urlscan.io logo urlscan.io
SecurityTrails logo

www.heraldsun.com.au Open in urlscan Pro
184.30.20.111  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://info.silobreaker.com/e2t/tc/VX5zZg1gp8x2VCFB3550K860W3cF4jk4qG9qBMtGxl94Zc_rV3Zsc37CgT_JW17K2Qq9bPlJYW5R5dL59dVMXjW7z...
Effective URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a...
Submission: On April 21 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 74 IPs in 7 countries across 65 domains to perform 300 HTTP transactions. The main IP is 184.30.20.111, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.heraldsun.com.au.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 25th 2021. Valid for: a year.
This is the only time www.heraldsun.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 199.60.103.254 209242 (CLOUDFLAR...)
6 19 184.30.20.111 16625 (AKAMAI-AS)
2 9 184.30.20.190 16625 (AKAMAI-AS)
1 151.101.114.217 54113 (FASTLY)
1 30 199.232.137.44 54113 (FASTLY)
8 184.30.24.190 16625 (AKAMAI-AS)
2 151.101.13.181 54113 (FASTLY)
1 3 13.224.102.14 16509 (AMAZON-02)
2 23.111.9.35 33438 (HIGHWINDS2)
10 104.111.230.77 16625 (AKAMAI-AS)
5 104.109.77.38 16625 (AKAMAI-AS)
1 151.101.1.195 54113 (FASTLY)
1 2600:9000:211... 16509 (AMAZON-02)
1 9 141.226.228.48 200478 (TABOOLA-AS)
1 3 172.217.23.102 15169 (GOOGLE)
1 2600:9000:206... 16509 (AMAZON-02)
15 172.217.18.98 15169 (GOOGLE)
1 2 2600:9000:219... 16509 (AMAZON-02)
6 2600:9000:219... 16509 (AMAZON-02)
1 99.86.2.49 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 23.20.2.75 14618 (AMAZON-AES)
1 13.224.102.69 16509 (AMAZON-02)
2 104.111.247.190 16625 (AKAMAI-AS)
6 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.34 15169 (GOOGLE)
3 16 34.252.115.248 16509 (AMAZON-02)
13 54.72.19.162 16509 (AMAZON-02)
1 52.50.19.208 16509 (AMAZON-02)
2 15.237.76.117 16509 (AMAZON-02)
1 1 54.194.191.134 16509 (AMAZON-02)
1 2600:1f18:612... 14618 (AMAZON-AES)
2 4 54.171.87.152 16509 (AMAZON-02)
1 18.184.153.186 16509 (AMAZON-02)
3 4 185.94.180.126 35220 (SPOTX-AMS)
1 3 35.156.245.144 16509 (AMAZON-02)
1 82.199.68.72 15830 (EQUINIX-C...)
9 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
21 2a00:1450:400... 15169 (GOOGLE)
2 54.246.217.185 16509 (AMAZON-02)
1 2600:9000:211... 16509 (AMAZON-02)
5 9 37.252.173.22 29990 (ASN-APPNEX)
5 2a00:1450:400... 15169 (GOOGLE)
1 2 18.159.8.206 16509 (AMAZON-02)
2 4 35.244.159.8 15169 (GOOGLE)
3 69.173.144.165 26667 (RUBICONPR...)
1 2 198.148.27.139 19189 (PULSEPOINT)
3 5 142.250.74.194 15169 (GOOGLE)
2 185.64.190.80 62713 (AS-PUBMATIC)
1 2 72.251.249.14 29791 (VOXEL-DOT...)
1 185.86.137.110 201081 (SMARTADSE...)
1 18.195.155.181 16509 (AMAZON-02)
1 1 178.250.2.151 44788 (ASN-CRITE...)
1 1 172.105.213.147 63949 (LINODE-AP...)
1 192.132.33.46 18568 (BIDTELLECT)
1 1 2001:678:cb4:... 56396 (TURN)
2 13.224.100.124 16509 (AMAZON-02)
1 199.232.136.157 54113 (FASTLY)
1 2a02:26f0:710... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.101.113.108 54113 (FASTLY)
2 142.250.185.98 15169 (GOOGLE)
1 35.227.202.26 15169 (GOOGLE)
12 54.76.195.29 16509 (AMAZON-02)
2 2 2620:119:50e1... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 108.174.10.14 14413 (LINKEDIN)
1 104.244.42.133 13414 (TWITTER)
1 184.30.20.198 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
2 3 184.30.20.241 16625 (AKAMAI-AS)
1 1 199.127.207.180 26120 (RHYTHMONE)
34 54.174.17.129 14618 (AMAZON-AES)
1 1 52.57.150.20 16509 (AMAZON-02)
2 34.246.53.122 16509 (AMAZON-02)
1 104.244.42.3 13414 (TWITTER)
1 1 18.210.140.68 14618 (AMAZON-AES)
1 34.254.85.82 16509 (AMAZON-02)
1 1 23.45.110.176 16625 (AKAMAI-AS)
11 11 151.101.114.49 54113 (FASTLY)
1 2a03:2880:f11... 32934 (FACEBOOK)
3 3 213.19.147.45 26120 (RHYTHMONE)
1 104.17.208.240 13335 (CLOUDFLAR...)
300 74
2    199.60.103.254 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
info.silobreaker.com
19    184.30.20.111 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-111.deploy.static.akamaitechnologies.com
www.heraldsun.com.au
mhr.talk.news.com.au
content.api.news
9    184.30.20.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-190.deploy.static.akamaitechnologies.com
tags.news.com.au
1    151.101.114.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.speedcurve.com
30    199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
15.taboola.com
images.taboola.com
vidstat.taboola.com
imprammp.taboola.com
8    184.30.24.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-190.deploy.static.akamaitechnologies.com
resourcesssl.newscdn.com.au
2    151.101.13.181 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
widget.perfectmarket.com
3    13.224.102.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-14.zrh50.r.cloudfront.net
sb.scorecardresearch.com
2    23.111.9.35 (United States)

ASN33438 (HIGHWINDS2, US)
use.fontawesome.com
10    104.111.230.77 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-77.deploy.static.akamaitechnologies.com
login.newscorpaustralia.com
5    104.109.77.38 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-77-38.deploy.static.akamaitechnologies.com
tags.tiqcdn.com
1    151.101.1.195 (United States)

