409,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:331,wc:0.0.1600.1200,ac:1124.794.300.90,am:i,cc:1124.794.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B7090~100%5D,as:%5B7090~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:169,fm:tltDEoD+1.928981%7C11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1o2%7C1p.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s*.10507%7C1s1%7C1t%7C1u,idMap:1s*,rmeas:1,rend:1,renddet:IMG.qs,siq:331,sis:520%7D&br=c

Verdicts & Comments Add Verdict or Comment

386 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| newscorpau object| LongTaskObserver object| LUX object| LUX_ae object| LUX_al object| _taboola object| utag_data object| newskey object| bruce_rtget object| ads_api string| bazadebezolkohpepadr function| loadCoral object| TRC object| _tblConsole string| pm_pgtp undefined| msg object| _comscore function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd string| _tb_vpx function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter object| COMSCORE function| udm_ object| ns_p function| TBClickToPlayVideo function| TBClickToPlayVideoElem function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| oi object| _pm_mcg boolean| _tb_vd_pg undefined| $ function| jQuery number| topicIndex function| admiral object| googletag number| taboola_view_id function| loadjs boolean| isLoadedIndiesJs object| _vms object| placementData string| nam function| webpackHotUpdate object| regeneratorRuntime function| Rampart object| loginStatusPromise function| 4dm1r11545242527 string| urhehlevkedkilrobacf object| __twttrll object| twttr object| __twttr object| lazySizes function| algoliasearch object| googleImaVansAdapter object| vidora_ns object| vidora object| ADB function| vidoraTrackExtraElements object| vidoraHelper object| app boolean| VIDEOJS_NO_DYNAMIC_STYLE function| videojs object| httpStreaming function| videojsPerSourceBehaviors function| videojsBcAnalytics function| videojsErrors object| videojsBcCatalog object| videojsDock function| videojsPlaylist function| videojsSsai function| bc object| auth object| utag_err boolean| utag_condload object| domains object| parts string| p object| versaTag object| utag number| _sf_startpt object| _sf_async_config object| _cbq function| fetchGDPR function| _tealium_old_error boolean| __tealium_twc_switch object| nb undefined| rea_site_short string| site_short string| pathname string| loc object| theseAddresses object| notTheseAddresses object| nrm_sites object| sectionData number| _sf_endpt object| unruly object| __alloyMonitors object| __alloyNS function| alloy number| gptPluginLoaded object| apstag number| gcTicker object| m object| nca_ipsos object| dm object| nn object| NOLBUNDLE object| __ni0 number| nielsenSinglePageEvent object| metrics object| mready object| mconfig function| AppMeasurement function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_Media object| adobe function| Visitor object| s_c_il number| s_c_in object| s number| sp object| domainArray object| visitor number| s_objectID number| s_giq function| DIL number| width number| height object| utmParts object| intParts object| KAMPYLE_EMBED object| ads_core object| ads_extra string| nk function| ad_tl_cb number| PREBID_CONV_RATE number| PREBID_TIMEOUT object| __iasPET number| AMAZON_APS_TIMEOUT object| kw_ignore function| clearImmediate function| setImmediate object| atsenvelopemodule object| ats function| pbjsChunk object| pbjs object| _pbjsGlobals object| ncg_data object| GlobalSnowplowNamespace function| _ncg_snowplow object| Snowplow string| matchId object| ggeac object| google_tag_data object| google_js_reporting_queue boolean| apstagLOADED function| clsn object| dicnf number| google_srt function| btrp function| pdib3 function| vv function| sasrc function| stcc object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv function| WebVTT boolean| isFetchedIndies function| parcelRequire object| diagPixSentCodes object| __iasAdRefreshConfig object| ajax object| instance object| versaTagObj object| EBG object| EBGVT object| EBGUIP string| EBservingMode object| gEBMainWindow object| $this object| providersData function| omrhp function| videojsChromecastReceiver function| __onGCastApiAvailable function| _typeof object| ns object| paramsPassed object| stateObject object| errorState string| BUILDVERSION object| stateEvents object| 6313008703112 undefined| google_measure_js_timing boolean| hasApsUnits object| ads_ready function| GeaLoader object| vttjs object| tbopt object| UrlCache object| SUBSCRIPTIONS object| SWG object| cast object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| closure_lm_480517 boolean| DotMetricsInitScript object| DotMetricsSettings object| closure_lm_887182 object| indieApps undefined| oneTagObj function| ebDecode object| bsResponseObj object| categoryData object| DotmetricsJSON object| CryptoJS object| DotMetricsObj string| videoId string| s_tnt function| cookieWrite function| cookieRead string| g function| formatTime string| pageName