ASN54113 (FASTLY, US)
ts2020-indies-client.web.app
1    2600:9000:211e:3400:4:77d:a0c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.vidora.com
9    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
am-vid-events.taboola.com
sync-t1.taboola.com
sync.taboola.com
3    172.217.23.102 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f6.1e100.net
ad.doubleclick.net
8228261.fls.doubleclick.net
1    2600:9000:206f:3c00:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
15    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
securepubads.g.doubleclick.net
2    2600:9000:2190:1000:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)
secure-gl.imrworldwide.com
6    2600:9000:2190:2600:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn-gl.imrworldwide.com
seccdn-gl.imrworldwide.com
1    99.86.2.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-2-49.fra6.r.cloudfront.net
au.tags.newscgp.com
3    2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
2    23.20.2.75 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-2-75.compute-1.amazonaws.com
ping.chartbeat.net
1    13.224.102.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-69.zrh50.r.cloudfront.net
cdn.adsafeprotected.com
2    104.111.247.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-247-190.deploy.static.akamaitechnologies.com
secure-ds.serving-sys.com
6    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
googleads4.g.doubleclick.net
16    34.252.115.248 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-115-248.eu-west-1.compute.amazonaws.com
dpm.demdex.net
13    54.72.19.162 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pixel.adsafeprotected.com
1    52.50.19.208 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-19-208.eu-west-1.compute.amazonaws.com
newscorpau.demdex.net
2    15.237.76.117 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-76-117.eu-west-3.compute.amazonaws.com
metrics.heraldsun.com.au
1    54.194.191.134 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
cm.everesttech.net
1    2600:1f18:612b:4264:7c39:f94b:b1fb:416c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
taboola-supply-partners.tremorhub.com
4    54.171.87.152 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-87-152.eu-west-1.compute.amazonaws.com
match.adsrvr.org
1    18.184.153.186 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-153-186.eu-central-1.compute.amazonaws.com
pixel.advertising.com
4    185.94.180.126 (United States)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
3    35.156.245.144 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-245-144.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    82.199.68.72 (Zwolle, Netherlands)

ASN15830 (EQUINIX-CONNECT, GB)
bs.serving-sys.com
9    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.pl
www.googletagservices.com
adservice.google.de
4    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
googleads.g.doubleclick.net
1    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
0316522e3603390df187489bd7e0b6e5.safeframe.googlesyndication.com
21    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    54.246.217.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-217-185.eu-west-1.compute.amazonaws.com
secure-dcr.imrworldwide.com
1    2600:9000:211e:8c00:1d:667e:2a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
rxhzybjbkyyvqnttfgu5o6femnfph1619003777.nuid.imrworldwide.com
9    37.252.173.22 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
5    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    18.159.8.206 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
rtb.mfadsrvr.com
4    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
u.openx.net
us-u.openx.net
3    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
2    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
5    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
cm.g.doubleclick.net
2    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
2    72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
1    185.86.137.110 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
e1.emxdgt.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    172.105.213.147 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
s.c.appier.net
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
1    2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (TURN, GB)
d.turn.com
2    13.224.100.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-100-124.zrh50.r.cloudfront.net
js.adsrvr.org
1    199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    2a02:26f0:7100:1bd::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
www.googleadservices.com
1    35.227.202.26 (Kansas City, United States)

ASN15169 (GOOGLE, US)
au-gmtdmp.mookie1.com
12    54.76.195.29 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
2    2620:119:50e1:101::6cae:b25 (United States)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
1    108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com
px4.ads.linkedin.com
1    104.244.42.133 (United States)

ASN13414 (TWITTER, US)
t.co
1    184.30.20.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-198.deploy.static.akamaitechnologies.com
image5.pubmatic.com
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    184.30.20.241 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-241.deploy.static.akamaitechnologies.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
1    199.127.207.180 (United States)

ASN26120 (RHYTHMONE, US)
dt.scanscout.com
34    54.174.17.129 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
1    52.57.150.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ps.eyeota.net
2    34.246.53.122 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-53-122.eu-west-1.compute.amazonaws.com
insight.adsrvr.org
1    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    18.210.140.68 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
usermatch.krxd.net
1    34.254.85.82 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-85-82.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    23.45.110.176 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-110-176.deploy.static.akamaitechnologies.com
tags.bluekai.com
11    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    2a03:2880:f113:81:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    104.17.208.240 (United States)