function| p_fo boolean| ppvChange string| ppvID object| __fo object| s_i_newscorpau-hsweb_newscorpau-global object| MDIGITAL object| KAMPYLE_CONSTANT object| KAMPYLE_FUNC object| KAMPYLE_DATA object| KAMPYLE_TARGETING object| KAMPYLE_ANIMATION object| KAMPYLE_VIEW object| KAMPYLE_MESSAGE object| KAMPYLE_UTILS object| KAMPYLE_EVENT_DISPATCHER object| KAMPYLE_GA object| MDIGITAL_ELEMENT_BUILDER object| COOLADATA_CODE object| KAMPYLE_COOLADATA object| KAMPYLE_COMMON object| KAMPYLE_THERMO_TEALEAF_FUNC object| KAMPYLE_ADOBE_ANALYTICS object| KAMPYLE_SCREEN_CAPTURE object| KAMPYLE_ONSITE_SDK object| KAMPYLE_INTEGRATION object| cooladata object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| GoogleGcLKhOms object| linkTrackVars object| google_image_requests object| __IntegralASExec function| __IntegralASDiagnosticCall object| __IntegralASConfig object| __IASScope boolean| isDomless object| __IASOmidVerificationClient undefined| __IntegralAS_3a078cf4cebbb2c8d1f6b1d4de8a0b3c_2212

95 Cookies

Domain/Path Name / Value
.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story Name: nk
Value: 4266bc4de45aa575d451af048646f817
.heraldsun.com.au/ Name: n_regis
Value: 123456789
.news.com.au/ Name: nk
Value: 4266bc4de45aa575d451af048646f817
.heraldsun.com.au/ Name: nk_debug
Value: nk_set
.heraldsun.com.au/ Name: nk_ts
Value: 1666883571
.heraldsun.com.au/ Name: nk
Value: 4266bc4de45aa575d451af048646f817
.heraldsun.com.au/ Name: bm_mi
Value: 04906C670559520B99452E001D23094E~YAAQxLoQAvdb4wKEAQAAN90AGhEaq/Um7foQzCKFLIf5I2hov0ZsXD6r1g2kZJeL88GD18zA66AskEQqTI1HgMoogvicAb3G/gOF083TZdWMXn29b2shpik+jv+DSUI1pIE8Tmj2O+6hCoOQpbBNV8pnW5Lu5aiJZrLqAA6qRIXZKforwXdz6JxAkbIBlggbB3eIyhlUtbdc3cBwUIBBbm9JhQ58am3/SCh0fr626v5b7jJ45X/UVu9xazZoGVz/LQn40eMtLtDUUwBGoGkWQrDneWA7z+uO/HvneL9HaXRKuPMgyyGuCEjjD9yebP63QeLn/uX3CJv78jHraNBhMd3vtoZwSEo9Wal+7RK0gv+/T4CnN4bW5wro9F50hmjo1icIe7TSDEb2FxXOxu6vX8hWGpzgKAop8czvfsvWDebaWA5OTFNsj3S1agIRkBokIUZDxouF82kfaKe7+OO2gdfSlg/JD4m+9rw6~1
www.heraldsun.com.au/ Name: lux_uid
Value: 166688357785650642
www.heraldsun.com.au/ Name: _tb_sess_r
Value: https%3A//content.isentia.io/
www.heraldsun.com.au/ Name: _tb_t_ppg
Value: https%3A//www.heraldsun.com.au/sport/football/fifa-world-cup-socceroos-protest-human-rights-abuses-in-qatar/news-story/06ae81845d541688c402efd2ac9e7805%3Fbtr%3D23e3f2c389fc12ce08c4a6d59e7c39dd
www.heraldsun.com.au/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D4f464d79-e4e7-4701-9c99-6153d7c32bee-tucta54257a
www.heraldsun.com.au/ Name: vidoraUserId
Value: aan83ckvs88bee7ip4e5k6urnl2p1b
.heraldsun.com.au/ Name: _awl
Value: 3.1666883579.0.5-f3f7d3940eb40c8249c93760cdc70c9d-6763652d6575726f70652d7765737431-0
.heraldsun.com.au/ Name: utag_main
Value: v_id:01841a00ed3100191ac9c0dfa18f0307400ba06c00b08$_sn:1$_se:1$_ss:1$_st:1666885379186$ses_id:1666883579186%3Bexp-session$_pn:1%3Bexp-session
login.newscorpaustralia.com/ Name: did
Value: s%3Av0%3Ad7aa25a0-5609-11ed-b0f2-abd7c130cb61.TgOBiuGy5eFMeeh1H4D13CJjjS%2FYUMzAnmmOQhdGUDc
.heraldsun.com.au/ Name: nc_eu
Value: y
.heraldsun.com.au/ Name: metrics_pcsid
Value: not%20set
.heraldsun.com.au/ Name: _ncg_sp_ses.ff50
Value: *
.heraldsun.com.au/ Name: _ncg_sp_id.ff50
Value: 1c4d9f37-b410-4155-b7e3-6e20de804fee.1666883579.1.1666883579.1666883579.9168f6e2-b273-479c-b3dd-f31b50af4aa3
.heraldsun.com.au/ Name: _cb
Value: 5LINFCrnAmMrNRWh
.heraldsun.com.au/ Name: _chartbeat2
Value: .1666883579473.1666883579473.1.QGWasB1RixZBl84vYOP84pClHEvS.1
.heraldsun.com.au/ Name: _cb_svref
Value: https%3A%2F%2Fcontent.isentia.io%2F
.heraldsun.com.au/ Name: _v__chartbeat3
Value: C4OI13DBQVbPBxz3_t
.heraldsun.com.au/ Name: nol_fpid
Value: olchelhm6qoyiuhmfohgnhnc5gr2x1666883579|1666883579702|1666883579720|1666883579882
.imrworldwide.com/ Name: IMRID
Value: d83db310-5609-11ed-8298-73ed3ff38a3e
.demdex.net/ Name: demdex
Value: 44641758690432309162611042459969887008
www.heraldsun.com.au/ Name: AWSALB
Value: eyTr3ve+ko7cH61QDO8knM1fq8XQZ3i1Sl2KRWbME08oKCDGnkzkN11abDTiGx04xwApnV09k04rhQlbTt1y8yW5ccDTdLlxgucUtvQSD4dg99MWOzfaQ8t2OECf
.heraldsun.com.au/ Name: ak_bmsc
Value: 994570D383AFFA2D2B54D2E7CE85EB3A~000000000000000000000000000000~YAAQxLoQAnlc4wKEAQAAY/EAGhHUgEkDMfsRaWrkdbhh7QDcPYg9U4KGllNCNyg54pXaSuaUJD0oyDxLShK9W9A9Kbm4KFS2HwZaQZtLGYFgbFKIQdkB0tBGzG338nclgswUfHbIU3tdK5OV3dL8jGTc9upq/xGmnz8LKmpaCEVp+ErJg5+nAfLy6g1OuzAA87cQ99iOoh64fz3RTF4+9wtGWaEukzzdjtfXA93AG3jsKQ798J6QA0OcW6wr5jqqVUP52hGvRDJpNQvnV85xHpbzyrKGTP1kfD4L+VX5uagulB26fyElTyuhivY5FORQEKeWE46U6Y/q4RdiiFbzqoEaZwgvsVhcCt6MKd+w7B41rUeR0r2AoFCfbrXOKq9QCRWvvf0mJZX0CeBSyFHFxF/cDz2gzG19KN6YTw==
www.heraldsun.com.au/ Name: AWSALBCORS
Value: eyTr3ve+ko7cH61QDO8knM1fq8XQZ3i1Sl2KRWbME08oKCDGnkzkN11abDTiGx04xwApnV09k04rhQlbTt1y8yW5ccDTdLlxgucUtvQSD4dg99MWOzfaQ8t2OECf
.heraldsun.com.au/ Name: AMCVS_5FE61C8B533204850A490D4D%40AdobeOrg
Value: 1
bs.serving-sys.com/ Name: OT_6630
Value: 1
.serving-sys.com/ Name: ActivityInfo2
Value: 004c3mCmb0_
.serving-sys.com/ Name: G4
Value: 0009fM00IE_
.serving-sys.com/ Name: OT2
Value: 0001DC1rr.
.serving-sys.com/ Name: u2
Value: 73f44a4d-e943-4f7f-b2b4-c82955260af64Js060
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y1qf-AAAAIVXwANn
.adnxs.com/ Name: uuid2
Value: 7337932381638733622
.dotmetrics.net/ Name: DotMetrics.DeviceKey
Value: DeviceID=
.dotmetrics.net/ Name: DotMetrics.UniqueUserIdentityCookie
Value: UserID=258d738f-e862-4798-9568-7d823459f6ab&Created=10/27/2022 15:13:00&UserMode=0&guid=80e63195-150c-403d-b80f-91c4c1c077fb&ver=1
.heraldsun.com.au/ Name: _gcl_au
Value: 1.1.169637860.1666883581
.doubleclick.net/ Name: IDE
Value: AHWqTUkfjAGx1BikmmyR3OVOcDzO_7jrquEMzjO8LY1REOoKLob6hSIvX8KAic8rGtc
.mookie1.com/ Name: id
Value: 10525475281173069449
.mookie1.com/ Name: mdata
Value: 1|10525475281173069449|1666883581122
.mookie1.com/ Name: ov
Value: 905367954eb3e06acecd20a2d65cd1c1
.t.co/ Name: muc_ads
Value: 3f6ce48f-df5f-4812-a9d1-e114e5b49a02
.twitter.com/ Name: personalization_id
Value: "v1_ahpvaFINmh1itN1zPtZxDQ=="
.dpm.demdex.net/ Name: dpm
Value: 44641758690432309162611042459969887008
.linkedin.com/ Name: UserMatchHistory
Value: AQLrsIWdLx3yewAAAYQaAPZQ_4sYj-yXpV0U8YhRfGaxWLCj8MpNFg1pab4n6X3rRlBdmCezBStlQw
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJxVtYOJWIopAAAAYQaAPZQmajiOu_SYGbRkfDUDt3IUB34A6rwGXjwWeC16gIT3Ne9Gz97Xgqz4fvlayThBg
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&7e78666d-b433-41a9-8649-51cfc8f32c9b"
.linkedin.com/ Name: lidc
Value: "b=OGST00:s=O:r=O:a=O:p=O:g=2837:u=1:x=1:i=1666883581:t=1666969981:v=2:sig=AQGkiRn-DhuYyyhKOhxyKcFulVkmfFf0"
.heraldsun.com.au/ Name: s_ecid
Value: MCMID%7C44663009312486261422608925643828939322
www.heraldsun.com.au/ Name: DM_SitId1557
Value: 1
www.heraldsun.com.au/ Name: DM_SitId1557SecId13222
Value: 1
.heraldsun.com.au/ Name: bm_sv
Value: 4DADA97D00945396C746EDDDBA0BCB04~YAAQxLoQAn5c4wKEAQAA6fEAGhGb5KWVwyRXioL9CtHx7bAr6xBRD3IWsB4FXIZ1O0uZiJORsZA+XEjev39geZQnrY4wNTe9rCD2/4hl5v/5Bo8f1iQtlNC4sSVaPGVlVSElSy2q4LHK6rSZ673mmS+ylIjT8mz9Jjogk2CPO+Ojnw2rQ0seD46sARRxNNzql42KweJwG4rVrLPhHCDr1hFgLLaqOhReBh/OEFHI8y7SZ5S3UOxKIxOQT10cbH5GwwUa6xLn~1
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&202210271513014746157b-c6e8-4c7d-878b-4802e8803b40AQHg_J7A1CgCFG6tHIDBXx8femyk_PU0"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NjY4ODM1ODE7MjswMjGxgIXCTGlZEF8RAHMrblzafXCpRMcm/4b2x7gGFY92KA==
.heraldsun.com.au/ Name: AMCV_5FE61C8B533204850A490D4D%40AdobeOrg
Value: -637568504%7CMCIDTS%7C19293%7CMCMID%7C44663009312486261422608925643828939322%7CMCAAMLH-1667488381%7C6%7CMCAAMB-1667488381%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCCIDH%7C1881871451%7CMCOPTOUT-1666890781s%7CNONE%7CMCSYNCSOP%7C411-19300%7CMCAID%7CNONE%7CvVersion%7C5.1.1
.heraldsun.com.au/ Name: c_m
Value: content.isentia.ioOther%20Natural%20Referrersundefined
.heraldsun.com.au/ Name: s_inv
Value: 0
.heraldsun.com.au/ Name: s_ppn
Value: hs%7Csport%7Cmc_widget%7Csocceroos%E2%80%99%20world-first%20world%20cup%20protest
.heraldsun.com.au/ Name: s_ips
Value: 1200
.heraldsun.com.au/ Name: s_tp
Value: 7354
.heraldsun.com.au/ Name: s_ppv
Value: hs%257Csport%257Cmc_widget%257Csocceroos%25E2%2580%2599%2520world-first%2520world%2520cup%2520protest%2C16%2C16%2C1200%2C1%2C6
.heraldsun.com.au/ Name: s_cc
Value: true
au-script.dotmetrics.net/ Name: AWSALBCORS
Value: cCGlXRsUvNBLP2sv1sEZjytRJFDb+Sw6NNudQxprH/u/jmN18nee0PIWxZdd4BpWewwHRtiDMFnpaI1SkGCetrYCjLMWkTICNIP2V6nR79sQeR1Xk6clqUNshVb2
www.heraldsun.com.au/ Name: mdLogger
Value: false
www.heraldsun.com.au/ Name: kampyle_userid
Value: 06c8-334d-3897-c5ee-111d-9aca-6a6b-937b
www.heraldsun.com.au/ Name: kampyleUserSession
Value: 1666883582913
www.heraldsun.com.au/ Name: kampyleUserSessionsCount
Value: 1
www.heraldsun.com.au/ Name: kampyleSessionPageCounter
Value: 1
www.heraldsun.com.au/ Name: kampyleUserPercentile
Value: 33.66229989996259
.turn.com/ Name: uid
Value: 4331909082144440366
.casalemedia.com/ Name: CMID
Value: Y1qf-zKXGgP48xwlsZrpJAAA
.casalemedia.com/ Name: CMPS
Value: 5168
.casalemedia.com/ Name: CMPRO
Value: 5168
.eyeota.net/ Name: SERVERID
Value: 20358~DM
.scanscout.com/ Name: uid
Value: CI-74aa78b14504c4740dc728ec6bbc460a
.scanscout.com/ Name: UIAA
Value: 44641758690432309162611042459969887008
.scanscout.com/ Name: UIXX_UPDT
Value: "UIAA=1666883583868"
.bluekai.com/ Name: bku
Value: pSL999YQVZw1Ig1f
.bluekai.com/ Name: bkpa
Value: KJy9CxObd02pSUHknpxpmEQhwtkAwEx6BMxhBpDTBMAyBe101p981ER0BMWh1ex0BeD8mER8meQl1e9TJ7Jkjsk0wVC65cOpJEBOJEJsJEJsjcO+nZHkqVHkKY8rjUxk1AjoR71k16aAzskAJEBW1E161eAtJE/tjcON5VkAJEBWJE/6U6JnUNPPuDxe9eg8Jnx=
.heraldsun.com.au/ Name: __gads
Value: ID=a3e9de5b583b958b:T=1666883583:S=ALNI_MaDhZfYBx3HJGqISRR68FvAJdJl4A
.heraldsun.com.au/ Name: __gpi
Value: UID=00000b78cd9d50ad:T=1666883583:RT=1666883583:S=ALNI_Mbpb-jkguD3FOPBrIEKwxZt-BbZJg
.krxd.net/ Name: _kuid_
Value: PKcX6jmM
.adnxs.com/ Name: anj