ASN13335 (CLOUDFLARENET, US)
zn7wdmojjixvhyobn-news.siteintercept.qualtrics.com
Apex Domain
Subdomains		 Transfer
60 adsafeprotected.com
cdn.adsafeprotected.com
pixel.adsafeprotected.com
static.adsafeprotected.com
dt.adsafeprotected.com
571 KB
39 taboola.com
cdn.taboola.com
trc.taboola.com
15.taboola.com
trc-events.taboola.com
images.taboola.com
vidstat.taboola.com
imprammp.taboola.com
am-vid-events.taboola.com
sync-t1.taboola.com
sync.taboola.com
363 KB
28 googlesyndication.com
pagead2.googlesyndication.com
0316522e3603390df187489bd7e0b6e5.safeframe.googlesyndication.com
tpc.googlesyndication.com
97 KB
26 doubleclick.net
ad.doubleclick.net
securepubads.g.doubleclick.net
googleads4.g.doubleclick.net
cm.g.doubleclick.net
8228261.fls.doubleclick.net
googleads.g.doubleclick.net
161 KB
19 heraldsun.com.au
www.heraldsun.com.au
metrics.heraldsun.com.au
213 KB
17 demdex.net
dpm.demdex.net
newscorpau.demdex.net
20 KB
12 everesttech.net
cm.everesttech.net
sync-tm.everesttech.net
3 KB
11 imrworldwide.com
secure-gl.imrworldwide.com
cdn-gl.imrworldwide.com
seccdn-gl.imrworldwide.com
secure-dcr.imrworldwide.com
rxhzybjbkyyvqnttfgu5o6femnfph1619003777.nuid.imrworldwide.com
77 KB
10 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
11 KB
10 newscorpaustralia.com
login.newscorpaustralia.com
12 KB
10 news.com.au
tags.news.com.au
mhr.talk.news.com.au
217 KB
8 adsrvr.org
match.adsrvr.org
js.adsrvr.org
insight.adsrvr.org
7 KB
8 newscdn.com.au
resourcesssl.newscdn.com.au
58 KB
7 googletagservices.com
www.googletagservices.com
244 KB
7 google.com
adservice.google.com
www.google.com
2 KB
5 tiqcdn.com
tags.tiqcdn.com
23 KB
4 linkedin.com
px.ads.linkedin.com
www.linkedin.com
px4.ads.linkedin.com
3 KB
4 openx.net
u.openx.net
us-u.openx.net
833 B
4 spotxchange.com
sync.search.spotxchange.com
3 KB
3 casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
3 KB
3 google.de
adservice.google.de
www.google.de
1 KB
3 pubmatic.com
simage2.pubmatic.com
image5.pubmatic.com
image2.pubmatic.com
2 KB
3 rubiconproject.com
pixel.rubiconproject.com
token.rubiconproject.com
692 B
3 bidswitch.net
x.bidswitch.net
791 B
3 serving-sys.com
secure-ds.serving-sys.com
bs.serving-sys.com
21 KB
3 crazyegg.com
script.crazyegg.com
24 KB
3 scorecardresearch.com
sb.scorecardresearch.com
3 KB
2 1rx.io
sync.1rx.io
900 B
2 krxd.net
usermatch.krxd.net
beacon.krxd.net
529 B
2 googleadservices.com
www.googleadservices.com
30 KB
2 lijit.com
ce.lijit.com
1018 B
2 contextweb.com
bh.contextweb.com
819 B
2 mfadsrvr.com
rtb.mfadsrvr.com
836 B
2 chartbeat.net
ping.chartbeat.net
337 B
2 fontawesome.com
use.fontawesome.com
91 KB
2 perfectmarket.com
widget.perfectmarket.com
32 KB
2 silobreaker.com
info.silobreaker.com
4 KB
1 qualtrics.com
zn7wdmojjixvhyobn-news.siteintercept.qualtrics.com
18 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com
475 B
1 facebook.com
www.facebook.com
518 B
1 bluekai.com
tags.bluekai.com
834 B
1 twitter.com
analytics.twitter.com
651 B
1 eyeota.net
ps.eyeota.net
418 B
1 scanscout.com
dt.scanscout.com
692 B
1 t.co
t.co
457 B
1 mookie1.com
au-gmtdmp.mookie1.com
606 B
1 googletagmanager.com
www.googletagmanager.com
33 KB
1 licdn.com
snap.licdn.com
2 KB
1 ads-twitter.com
static.ads-twitter.com
2 KB
1 turn.com
d.turn.com
402 B
1 bttrack.com
bttrack.com
380 B
1 appier.net
s.c.appier.net
362 B
1 criteo.com
dis.criteo.com
525 B
1 emxdgt.com
e1.emxdgt.com
59 B
1 smartadserver.com
rtb-csync.smartadserver.com
697 B
1 google.pl
adservice.google.pl
799 B
1 advertising.com
pixel.advertising.com
125 B
1 tremorhub.com
taboola-supply-partners.tremorhub.com
183 B
1 newscgp.com
au.tags.newscgp.com
48 KB
1 chartbeat.com
static.chartbeat.com
23 KB
1 vidora.com
assets.vidora.com
4 KB
1 web.app
ts2020-indies-client.web.app
3 KB
1 api.news
content.api.news
90 KB
1 speedcurve.com
cdn.speedcurve.com
7 KB
0 id5-sync.com Failed
id5-sync.com Failed
300 65
Domain Requested by
34 dt.adsafeprotected.com www.heraldsun.com.au
21 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
17 www.heraldsun.com.au 6 redirects info.silobreaker.com
www.heraldsun.com.au
16 dpm.demdex.net 3 redirects www.heraldsun.com.au
tags.news.com.au
15 securepubads.g.doubleclick.net tags.tiqcdn.com
securepubads.g.doubleclick.net
info.silobreaker.com
www.googletagservices.com
13 pixel.adsafeprotected.com cdn.adsafeprotected.com
www.heraldsun.com.au
12 static.adsafeprotected.com pixel.adsafeprotected.com
www.heraldsun.com.au
11 sync-tm.everesttech.net 11 redirects
11 cdn.taboola.com www.heraldsun.com.au
cdn.taboola.com
10 images.taboola.com www.heraldsun.com.au
10 login.newscorpaustralia.com www.heraldsun.com.au
login.newscorpaustralia.com
9 tags.news.com.au 2 redirects tags.tiqcdn.com
au.tags.newscgp.com
8 resourcesssl.newscdn.com.au www.heraldsun.com.au
ts2020-indies-client.web.app
7 www.googletagservices.com securepubads.g.doubleclick.net
6 pagead2.googlesyndication.com ad.doubleclick.net
securepubads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
6 trc.taboola.com 1 redirects cdn.taboola.com
www.heraldsun.com.au
5 cm.g.doubleclick.net 3 redirects www.heraldsun.com.au
5 www.google.com securepubads.g.doubleclick.net
www.heraldsun.com.au
5 ib.adnxs.com 3 redirects www.heraldsun.com.au
5 cdn-gl.imrworldwide.com www.heraldsun.com.au
seccdn-gl.imrworldwide.com
secure-gl.imrworldwide.com
cdn-gl.imrworldwide.com
5 tags.tiqcdn.com www.heraldsun.com.au
tags.tiqcdn.com
4 secure.adnxs.com 2 redirects www.heraldsun.com.au
4 sync.taboola.com 1 redirects www.heraldsun.com.au
4 sync.search.spotxchange.com 3 redirects www.heraldsun.com.au
4 match.adsrvr.org 2 redirects imprammp.taboola.com
www.heraldsun.com.au
3 x.bidswitch.net 1 redirects imprammp.taboola.com
www.heraldsun.com.au
3 script.crazyegg.com tags.tiqcdn.com
script.crazyegg.com
3 sb.scorecardresearch.com 1 redirects cdn.taboola.com
www.heraldsun.com.au
2 sync.1rx.io 2 redirects
2 us-u.openx.net 1 redirects www.heraldsun.com.au
2 insight.adsrvr.org js.adsrvr.org
2 ssum.casalemedia.com 2 redirects
2 www.google.de www.heraldsun.com.au
2 px.ads.linkedin.com 2 redirects
2 googleads.g.doubleclick.net www.googleadservices.com
2 www.googleadservices.com secure-ds.serving-sys.com
www.googletagmanager.com
2 8228261.fls.doubleclick.net 1 redirects info.silobreaker.com
2 js.adsrvr.org secure-ds.serving-sys.com
2 ce.lijit.com 1 redirects www.heraldsun.com.au
2 bh.contextweb.com 1 redirects www.heraldsun.com.au
2 pixel.rubiconproject.com www.heraldsun.com.au
2 u.openx.net 1 redirects www.heraldsun.com.au
2 rtb.mfadsrvr.com 1 redirects www.heraldsun.com.au
2 secure-dcr.imrworldwide.com www.heraldsun.com.au
2 adservice.google.com securepubads.g.doubleclick.net
8228261.fls.doubleclick.net
2 sync-t1.taboola.com imprammp.taboola.com
www.heraldsun.com.au
2 metrics.heraldsun.com.au tags.news.com.au
www.heraldsun.com.au
2 secure-ds.serving-sys.com tags.tiqcdn.com
secure-ds.serving-sys.com
2 ping.chartbeat.net www.heraldsun.com.au
2 secure-gl.imrworldwide.com 1 redirects www.heraldsun.com.au
2 trc-events.taboola.com www.heraldsun.com.au
2 use.fontawesome.com cdn.taboola.com
use.fontawesome.com
2 widget.perfectmarket.com cdn.taboola.com
widget.perfectmarket.com
2 info.silobreaker.com 1 redirects
1 zn7wdmojjixvhyobn-news.siteintercept.qualtrics.com tags.tiqcdn.com
1 sync.targeting.unrulymedia.com 1 redirects
1 www.facebook.com www.heraldsun.com.au
1 image2.pubmatic.com www.heraldsun.com.au
1 dsum-sec.casalemedia.com www.heraldsun.com.au
1 tags.bluekai.com 1 redirects
1 beacon.krxd.net www.heraldsun.com.au
1 usermatch.krxd.net 1 redirects
1 analytics.twitter.com static.ads-twitter.com
1 ps.eyeota.net 1 redirects
1 dt.scanscout.com 1 redirects
1 image5.pubmatic.com www.heraldsun.com.au
1 adservice.google.de adservice.google.com
1 t.co www.heraldsun.com.au
1 px4.ads.linkedin.com www.heraldsun.com.au
1 www.linkedin.com 1 redirects
1 token.rubiconproject.com www.heraldsun.com.au
1 au-gmtdmp.mookie1.com www.heraldsun.com.au
1 acdn.adnxs.com info.silobreaker.com
1 www.googletagmanager.com secure-ds.serving-sys.com
1 snap.licdn.com info.silobreaker.com
1 static.ads-twitter.com info.silobreaker.com
1 d.turn.com 1 redirects
1 bttrack.com www.heraldsun.com.au
1 s.c.appier.net 1 redirects
1 dis.criteo.com 1 redirects
1 e1.emxdgt.com www.heraldsun.com.au
1 rtb-csync.smartadserver.com www.heraldsun.com.au
1 simage2.pubmatic.com www.heraldsun.com.au
1 rxhzybjbkyyvqnttfgu5o6femnfph1619003777.nuid.imrworldwide.com www.heraldsun.com.au
1 0316522e3603390df187489bd7e0b6e5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.pl securepubads.g.doubleclick.net
1 bs.serving-sys.com secure-ds.serving-sys.com
1 pixel.advertising.com imprammp.taboola.com
1 taboola-supply-partners.tremorhub.com imprammp.taboola.com
1 cm.everesttech.net 1 redirects
1 newscorpau.demdex.net tags.news.com.au
1 am-vid-events.taboola.com www.heraldsun.com.au
1 imprammp.taboola.com vidstat.taboola.com
1 googleads4.g.doubleclick.net ad.doubleclick.net
1 cdn.adsafeprotected.com tags.news.com.au
1 seccdn-gl.imrworldwide.com tags.news.com.au
1 au.tags.newscgp.com tags.tiqcdn.com
1 static.chartbeat.com tags.tiqcdn.com
1 ad.doubleclick.net tags.tiqcdn.com
1 vidstat.taboola.com cdn.taboola.com
1 assets.vidora.com www.heraldsun.com.au
1 15.taboola.com cdn.taboola.com
1 ts2020-indies-client.web.app www.heraldsun.com.au
1 content.api.news www.heraldsun.com.au
1 mhr.talk.news.com.au www.heraldsun.com.au
1 cdn.speedcurve.com www.heraldsun.com.au
0 id5-sync.com Failed www.heraldsun.com.au
300 107
Subject Issuer Validity Valid
info.silobreaker.com
Cloudflare Inc ECC CA-3		 2020-06-30 -
2021-06-30		 a year crt.sh
news.com.au
DigiCert SHA2 Secure Server CA		 2021-02-25 -
2022-02-28		 a year crt.sh
*.speedcurve.com
GlobalSign Atlas R3 DV TLS CA 2020		 2020-12-09 -
2022-01-10		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
widget.perfectmarket.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-12-14		 a year crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2021-04-19 -
2022-04-27		 a year crt.sh
web.app
GTS CA 1D4		 2021-03-17 -
2021-06-15		 3 months crt.sh
*.vidora.com
Amazon		 2021-03-12 -
2022-04-10		 a year crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2020-06-01 -
2021-06-02		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-28 -
2022-02-01		 a year crt.sh
au.tags.newscgp.com
Amazon		 2021-01-25 -
2022-02-22		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-06-09 -
2021-06-09		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2020-12-01 -
2021-12-30		 a year crt.sh
*.adsafeprotected.com
Amazon		 2020-08-19 -
2021-09-18		 a year crt.sh
secure-ds.serving-sys.com
DigiCert SHA2 Secure Server CA		 2021-03-17 -
2022-03-22		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2022-01-02		 a year crt.sh
fw.adsafeprotected.com
Amazon		 2020-09-09 -
2021-10-09		 a year crt.sh
metrics.heraldsun.com.au
DigiCert SHA2 High Assurance Server CA		 2020-04-13 -
2021-07-15		 a year crt.sh
*.tremorhub.com
Amazon		 2020-07-25 -
2021-08-25		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA		 2021-03-01 -
2021-08-24		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
bs.serving-sys.com
Go Daddy Secure Certificate Authority - G2		 2020-01-07 -
2022-03-08		 2 years crt.sh
*.google.pl
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.nuid.imrworldwide.com
Amazon		 2020-06-26 -
2021-07-26		 a year crt.sh
www.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
rtb.mfadsrvr.com
Sectigo RSA Domain Validation Secure Server CA		 2021-01-22 -
2022-01-22		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2020-03-11 -
2021-05-10		 a year crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA		 2020-05-07 -
2022-05-12		 2 years crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2020-05-18 -
2021-07-17		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-29 -
2022-03-29		 a year crt.sh
ads-twitter.com
DigiCert SHA2 High Assurance Server CA		 2020-08-14 -
2021-08-19		 a year crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2019-04-01 -
2021-05-07		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
cdn.adnxs.com
GlobalSign CloudSSL CA - SHA256 - G3		 2021-03-16 -
2022-03-17		 a year crt.sh
www.googleadservices.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
static.adsafeprotected.com
Amazon		 2021-01-06 -
2022-02-04		 a year crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-04-15 -
2021-10-15		 6 months crt.sh
*.googleadservices.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.google.de
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
dt.adsafeprotected.com
Amazon		 2020-05-20 -
2021-06-20		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-07		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2021-04-08 -
2022-05-09		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-04-06 -
2021-07-03		 3 months crt.sh
*.qualtrics.com
DigiCert SHA2 Secure Server CA		 2020-10-26 -
2021-11-26		 a year crt.sh