Value: dTM7k!M4.FErk#WF']wIg2In=x0=bO!]taR'=P'3ART]RDCUk8(w<Dv=`j.j!rj-/Id!q/NZJ=4F!Jtb#BI7y)JEhfBoQA90L-6)ffT_k:Oy21P)j.gn!YC+
.casalemedia.com/ Name: CMTS
Value: 5280
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Y1qf-AAAAIVXwANn&KRTB&22978-Y1qf-AAAAIVXwANn&KRTB&23194-Y1qf-AAAAIVXwANn&KRTB&23209-Y1qf-AAAAIVXwANn
.pubmatic.com/ Name: PugT
Value: 1666883584
.spotxchange.com/ Name: audience
Value: db33f026-5609-11ed-9b89-10a0cca80106
.demdex.net/ Name: dextp
Value: 358-1-1666883582735|470-1-1666883582839|481-1-1666883582943|771-1-1666883583048|903-1-1666883583151|19566-1-1666883583252|23728-1-1666883583355|30432-1-1666883583459|30064-1-1666883583563|66757-1-1666883583664|134096-1-1666883583765|144230-1-1666883583908|144231-1-1666883584010|144232-1-1666883584111|144233-1-1666883584305|144234-1-1666883584427|144235-1-1666883584540|144236-1-1666883584759|144237-1-1666883584862|147592-1-1666883585221|461447-1-1666883585424
.heraldsun.com.au/ Name: s_nr30
Value: 1666883589131-New
.heraldsun.com.au/ Name: s_tslv
Value: 1666883589131

8 Console Messages

Source Level URL
Text
security error
Message:
[Report Only] Refused to frame 'https://login.newscorpaustralia.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=149558785668.11887?
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=149558785668.11887?(Line 145)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=149558785668.11887?(Line 145)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network error URL: https://login.newscorpaustralia.com/csp-reports
Message:
Failed to load resource: the server responded with a status of 403 ()
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/flag-logo-60574-circle.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://resources.newscdn.com.au/cs/chronicle/images/svg/sports-logos/football/flag-logo-60513-circle.svg
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0660dee00155a668dad584718d1aab52.safeframe.googlesyndication.com
8228261.fls.doubleclick.net
acdn.adnxs.com
ad.doubleclick.net
adservice.google.com
adservice.google.sk
am-trc-events.taboola.com
analytics.twitter.com
api.vidora.com
assets.vidora.com
ats-wrapper.privacymanager.io
au-gmtdmp.mookie1.com
au-script.dotmetrics.net
au.tags.newscgp.com
beacon.krxd.net
bedsberry.com
bs.serving-sys.com
c.amazon-adsystem.com
cdn-gl.imrworldwide.com
cdn.adsafeprotected.com
cdn.ampproject.org
cdn.speedcurve.com
cdn.syndication.twimg.com
cdn.taboola.com
cds.taboola.com
cf-images.ap-southeast-2.prod.boltdns.net
cm.everesttech.net
cm.g.doubleclick.net
content.api.news
content.isentia.io
csi.gstatic.com
csp.newscdn.com.au
d.turn.com
dpm.demdex.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
dt.scanscout.com
edge.api.brightcove.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hcs1tfauj8qi0uiicq7mte3jgp5gt1666883579.nuid.imrworldwide.com
ib.adnxs.com
image2.pubmatic.com
image5.pubmatic.com
images.taboola.com
imasdk.googleapis.com
insight.adsrvr.org
js.adsrvr.org
lm.serving-sys.com
login.newscorpaustralia.com
m.doubleclick.net
manifest.prod.boltdns.net
marketingplatform.google.com
match.adsrvr.org
metrics.brightcove.com
metrics.heraldsun.com.au
mhr.talk.news.com.au
nebula-cdn.kampyle.com
news-networkeditorial.s3.ap-southeast-2.amazonaws.com
news.google.com
newscorpau.demdex.net
newscorpau.hb.omtrdc.net
nws-bolt-amd-prod.akamaized.net
pagead2.googlesyndication.com
pbs.twimg.com
pgxiyq3qc93rfflxsmvfnm5qqxrzv1666883579.nuid.imrworldwide.com
ping.chartbeat.net
pips.taboola.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
platform.twitter.com
play.google.com
players.brightcove.net
ps.eyeota.net
pubads.g.doubleclick.net
px.ads.linkedin.com
px4.ads.linkedin.com
r2---sn-4g5ednsz.gvt1.com
redirector.gvt1.com
resources.newscdn.com.au
resourcesssl.newscdn.com.au
s0.2mdn.net
s3-ap-southeast-2.amazonaws.com
sb.scorecardresearch.com
secure-dcr.imrworldwide.com
secure-ds.serving-sys.com
secure-sdk.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
snap.licdn.com
ssum.casalemedia.com
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
statsapi.foxsports.com.au
subscriptions.heraldsun.com.au
sync-tm.everesttech.net
sync.1rx.io
sync.search.spotxchange.com
syndication.twitter.com
t.co
tags.bluekai.com
tags.news.com.au
tags.tiqcdn.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
ts2020-indies-client.web.app
udc-neb.kampyle.com
url4195.isentia.com
us-u.openx.net
use.fontawesome.com
usermatch.krxd.net
video.twimg.com
vjs.zencdn.net
widget.perfectmarket.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.heraldsun.com.au
www.linkedin.com
dt.adsafeprotected.com
login.newscorpaustralia.com
104.18.19.126
104.244.42.131
104.244.42.69
104.244.42.72
104.75.88.194
104.75.88.206
13.107.42.14
13.32.27.119
13.32.27.33
13.32.28.197
13.36.218.177
141.226.224.32
141.226.228.48
142.250.181.226
142.250.186.102
142.250.186.134