This page contains 42 frames:

Primary Page: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac&nk=f277a6fd0b815eab7b320a6fb7d2a190-1619003770
Frame ID: E5F7832B4631483F395182EC8C31327E
Requests: 153 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=ues0RvEBx51L6db8BRuEntbUanH_bsx9&nonce=rT2pUU9jbppO-5G55C1hZvTwekfiHcTV&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
Frame ID: D969B5A9A36BFAC92D4B4CA9D8395BD6
Requests: 3 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=SLgGjUZ6.2c3Z83ym-6v11kJp1A2LoL1&nonce=PcedsuP~yLb_sBXClh8cOUN8ecVl-UfG&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
Frame ID: 2BE27D49BE13FB30AEC04017EC98684B
Requests: 3 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=9BYk8GALquXKoMIsojIjR4q0xVfUXJVy&nonce=VE_lI8jOhN9aXcZYcfY_A.NebXjfUQvO&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
Frame ID: D09724813BA9F42A70E0882F492D58A4
Requests: 3 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=vf02GqgtC4IAjJEexM0r1HqR-jIsSv-r&nonce=0S~RPbFUEQNgSAso_hf2ucRXmE5a0nbC&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
Frame ID: 02612DDF6D884D9A69EF6E7AF1D7F2CA
Requests: 3 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66334005&crid=5473015&dast=V7xN4CFgNYHlJsek3YlARYHlJsek3YlAUAAAAGBvQHGjKhzTgsBmu5GCxXq8FqNFwsh7vhYjIZwoZMaDMOi8FaLgbL1Wqw2iwGu9VsMpwtB1P4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73hAoiabT4XPd63W_313u8n3uGr_brnD9JZaXw-u0-9xyl-_z17ksb4fdrfG7Lqe36Gj5-z5vvev01hgdZrPL7nO5FT6H0-45vVWut-xpeX3ekpfHb3tZnm-Z627yy12-z1tz-luef4VtsBiNfMONw7QbzTzO4Wiy3DhMq4nHYxisNh47AAAAADwATAneQ_wAAgBEAAAAAEgAAAAAUARU_FsIXAAAAABgACDojGkAqHIY3MPyefj-AQDwUAACACCAQQJQsFdcArAx0n8CAAAAAAAAAMDy____HzNA31IjAxByltAD8OAD8EBUYFnECAAAACDXHtrraFInVBZVAAAE6VYAVwAAAXj0JRrfYQAAAARjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTQgqHCktCLUnTu0XEABg7RcQAIBN3QAA3gLggo6gFYPB6hRiMhtsVrvlcDQ7AAAAgLv___9_PZBYbEbO0coyW9kmw9XKuZmsXBvbyrBxGYarkcO5vYhOBXwn9eSqvhBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmN-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhbmabuHarzVoyGE7Woslss1aYLJu1xGXyTTyL1cqwMq1Fr4_pt1sOVzabFwUDOvciuEgncpfv8_FbDg_XW-E6uYUuy8Ns8rzuFrFEc7JIJ7LLvrHYjJyjlWW2sk2Gq5VzM1m5NraVYeMyDFcjh3Pfm9kmrt1qs5YMhpO1aDLbrBUmy2YtcZl8E89itTKsTGvR62P67ZbDlc3mb8wWy8Fgs9ut9o3ZYjkYbHa71b5DZ_iuPmejZ6gTeVTW8-zlEcrMB4XLYPEuPxdpt_i5GX3e8EuYGoqmn4lV6Pf7_X6_3-_3-70bs8FjMBhmHu02MXb5NZuf8mhRxBLB6SKdiF7G00UskTwt0onItVotRo7lyOMyLmaehcc3cjg8o5XLt7FsfJvlRCxRmi7SiV5ieTm8TrvPLXf5Pn-dy_J22N0av-tyeouOlr_v89a7Tm-N0WE2u-w-l1vhczjtntNb5XrLnpbX5y15efy2l-X5lrnuJr_c5fu8Nae_5flX2AaL0cg33DhMu9HM4xyOJsuNw7SaeDyGwWrjsaj_6BDD1Vwyms0lg-FcOVolAAAAAAAAAIAlzJk3AQAAADgNZrXczFbLBYjIB9QFBgEAAAAAAChu_BjDXb7Px285PFxvhevkFrosD7PJ87pbGSDinpV5s2eCWKvVsgYAABDABgAACODWzVsgRiMH!&cmcv=&pix=undefined&cb=1619003776765&uv=2955&tms=1619003776765&abt=aat1_vB!adh5c-1_vA!insc_vA!spa2_vA!sre_vA!t45!ufm&ft=0&unm=FEED_MANAGER&aure=false&agl=1&cirid=2B6FCEA5910955054819878122&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: D4D389D05BAE4583AE8518A8AFB02B14
Requests: 6 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: 3FBA535BD17682873B77C91F46F469B2
Requests: 22 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 5774B417263587AE309F96D55B967AF4
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJd-ZeVAGcFn7ltWdOeI10vMb8XlgdNX_S4gb147-IYa5s5wgFEB2CmfQgH0l6bD6EZQMS-LbhUm1KtrGlw2LrSB03D08Bn_BJwyArw07g1Tk4eiMrRIPC-WW9me8f4rw8aHN5v5xae2yR0q9MabeuCPM0OgSZRLWNaC-epGt2NKrf6SOWyDAXBWKTsEx4UirOM9Xt8tUfziBrFyV7rc5IeQY0vqFsRkUzT_4Ce5UQ0hNplctL7gC5fXYc814u9v6mteNl4rV0YCiwtY4SkD0pbPVCjacLwjJ32D_0V6kegGXhUl-tuS0_AkWtJIpVPDU&sai=AMfl-YSSYA7lJeeFr20t_VCFixzEIL3VHjIY-CQQBSX9TJjR3WEVuIUsVDUaaA8CWaVtdCdhnKSCANaB0lin&sig=Cg0ArKJSzL8oWZKNNZWuEAE&adurl=
Frame ID: 9EB38231A6E3BC80245DB6CFAC7729A7
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstngWKCgch3SQMIXTUIliB_o0Nr8ivGmQ5zt_SjNyzdZRvHC0NzfVbNwMPIFxXwCEcRmIfEAZxlaY9yB0OEUVrKSgnH9sMrzNhQRSgFzYCWhqskIg9sqXSh2FdePq7096MJMO5LVmk7Yf0MBHSrBBh-Ey89iWzRTw_KWqY61x56jw_f6toLr3yJZNvgIBmSVi7FDSEHFXWNbbGJfIiznvlZY7wc9yFbDIC9_Y9V2X_j0aG6EkGcjv8aFXvMzO7xZX8hsdJBkTRJh7Ap2KaVG-4W2JnBLhJdrb22vtwIL4l7zEowsUTM-xVDnthrAqZU_-c&sai=AMfl-YQ2dDns-0yvnUQln0bzVQaVCgLDsBin4JbV873m_adHeRfeJwllYInP5X3iYtP5AIQNy0TmHXkeMnoZ&sig=Cg0ArKJSzMQYdAX79q8LEAE&adurl=
Frame ID: A9FF2ED50321F8A9347C6D52AFA53276
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYklFpsgJKG2bzC3sq0tjKBTwy7JdaC4QVE_EuoG3ZphbQfPTIWNN7Vll2WCHysC-9GlISgR_UC30bmeYDgHAOlMFKYf21IxZDA26vw2gTJDhc4piaPlDX0v6qVlFLjP-171iajkWBJDElxzko3OxSTUrTswQTBrtxmX85jhWgZ40I_gIkcvoGM7a4LvRG4bK5Gr9uiOWRPo11gQ7H7NlO_ByTZdomEHWVLnfzUKh22INhmJJp8XXmydBog-H2zYR53VJ3SPoaizpsVQnqPjitTBYf5McbW9eLgijzyulcumoPTiGJzh-RHFhnm1AUnxg&sai=AMfl-YTBpCGBFHAwJYaNZXa1Q-JcluTewIlxDHSf_PFNnj7UaIuT1jvnI3MxPuqRIWY14HhNBzBwGNta64zg&sig=Cg0ArKJSzMBrZI7XxyHZEAE&adurl=
Frame ID: B07A3E3EA6FB843C912F5E594DCB570A
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvi5ma0vZ4-m3BQ8qsXEUSLxJKr1b-owYLuHhjpwAHIIQnMGcvLV7HGmIq2ep34Jj35_jJDbZCzpe7zIW-JnZEZW-BxX8V4CtIYLV9sa9b5P-K7OYvO9sa2dKiOJotiJ5WwLEIVotxL8kn1VTDKR3ZTnnsp2wlUPxl1JSL0PbtGPwSsTK7IhXyWBLLiJFef3HO4d_P4OJDCgpyzgZcKCfYOXLZZydtCELhsAMgNuj2kePAu8xeujk8OsSCQ-BoPUrgcxogVTjICiwI4V4Cnkm1DKA83Javr73-QGKBkRm1-uKAGfThIVRuO5CD-mj6yhLc&sai=AMfl-YS25uYRT7lVYVDBJr0sObXHTgAOaF00EZ2ZDsMXyqfqPeA077amrzmXpoYBkd0LlLqyyl-yxoTX-Jho&sig=Cg0ArKJSzJ04DI5Z9ZjcEAE&adurl=
Frame ID: 2EB5E254268C9FC61214383500BC301A
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupwgH9Y9XHTZlMr5hPNDOr-09kHyTbrZPo1CpTSYGMNTIIjWCwcxV4UqQsr3pFyztyH0aJbC1rkOeNjXqkdrBcP0BFrYkbGgW2fTz78DZ_QquPApZG56cplkGV5uA-F9_KSEttUl03ncBvM2oawCUBCDvSVIchSZtDAf4iAv2yAnTm2tkj6_CFofm7X-ZIuD9IAYjew_r2UQFaePQqfqzgw6RmnJsNIpZMq3D9mLT0KYP4Ak9tIjE973poMDn0z0ZAgzm7bwix6dsRN-rKS37Xfb06surhD_VjMnKZsHitlOg8g-IHj2-10m8NG8FNBCA&sai=AMfl-YRG4oNBtvLfRiDoL0RNUfqu3l3scDBpSg3gMJeXtyiwe0V6GDUFtA_OLrbLIUo76Xfdm6s0GotxpKnO&sig=Cg0ArKJSzBso9AvcQAceEAE&adurl=
Frame ID: 1D9BDA12D5FF262B8A576FF6D8C4EEE7
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssj-9o5xkA6-kqn-g3xvploTDQ09uCIf7CPA9mxCOXWlnGzruNzzd0F6TD-xn0wFdSn4Ds84ynUEAHnWzwXwpv4FqSyLco3qDwXL-2UYB9eCC3cGir543tIOLeLpI0ig1dp-Lw3znzHFWVqXwPrleuxcxWkCsgbqMiZFcHYM49K-RO7Q10AdWaU_vF48dkITHfL8HhOdk4judesdA__5w-3TpG-Eas0I7G_-no9IW4LS6cy13P713DCGXb-7Tu0kDM9d-hmLRz8Nc7WARk9H4yr7V83PGMmAf0TgFWmmNTmWlO6Z2yT7SHT6yI9lAzdBdQ&sai=AMfl-YR8jsAF5YNwW12-FprRe_Zv8mTjrTiS2CPgdzf844Winw-je4BKUk0V3gOIgz9S7eIp_4aftuP5WBRM&sig=Cg0ArKJSzIu_8aD4fHKbEAE&adurl=
Frame ID: 9CF241EF1F576799CF6DE9C47A6BAE02
Requests: 9 HTTP requests in this frame

Frame: https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
Frame ID: 8654C9C0F847555B00FB181C1565DFB7
Requests: 18 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234025551&pubOrder=305536031&cb=1083997873&custom=story&custom3=168400391&adsafe_par&impId=fdda9eba-a292-11eb-8497-0a6fa201f3de
Frame ID: FDDD48BE74D4AC683EAF4F6FD59C08C3
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234025560&pubOrder=305536031&cb=1648490816&custom=story&custom3=168400391&adsafe_par&impId=fdda9ebb-a292-11eb-8497-0a6fa201f3de
Frame ID: D6E111DE6BBFDCBF47B3A78FDCAFEEBE
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234025548&pubOrder=305536031&cb=1809257187&custom=story&custom3=168400391&adsafe_par&impId=fdda9ebc-a292-11eb-8497-0a6fa201f3de
Frame ID: 25EC2E4CE66E3595DD290999F2F51950
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234082439&pubOrder=305536031&cb=1485295675&custom=story&custom3=168400391&adsafe_par&impId=fdda9ebe-a292-11eb-8497-0a6fa201f3de
Frame ID: 9F43AB7A454E21B309F75CEB2C864A7F
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234092456&pubOrder=305536031&cb=1964600842&custom=story&custom3=168400391&adsafe_par&impId=fdda9ebd-a292-11eb-8497-0a6fa201f3de
Frame ID: 718E08B4BD6CFF3DF22FD28FA757AFB6
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x90|1&pubId=36557831&chanId=21941980990&placementId=4795254195&pubCreative=138345071646&pubOrder=2161406623&cb=1014513803&custom=story&custom3=168400391&adsafe_par&impId=fdda9ebf-a292-11eb-8497-0a6fa201f3de
Frame ID: 6522C08A52A56974070EA6FF1F304844
Requests: 2 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: 5A034B1C44838AA3EF043F02EA1B2C4D
Requests: 1 HTTP requests in this frame

Frame: https://static.ads-twitter.com/uwt.js
Frame ID: 2C55BE27DF7082AFD2A0001622C4D9C2
Requests: 3 HTTP requests in this frame

Frame: https://snap.licdn.com/li.lms-analytics/insight.min.js
Frame ID: E17C0EAD9A3C6767213EC145EC0B3E1F
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Frame ID: 1CCBDBF71F19D53EDF3EF511C965DC46
Requests: 5 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: C14C040FF8C6AA24458A495506A7B096
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/up/pixie.js
Frame ID: E2D28FFD655B99B3B24440F3C14E13C6
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CL2O64ibj_ACFRDHuwgdvFoODw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8273617966547.326
Frame ID: 3F335D3E9192DB2DFC2BDBB90634A77B
Requests: 1 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/conversion.js
Frame ID: 2D28C25AE66A75CC9AD77D67D8E0093D
Requests: 4 HTTP requests in this frame