142.250.74.194
146.75.116.157
15.236.176.210
151.101.1.108
151.101.129.44
151.101.130.27
151.101.193.175
151.101.193.44
151.101.2.217
151.101.2.49
167.89.118.52
172.217.16.194
172.217.18.98
18.202.59.106
184.24.77.198
185.64.190.80
185.80.39.216
185.94.180.125
199.127.207.191
2.16.186.25
2.18.233.169
2.18.233.28
2001:678:cb4:bbbb::13
213.19.147.44
216.239.32.3
23.205.241.50
23.206.209.192
23.35.237.37
2600:1901:0:809c::1
2600:1f18:1aca:4282:74e5:b428:3504:8805
2600:9000:2057:600:1d:667e:2a40:93a1
2600:9000:2057:a200:1d:667e:2a40:93a1
2600:9000:2057:ee00:18:1fcd:351:7bc1
2600:9000:211e:b600:4:77d:a0c0:93a1
2600:9000:214f:2a00:8:48e:53c0:93a1
2600:9000:214f:b800:2:42d9:3100:93a1
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:233:1ab3:789:1032:20e3:21
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:e2::ac40:850f
2620:0:890::100
2620:1ec:21::14
2a00:1450:4001:6c::7
2a00:1450:4001:802::2003
2a00:1450:4001:803::2001
2a00:1450:4001:806::2004
2a00:1450:4001:806::2006
2a00:1450:4001:809::2006
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::200a
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:829::2001
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::2008
2a02:26f0:3500:16::215:149b
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:400::729
2a04:4e42:600::300
2a04:4e42:8d::159
3.124.210.90
3.208.54.167
3.33.220.150
3.5.164.175
34.193.47.24
34.246.208.99
34.248.152.242
34.98.64.218
35.156.94.146
35.227.202.26
35.241.45.82
35.244.232.184
37.252.172.249
37.252.173.215
52.28.196.126
52.95.132.103
54.153.213.250
54.229.167.95
54.74.40.111
54.87.198.241
63.32.119.144
65.9.65.116
69.173.144.138
79.125.44.37
88.221.168.166
88.221.168.201
99.86.4.121
99.86.4.3
99.86.4.6
99.86.4.7
002856eb594d2755e967afbc01ed1d8cfcc4232f4abfe714a5b8a9b55a367258
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f
0530fb7842f7fca7293ecc5f0e24057e3cfa5bdbe8c53dde3681d121587ceb53
05cc7dc6b6aca19d327ee6c072302143cc233998b65eb4db6de3c2361d7aa57c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c
08bf5e1c9fe7f83ac3d21c38b0a1900277a1137abb676fac94c82915a3c18258
091c2733df586042615d79b6fe413e3f33b87eb090beee72c3ac3e820110b5fd
098d0c759acc49ed9d0fb0e7d8a1e3676e8eed1898d5d6cf06395f683f0ef1f4
0a29073d2edd5ca06430c459d7abfa00a625bda902c13d017194c0915fa32af2
0a48eafbbacb5e3c696788e271d239c55678188b091bf5354d0c0aa61beb344d
0abf3468cf79e16f62670e7d1ae3a04299c7f4a62630ceb670b7aa52abafc135
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0be37f528ad3df7f09e39aa8093d0ef0b564f309cdd8d6541cd7e9d75fc54dff
0d2de9dda47c03e6a3531fb1247bd8d8fbde26300e786646491cca688c63e585
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0e2b36f6f5a096d3e47243e0365d743af04d6d0da69d67cabbf7a37f9f3dc618
0e4e46fa1aa04c24e793912d7aabaa2f2b0f7dc03d73cf74fbe12cb84f062554
0ec76d4b6ed8c436113f06a582c476855e784f3226de982d3df06453a35eae3e
0ef302d23e6466167bbeac7873e07aac870e29215762be8cf8a6e65ecb718e48
0f6b0f79eca296b5c3d09430cbf082dd17f3a45603c8c312a2a2fbdfa0626cb4
122555f4724a53c48c7d7cf01b7a433c6b7a51b8b27f6ede1517a6d40da35b93
1313ed32c7c63448b8ff77299565cfe788c1882b6b4cef88eb668873c24a450f
13f342a42978ce651f1abc095cc488bb67b22bd20aa0f6084f712947cbdd40c8
14607db250fa522f36a92a9902791cac17738aa8a79844dc4ecb73dc4204533e
15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32
15eb9d05a562830f6ba89ae001b779fae5cc312c0b8b040ceda4f1f7200ea60b
16d5eea328825426ed5cbf4813b8bdfd97852eaa76902d9ca810a18cffe11146
17fdde623f5dca1daaf56d6afb22ea2ea614184c7b4fe3def20b41e37d3af1cb
18e977bdecd0ee8269a38b81cd109e7a974de2ace232e250a2cd0c1500bc6c19
1915a6c3f9f643007a1ae96227d6df7c638f9ae1031b7d8faf99e1f6f3b397bb
19198d4a98e71641c8aa22fa6fa1d56245002fa8dd765cb631224a7c258ae790
1af93a79baedcd0b0141f5ea252e90b09939df173357ac3dbcba632498e5385d
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971
1f9871deb2852386fc1f11dcd8f7e76d071efd031366901c16fac4fa82310658
201f878404d9d6a5d51867b891316478dcd07621ad334825581fa24536ebc412
225d7f8798e8442ff98725d44342d3d07ecb39067ff00e05358462a5e4d3c0bc
229b98d44ca652161ac63c2299eb89b08fc94ad5f3ed3f45cb0979d613c9a299
22a24674b34fed8f2d9fa786bf67eb7ec0d52a46022e879303f39d848119ffda
245664dc2d5a4c8ad7769e402a764197430f49ee9d41a3b58bea3ee37680476a
24e09b9bde4564eaf60e1e98295cd673852b28787340baeb4ad6ab6bc9e6f131
251feee5dacd7cd6acb23ff9f266b3a4a5407369b24a56b97dc041ccf918adc6
259e943bcf0f08b93e70dfbf8dd15025b0767564c9dee7ee2e8c9db6f73d0ab6
25b3b9ad56e18305a476430a8c0b549406d2ff1f153ece49414bf276684b88a8
275f5949b25822667e45802442749d2577795339deb1dab9e5b4fc0b4bb283bf
2778076bb373ab474821c17b016270efb3cd88f55153262c7dc5baf19ee82fe0
27d95ac0b1bb36eae21edb5f8675879e58b778a6570a2a84acb2aae926df6950
289769da01b76f2bdb18bcf772ac90cf89861cfde526dc8ec0218a6a9b8ccb63
2a26deaf17ff2f6b4fb7dc371b731b9f617541305c697899969e07ceaf1c01ce
2a87453753b5611e7806718ec99a837dc8068d9eb20b4b6b3bb0d38ee2bd84d4
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b674e9b6f69f25bc144326b27bfcd47b9897f0d45d1fbc7ed0b2471d61b380a
2c5660f641ca8b2a795f976360ed032a7226aa4aee2ac8cad40723938f824790
2cc504c4018dc57148a51287d6338aad454d119d7ec047174a59c3f867148bc2
2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98
2f1c6751bd5336afb2205ee3a54990dd15cca1ccd286a6bcb177e814ac18ab52
2f323c23ab941c9e378e9d2152511d980d7a88ead0645133a98ecfe2027bbf61
2f9fe749a15b11e399b3bae73ac9f279898d8f76eee2d9b5a8b93d8515ac9baf
30febf5305fd5b7f50e0159126aa7d62a6554f0c3c4181aed44385a9aa2e0df9
31ed7d7f64a4159b3f29cecb04fad647048669ac05c4bc660a291d69e23a4fc6
3232f48280ba6a54ad258db27d24629bd56f31557d87bb6d2287977e762f1207
34e395eaf1bfcc27f23912f3b3c0d0acc08cc13ebf3f404efbab7e786da1af66
352054912bb7a9e7a29caea10e3b4102ba2b5df87a4f3e31cef877bea2820408
359ae88af34132a98271ad73e6915d0d2bf125c3b8f5a0c03162c619ba249800
367d8126fabf6dbaeb2230cb7df06de820c79c83de05836e252a4fbb5b1d0ba2
36ba2916ece2f82e65b2174bf5a140e797fc257416bf8fe3dda64bd0c8a6da57
3a377942bacfd9a3688c2b5b7f13398da089517fc9191ec92a1f59c69c686d6f
3bb2198e310efd09a1f2ae88c262d7ce175c3c14dae0f63b3f75c61655122348
3d5d6153a9539a9427e4d6fc41002b8f1d07ed2c44d8f22368a2c09d90390458
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3e85783fbaed2334ed570946c818df54dca935576304ac2beb6a0a7bce6e10c8
3ed575ad31b68b5ced21693c80283579e6cfebe1e3d88add1a7717623dd595ee
3ee455138c5a2ac218dfaef865fb6e8131490ad85d6d63492cebc49a2b335c85
3f01cb4e8bb564dfe1d558ba77bf9cda1712b8378f4c25223c44967ae8d5ea04
3f2dee9e8202b994a662fd7da669e1828aa2d7fc81ae7a77603ad8ecfc696489
3facd49f80156aa2677f03d46560337259127946176489089f2f95e36fb2fc97
3fafd9ea51dca80639320d19b8ea6569adf5c383fa4388bd1cfe354924fcb441
4067ea7648f1ba17958f6c7c9fc1a91f3368f9118d732f3a4a3c170ed27af0ae
4135c004ce36152b8f49f88b21366d7b589b906390a8cb78d38f41e357f88709
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d
41dfdf1c4dd211bb5bd556c41e59d7880e783f0816cf4da6e7c327f7e399c897
41f6a76ac799badee361b54d1ca83356e668070afdc634cfe91acd680727b0f5
41fb3cc602231798dea527fd883759ae07777d76b5b615b6959f5b0e0b5179b8
42ebf7a10cdc77202f20d49b1ac5482f2bb2083159450357226b6d2cd7939e83
436666262c4d5bc7140c698d60b94a8023a42b587bff26180c71cb79268a0736
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44da28de4528a10054a15045e824c804016a7df0fb2727cf6767d02b6b282c84
45aa7a2804303c312e9af3aaa18911a3366aaf4dde005300ec3beb0c75d7b45c
45bc75820c2292bf64b74af20b9785c4a053608816b7d0c05bdc968e8e9de805
475f9b9e50c213ab87b0d034da76de7ebc7e2eb9cd1fe856c7f21769e856bbcc
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
48eaf74d32d313b2e059e1034893ab377634113b70f39552af25cdfe1afdc017
49503a5526c85754627d926b173782779f6c71a1c2b8f110075a998e2e17e156
4b00ed621740620bfd79c6c4d2501d53390214d6bb3fb90a31a1c24637f05bb7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ce9c10ab57d1ed39bffeec2b9b684c51e9a988a7ffb78d62aa27a7432e0a2db
4d54c6e167c3a9881fa9084dd5af1abdf93e6408987c1d4967f13ffc526e4497
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
507e47ce7344d5a87f331c18bcb9a097a5d0118426995caebc71ad99ee8f05ea
50adf9038691058f7a0ad598fc119639f13dd3dc301f4e0d0c0a73ded8864f69
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
5697c2b6fa51a55ac5b49b53978bae77f7451698bc8f3c92d8884d20785ac9eb
5727f4eac5b367cdfd4803a35073527c22666150dc202ff76abc31588a098731
584f2a84a93aaf872a18587704c78f2da5dfbc2925e1349aa5370edff6a22a1a
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
58f4f467e807cc93c31862bed54b92f99371bd9cd325b7d73e9a76c01be40ac5
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048
5e7b471a7b5dcd0107a7a7d6e057c7a6377f258a3bf28087ce83711e0ae4826a
5ebefb61ddc3a886e62effffdfec4bd3ee6a5d04e6db409a544443879c7fc49c
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f2343b407e20e1a499bd99cf3049f006214a0fca7f697679b4075804c3ba153
5fe4cee60703157514ce978943393746a979a9db391171751c1a112d87a2d94f
5ffaa38b1eb97aa761378ac0ab66b43d92aa9a5706b465e5dc99ae2007b440ec
60f8a584d7ee6691d04772563e3cc0174bef3b3a2bae9b1d65792ab7fecacea6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62946b9242790912548a6dc92f1ef4f28c5996100aba8adf240c56560b7970f7
631c1a9ce05c6f41ad17495ffbe00e9ef93e77603ecc64226afb01d109ff2b30
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
655f567855330a0a417f686c22d98611aa83374d3af5cf92fffdc208af48004c
65d0ee95aa02438b70f870b09db5d41c4ce2b7faa5e9af574cd30b552773f986
67f13e8ba805fe8e31f17be59f8b9660d78a248476eda21ab6216552cae3a080
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf
68323b7457b5cd2f4a959cb6fb6889de75ed066900b735d299002fc46b92448d
68e36b720b6cb24eb7883cb8015115f4c9dc3df01d26756aa76f056adb7e207c
6952d75a2aaa80c38068102af0b81541c127ce80a62b183f9a6d4197a4c2e31f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bdd76d2939aad1064ff67f82ea5842249624fd1bec02fa5fa6df6c7a52e9132