Frame: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296557&src.rand=[timestamp]
Frame ID: 1B44838F7AB1BD4629E4981F372F10D8
Requests: 1 HTTP requests in this frame

Frame: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Frame ID: 4D4C5CB6DEA9F02AD57C009BBB5480B7
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CL2O64ibj_ACFRDHuwgdvFoODw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8273617966547.326;~oref=https://www.heraldsun.com.au/
Frame ID: 577DB11168FF1895767FB0DD7C34ADDD
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CL2O64ibj_ACFRDHuwgdvFoODw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8273617966547.326;~oref=https://www.heraldsun.com.au/
Frame ID: 50F775E4F35A29D29A01414CA2AF6E03
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: CC1AC408A2C6B92FF1C43EB9CFDC13E7
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: C104B3DFDB3A6B592741E445744A0DD4
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: 3323C4D8C6D6058174594DD7A469E206
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: FAD495DC9401C8F0E87F472FA939FE6C
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: D35F9D8DCE9FAD50CB50F1AAFD1E1944
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: EBAE85AE80C2FF238D5BF4D3287F433A
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2Fnews-story%2Fa6014d78ca474fc98429ca45bcc005cc%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac&upid=trk7f24&upv=1.1.0
Frame ID: 77E371BA4AAF0A2B6B771013902EABC6
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2Fnews-story%2Fa6014d78ca474fc98429ca45bcc005cc%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac&upid=ekg5qxt&upv=1.1.0
Frame ID: 8862623BB0972DC194891E9FEFF4D20C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 49D3778B982DB4827A71A6D4E82D60AC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://info.silobreaker.com/e2t/tc/VX5zZg1gp8x2VCFB3550K860W3cF4jk4qG9qBMtGxl94Zc_rV3Zsc37CgT_JW17K2Qq9b... Page URL
  2. https://info.silobreaker.com/events/public/v1/track/tc/VX5zZg1gp8x2VCFB3550K860W3cF4jk4qG9qBMtGxl94Zc_rV3... HTTP 307
    https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recove... HTTP 302
    https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fbre... HTTP 302
    https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recove... HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fnews... HTTP 302
    https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recove... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /\/prebid\.js/i
Overall confidence: 100%
Detected patterns
  • script /serving-sys\.com\//i
Overall confidence: 100%
Detected patterns
  • html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