6dce99f1f176145a94480734b8cba9e176f0bc23a6d4e8b5bc1640547881c95c
714f6738376a61459e39558628b73496acaabd5b90516c8bff2b44b7b36609a2
73a47bbee9a87dcf0ac4d76acafc9c3122d1c4d7985877deb42fe88f8d6665ac
73d612750189bf3dfe0869188eb2a06c2dadb1efc2ad885348e2dd5ff5c280b9
757066733cc5808a89fa43b99da0148bc8fad6820af900f0ab67d6109ee1af11
75839e3ea0cd949a33dc21dd8b0931f396829fea8e0e3148b576b1228f40e469
769a8be69561df7e3a5d63fe64d3e90db527ce5f8c4696e4b5a0633ff8bcbbf0
76fb84dfacef2ef054184f19c651a9008e066dbec8731f8adf4c55b0ad6056c5
772858a4a85442d2d4d95f351e194f8d3d01899779a1553df9583f4ec2716797
784caf17cbaa1b9aed0d10de408b6865d3f69f31bbf9a1ac3354a4026d09386b
789b905c1884fb738c2db0f0eb23dd5ab1224f2bec48fc91c49d080273d0bd83
79bad020a1d888afe2d9f1174b72efd5e116e35e6e423213ffa47829c1cbfc36
79bbd067eff59b0e77f2c105b6a23129e341e4e0ed12a27e2618216fc1e850e0
79bf187ed897e816349e7e3d9fc20bca96ee20c8cc8b0984c4e5d72abc5af96c
7b53cf8fd397d3942b28a8ff876fd47c00972892db54c1ee6cf7c2e3ef2bc70a
7b6c0b25c2cb3a2edfe8c42852119cffb292560fe035805ec58d85522316996d
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7e3c269ea742714082e696fe8b28a6a1768403fd2582c795bc58d522fe690c77
7f19eaf713e6f3c0986e23b5607eaf8490fc54551bb52d16ad560ce8ec392353
7f384708de4c23debbb854132841d29081efe9456afe06da0f6cc8ec6366bee0
7f601a8f162545a5b8aa2e2d05a4fc4bd508efd9ec19c65df29f6627edcbbd4a
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
80e3fe06d9bd6f80969712e11ce98c508c85172c61b1b008a13531611dec3d1d
8188ff50ea4ff59081b721c9b437f30a77d68852ed13a3c0b8a559dd7625ed0b
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8ce18ff81e30d0cb3e5ab97fb6b5b16d6c4d0f80cee058b4f946491a197a81fd
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d9d48e3b2aa9a9f181c5875704183f2561a32d1922e7a33af897afacac146ad
8e10da543ee1fd1a3db6f14d8a0fd754c86adeba294621a4bf473d927ac536d2
8e72fffbc0f6af2931cbe776c6075261ec345f3f592dee57f189a673a9b170d0
8e972a373c50c4489bbeb728ebebf9a0c0556bfb5ce1fc05d6e0312676dc8e71
8ea0aaf2511d214661b9e5b7defb908759463a38a00a03078d0f99b44a64a954
8f1c376d66592c734da1cc33d1ec2b9e6c589848d31846c26e7d21581f83cf2b
8f865fda4f4c0873c091ddf36e1e2b2d734173cbf463300a9df7ab6a74b63d98
91016eb6e4d33cb8aad448ed49b26edcf6185f2401599bf56a2e58b8d451ee11
916e8a29c96ab9665eabd2474f34273cbb783725720b812e789544d43446bd80
9365665fef097d6e2e96313c06357e88552fbd7a23c38cc91e0103ce74232e9b
955cb5a84a5a4d49250dc0d8d2d435e55fa4f639a04d05f96dee3404e929b29e
9567d9c3ea8784710a0bceb401dcde611adc89384522f95093d25d09ffb1855e
9a41224379ba888bda52a613753a2379876893ab1cfde2c943317af33330c848
9bd8dcc115a0e9fce94520cecad5254352b86d55bca2506833057bb52e87ee1a
9c3f3e3a92851510d35e3925f9974ef2fa291b988bfc206f93f75782641a7cef
9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a40c955ff680651b9a0b86214332ab847242b9805080717a5e594cbe2ec8fe78
a431d42216e16231738959dc4d664d102aba4e0a657177581b63c4cac78aff40
a45a83e695c2ab5af8780b36fd34fdef226fbc7711a66ecd1f33fff39406a1c0
a48e78549a25df920e68196b20ef5966b2ff90f6424de8ff8b8e01783d3210a1
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a52135ae04fbea7dcd0601f57e1c46efb75130f26aa71844c9afffc03cde6f5f
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a78c05475bd44e77a2783632cac588631e7b2b11cbad82983e3d14d80361086b
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
a9e322e104caf61653b1595f938d5c774c6bc0ac2799aff3538fedaee835c8ca
aa0e71fb307bf06c642c68a17475a855158c34287564570ac3a0ec08ccd19f5d
aa706c43e8733a58224f514db36f253bed4ea01f56a90b66916c4aa6a656ec2d
aa9da3206c274818b4d5d83e2935a671483517a711ff68e20de2dbef22811446
ab495136a2c54080e7947bf675afda141430d1e83e6b72959b1a4b1eb7941e76
ac0bd519a8891b6e8fbb9b92dbc62e6259fd3f457fbfb3b9ce24e37e719310e0
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
adf91edba255833bb7b5cfcff7fece48b39a553c9cc9f0501c36b425037b264d
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
afe2c4d44f6a91b4d2ecbaf61d91e90f61cf159467b4a3fac9e51ed9b1e2920d
b006d45d9e23298837ad10adb1e1b7faaf9f6f8dd56df8ff55af53db766015e1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3a48abb99c0b64e06d2a49113310a908ddd9f847228ea4ecc9fd909049726e2
b3a6b6746d758943a01e83f372e62f63626ba1a12a92c82c09c50ab68eb038bd
b4480d145384b70b3eaaa402f9424f66e054514096ef2d0104980b90f9b30f96
b5174a319b6c7ecf95baed2be088a70ed37bf471453517b781945756340973b4
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b5f057086cb52ca256e9b432f3a462da3d6ef207ed8bffcc155cbc25bd05bd60
b757a3c06478bfebfe4b76150068131d9ea683fb96495e900bd1450bf3d6f376
b8051b699814854101bcef9e76eae29fd82782892473478215e7a8d63891bf78
b9601e8996d34afa66d47eaab3da1613f0aac05fc41795da234518a4935af108
babbf2756085f48e33d409b313830dd0f8e1fe47c3dbda031f75f89aa9593fda
bba3f2b1cf65dc4992fad83fefe41ea84164c5be9307acbba7ab1179c26597a0
bd7c76c649d5516810b9f8ec8680bc31d20014124f58517b241e6c208ad760a0
bd9445fa686f1cff655cd858429c51fe9e188c33a289ee913a8d0949a791a689
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bf0390aa96210a4a3fca57b2b12c9787a83e1c1746e4fe996af926cc66ce1673
bfa67e2ce103d04234fa84f7595c316d23f46eed219683f06e264fb27dc91637
c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870
c12d94661a5a310805f93ca902298f840f10ed8588af21655983d8c130f7ffc1
c16ab40f059688c5b36843c3fe5ed989cc24092c408173c1f5a6caf6f06eaf3e
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c1dd93cc3f1638f369af566115ae74546e64bdafc4319d9853b5c15a3d3f4970
c1ffd3a1241e08bb7136677e9d6109ce310e5474a0b58dac39da85e477785736
c234d3a6e7ff0a41542220e1202ea768bffeca48680c47de404653fa040a9c7c
c429e59e6700e1b91394f8476dd4ad2471e9d92057bdaa6037a2b76a2d4d08f1
c42f7b958aa00ddebc17539be2e7b443f1c8f8f974f727f106fc5d9774bead6e
c48d84ea72bdf23ea897b9dd43e24f1fd0d45c5d18f2517770c1656656728b00
c58eb93005d09e7485d3960dbaad514527ed100b67dabe61d0076033dfc986ab
c6b30be9e2ecab19294bbf313c1b95df4ef35c8299bbabfd6e4ec67d95a12376
c75318b7d6abca37817c0d53776bad17c8f6b6181c2fd7b056d768273839933d
c7879722cafa2b867c1b03771e91abf6495c302fe245bf9588589df0da0c835f
cb91c8d19add9d665b3bb231e19a4113f5f0218cfd4b53d3ecb0a97122343483
cba168029774d08af251e1cff7c8d1efb50bd69fedb82c54d5994a171113025c
cbc1399b82e42018fbc8b8b9277200665d6367c9134ead9308ea5e568b00e459
ce227a433689c18ee8ee40b39f9998aba7e64d917be1f263bdfc39c134bc6556
cf016295997068c6cd58f52c4fca8fdec2806b76e09b12521fcf734e0fcbf5f5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d293e7067b0dba49fd27e580d02bd3af792bf07ee10cb17d73ed9b8eea3ce918
d2db0db76655fac76eeafe98a1f5421ae65c0443a9bb7044b25f3ac7d59a92e9
d4217603b2b015f6762958f96ee0fb670ac2332640c669b6a5f7369bb91e4cc4
d4a2fce65d2d504b230a33f50280f034564461cdf46d929ef540790208f8df47
d5fbefe1b606a5fff9ea58a397514046edca25fb8c33426281d66dadecb5b7ca
d6a2262db41d6daa01a55bff2ad51439054c6b051f070f0b2c3ecb7a3c482489
d792e66e7ad4c039716e9498339e5959cfd826c08e8c8056310d47f33ad2e557
d9bbd2edfb4a743ff0c90c258e85aaa8be066d9c8024800129625e6993de21fd
da1d2c71db717245679366e462635b310d8111bad08c0ad01fe0871faabcbd54
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0
da64e5422bf102e58624fb7c2079201a8b7b4eb2c8d07d2081bb49fd0f97bbc3
daec2c5ac8175cc3c9743f4342b44071d271452ca4d548d57c069cc46bf8cbec
daf748aa78bb4d092b39fe186fb5d71df23051b0a2c80e531e99c2b6fcd96fb0
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de7c465bfae286ec197af398056dc491c86fe3c931aff5b50bffb43a38ddebe6
e019c589de9ddba85d6f6ab1c92de747a8dc7fe0e96c3cc2c3701f3ba4d6e2ba
e07332c72aa495bd9d3116164fe3ef3a9d7d3599d99f5ec612e43955b9e2de96
e19ee4dd452a5b8c61f315046a7f7b024dba8ed3f883bff838ff53246f18383f
e23c6bbc65b809067783c54fb860efd9bbf6bfc1985961d7a42fb2ccbb4692bc
e2b47f6850e47a047f2dce76569a61df775d7504fe64716ec66af316ab80e489
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c2c235857ce6efd3861c3bde546f0f2cfe6b8d760a2ec1f390f08a71ee3c62
e4ce52ad6294cfec05864828f5df3325fc1f6627b957919fa931e94cb95453f8
e51487d2b1d8fc262e5637ab968fe2dcfb8d040ae5d49b0f8c3b32d8a8a996b9
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5e2ca77a43ecfab315c2404e0c40c56453692fe70fc9205cb46fc06556ef834
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596
e8101c10486b747e755e4d512b8a4bd53d07d8c4981e34bf2f73949b1056bfa4
ea94ea330644a22d76de67f60523d5b70ec63b6af7aab1b954bc79dbd0399bce
ebb4807c4eb6dca83da209b9d9cbafd1191a5960535e9cfaf6cb2423d59e6f15
ebbc8deb235dcdeeab79640fcb85619b4c295714d0d5ba1b218de7c35e977999
ece8f05fb8ad200b762190a561e87e0f149dc98b64029c5c4c79ca8992b3d58b
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e
f1ced5e4e3b54e6fca6e6f268b7202d2b4abba59bbe68ba88d30fe6287242a78
f2ae30fc0be761ea7af52d473b89b5a07b03893e185d94e09d024c89969417dd
f2c45f3e3dc1a63d69c7efd2ed0de3d4484e1983369e8244449dabd21d2f3c55
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
f3fdc23e8714bd72acea4952de24573297a12a9a94a182c6ac984e493fdd22a0
f47c4e208ecc814a620ed66da34aa2f0368dbf714088aa3dc7ae570609c420c1
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6f9b28ce46bc46d6dc12b7a3e09437e46b159144cf7ea835cfd4702cad05ad8
f76ece775d6c5f8f26d7b741a37f1bd3dcfc8301305ff9d4f6a3cb2c86170461
f83c43a9c785c84df27d052d4a055a8d0118a04da63e01a0938698de6add2d23
f924b3dc1e9ec83050cd30a1ac1c1de69533694dd7bf75127d3d263cb8143e58
fa531f5c4a644473057bfd386bdcfbe64c15e1cf11816ec767e9791676d3b737
facd1cd157c31802c541c4a722995b1f299e5a77205636dd125124b432f9ea87
fb177aaeef31e1f208e4d075fce2010031bfac6b0883cec9c3087791082e131f
fb6a51536746a48e31a22669de9ef61af509bbeb1cdb84cf8173c421ec0b1678
fb90d4116c0bbc624ced9f6924d84bf3b7fcc9c50d6120bf4b0cef305c200cf9
fc726046dc4a0a4fbf01cf5e4c3b71ab7e77a20a6c0987f7ddcbd36268ceda9c
fccaa574b9efe379a49d8c7c50ec7fdfe06dd09d95b640ba2080e9ff5740b0d7
fd48e2679f423978f355af346fdc7f929f249e6cff29ed8aa13e50a4d2b796b9