300
Requests

99 %
HTTPS

24 %
IPv6

65
Domains

107
Subdomains

74
IPs

7
Countries

2505 kB
Transfer

7713 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://info.silobreaker.com/e2t/tc/VX5zZg1gp8x2VCFB3550K860W3cF4jk4qG9qBMtGxl94Zc_rV3Zsc37CgT_JW17K2Qq9bPlJYW5R5dL59dVMXjW7z-4jR9b6FJDW4bq-V53tgQKTW8tHLRZ4dVxJjW5X0jSY1MnH23N2Ts1rMG0YF6W5tLSH572LsF8W1rrqm21l2bM6W6l0p7x81P3BfVl-fyg7tH-J6W2twwz68WDTNqW3r3Bvd3wKftsW5mr3fg2nf_gbW2VrGt93gjLQWW5tMRfB44zcX6W5vnz4C3mlJXwW5zdPZ94CZBQqW4KbNLY9jN6pzW22Y5Fy33S5RCLgX7x4K5nLW1lHk3C203SmzW6tWr4W5p1QgyW6kk-wR1gZbJ9W41hz-Y5HRKNnW29W_mF8dZnzDW11CY2f1MJSJ3W5tT3LY43lPrmW3v12rz8QQHpsW26Rn-Y7LSPN4W9jCfzd8Y_JW9W8V1Z8L2hdS2KW6HJRFm8qzlHwW18nlDw68njy634fF1 Page URL
  2. https://info.silobreaker.com/events/public/v1/track/tc/VX5zZg1gp8x2VCFB3550K860W3cF4jk4qG9qBMtGxl94Zc_rV3Zsc37CgT_JW17K2Qq9bPlJYW5R5dL59dVMXjW7z-4jR9b6FJDW4bq-V53tgQKTW8tHLRZ4dVxJjW5X0jSY1MnH23N2Ts1rMG0YF6W5tLSH572LsF8W1rrqm21l2bM6W6l0p7x81P3BfVl-fyg7tH-J6W2twwz68WDTNqW3r3Bvd3wKftsW5mr3fg2nf_gbW2VrGt93gjLQWW5tMRfB44zcX6W5vnz4C3mlJXwW5zdPZ94CZBQqW4KbNLY9jN6pzW22Y5Fy33S5RCLgX7x4K5nLW1lHk3C203SmzW6tWr4W5p1QgyW6kk-wR1gZbJ9W41hz-Y5HRKNnW29W_mF8dZnzDW11CY2f1MJSJ3W5tT3LY43lPrmW3v12rz8QQHpsW26Rn-Y7LSPN4W9jCfzd8Y_JW9W8V1Z8L2hdS2KW6HJRFm8qzlHwW18nlDw68njy634fF1?_ud=6f3d1a5d-8baf-4c23-b046-196cdeda119e&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
    https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac HTTP 302
    https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fbreaking-news%2fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2fnews-story%2fa6014d78ca474fc98429ca45bcc005cc%3f_hsmi%3d88974744%26_hsenc%3dp2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac HTTP 302
    https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fbreaking-news%2fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2fnews-story%2fa6014d78ca474fc98429ca45bcc005cc%3f_hsmi%3d88974744%26_hsenc%3dp2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac&1619003770868165496 HTTP 302
    https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac&nk=f277a6fd0b815eab7b320a6fb7d2a190-1619003770 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1619003775316&ns_c=UTF-8&cv=3.5&c8=German%20court%20throws%20out%20challenge%20against%20EU%20virus%20recovery%20fund%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2Fnews-story%2Fa6014d78ca474fc98429ca45bcc005cc%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1619003775316&ns_c=UTF-8&cv=3.5&c8=German%20court%20throws%20out%20challenge%20against%20EU%20virus%20recovery%20fund%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2Fnews-story%2Fa6014d78ca474fc98429ca45bcc005cc%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac&c9=
Request Chain 64
  • https://secure-gl.imrworldwide.com/v60.js HTTP 301
  • https://cdn-gl.imrworldwide.com/v60.js
Request Chain 84
  • https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/undefined HTTP 302
  • https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fbreaking-news%2fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2fnews-story%2fundefined HTTP 302
  • https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/undefined HTTP 302
  • https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fbreaking-news%2fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2fnews-story%2fundefined&16190037771645786086 HTTP 302
  • https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/undefined?nk=f0438412004a727eaba0ac78fb9d77ca-1619003777
Request Chain 88
  • https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1619003776596 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1619003776596
Request Chain 106
  • https://cm.everesttech.net/cm/dd?d_uuid=33942183780729677563111995985015898251 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YIAJgQAAAMZKxikN
Request Chain 110
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---&__user_check__=1&sync_id=fde68041-a292-11eb-a4c6-194044dd2906 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=fde67fea-a292-11eb-a4c6-194044dd2906&orig=video&us_privacy=1---
Request Chain 137
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=6416948277860112457 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=358&dpuuid=6416948277860112457
Request Chain 162
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
Request Chain 163
  • https://u.openx.net/w/1.0/sd?id=543998486&val=7f6b5753-2082-4263-ad23-bed7b315e0e4-tuct7798eff&gdpr=0&gdpr_consent= HTTP 302
  • https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=7f6b5753-2082-4263-ad23-bed7b315e0e4-tuct7798eff&gdpr=0&gdpr_consent=
Request Chain 165
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=m5vrLwq4RUP7&ev=1&orig=trc&pid=562107
Request Chain 166
  • https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc HTTP 302
  • https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=6416948277860112457&orig=trc
Request Chain 167
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEPYlAH9KOTCq6pKwf-3DWoQ&google_cver=1
Request Chain 169
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=9f0e2d2f-70da-43a0-9f36-0eda806771e7-tuct7798f01 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=0&gdpr_consent=&google_hm=9f0e2d2f-70da-43a0-9f36-0eda806771e7-tuct7798f01&google_tc=
Request Chain 170
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
Request Chain 171
  • https://ce.lijit.com/merge?pid=42&3pid=7f6b5753-2082-4263-ad23-bed7b315e0e4-tuct7798eff&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=42&3pid=7f6b5753-2082-4263-ad23-bed7b315e0e4-tuct7798eff&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Request Chain 175
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=0020d1db-e696-4f18-b5e3-eb356b673661
Request Chain 176
  • https://id5-sync.com/s/464/9.gif?puid=7f6b5753-2082-4263-ad23-bed7b315e0e4-tuct7798eff&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/464/464/7/1.gif?puid=7f6b5753-2082-4263-ad23-bed7b315e0e4-tuct7798eff&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOTQIa13FbiK1hqFYOTUICCVzSOjnu9sL3FF7EOA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOTQIa13FbiK1hqFYOTUICCVzSOjnu9sL3FF7EOA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/464/124/6/2.gif?puid=fb078a12-cdc0-4220-a88d-be306d0ce464&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEDR6dYQm7MRgjGmoiKO95pg&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEDR6dYQm7MRgjGmoiKO95pg&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=3071104051653182818&opid=apx&ops=&utidl=tech:goo:CAESEDR6dYQm7MRgjGmoiKO95pg&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A17041977473&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/19/4/4.gif?puid=498d791ff56d76b8feeb788010247e6c&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/464/101/3/5.gif?puid=041032c9-7e6b-46ef-b9e9-847eb3b47ac2&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/108/2/6.gif?puid=002e5220-a293-11eb-a1bf-ca0a6b936eb6&gdpr=1&gdpr_consent=
Request Chain 177
  • https://s.c.appier.net/taboola HTTP 302
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=kqFkeNJcDzGyPFpqgwmAYA
Request Chain 179
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=
Request Chain 180
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=4410628738367370014 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=470&dpuuid=4410628738367370014
Request Chain 201
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8273617966547.326 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CL2O64ibj_ACFRDHuwgdvFoODw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8273617966547.326
Request Chain 204
  • https://secure.adnxs.com/px?id=879166&seg=9702347&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Request Chain 205
  • https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1
Request Chain 211
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MzM5NDIxODM3ODA3Mjk2Nzc1NjMxMTE5OTU5ODUwMTU4OTgyNTE= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESED_w7xulO93o-VvUoa7HP-I&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 219
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1619003778676&url=https%3A%2F%2Fwww.heraldsun.com.au%2F HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26time%3D1619003778676%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252F%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1619003778676&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1619003778676&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&liSync=true&e_ipv6=AQIJwzFdvUlTxgAAAXj0JSxAd-_p-PcEb1voPgCvWJw8cOxdwyZdzARev7SwGdoNWitD1coV
Request Chain 222
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=d3b873c5-c50d-4a75-bb4e-a49c4562463d
Request Chain 230
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__ HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&C=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YIAJgxVXGVNG35gkaqYKcAAA%261219
Request Chain 233
  • https://dt.scanscout.com/ssframework/uid?UIAA=33942183780729677563111995985015898251&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-dc51d08ac9754595478125befb2f22d7
Request Chain 248
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=33942183780729677563111995985015898251&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Request Chain 259
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=33942183780729677563111995985015898251 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=33942183780729677563111995985015898251
Request Chain 261
  • https://tags.bluekai.com/site/43981?id=33942183780729677563111995985015898251&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=YClFJy9999OJGGOQ
Request Chain 268
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&_test=YIAJhAAAWBTyBgA4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUlBSmhBQUFXQlR5QmdBNA==&_test=YIAJhAAAWBTyBgA4
Request Chain 271
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90&_test=YIAJhAAAWGryQQA4 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YIAJhAAAWGryQQA4&expires=90&_test=YIAJhAAAWGryQQA4
Request Chain 274
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=YIAJhAAAVGX1fgAC HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YIAJhAAAVGX1fgAC&_test=YIAJhAAAVGX1fgAC
Request Chain 280
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=YIAJhAAAWGryQQA4
Request Chain 282
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YIAJhAAAVGX1fgAC HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YIAJhAAAVGX1fgAC
Request Chain 287
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YIAJhAAAVGX1fgAC
Request Chain 288
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YIAJhAAAVGX1fgAC&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YIAJhAAAVGX1fgAC&img=1&__user_check__=1&sync_id=0011686d-a293-11eb-8666-16ae82d31d06
Request Chain 289
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=YIAJhAAAVGX1fgAC&t=2592000&o=0
Request Chain 291
  • https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=147592?dpuuid=a7f532a6-96b0-4ef1-b06f-85410476d58a-tuct7798f02
Request Chain 292
  • https://sync.1rx.io/usersync/adobe/0?dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync/adobe/0?zcc=1&dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D&cb=1619003781263 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-4dc5d2ac-0abb-4d96-81a6-0295f11c7a60-003?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3DRX-4dc5d2ac-0abb-4d96-81a6-0295f11c7a60-003 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=461447&dpuuid=RX-4dc5d2ac-0abb-4d96-81a6-0295f11c7a60-003

300 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
VX5zZg1gp8x2VCFB3550K860W3cF4jk4qG9qBMtGxl94Zc_rV3Zsc37CgT_JW17K2Qq9bPlJYW5R5dL59dVMXjW7z-4jR9b6FJDW4bq-V53tgQKTW8tHLRZ4dVxJjW5X0jSY1MnH23N2Ts1rMG0YF6W5tLSH572LsF8W1rrqm21l2bM6W6l0p7x81P3BfVl-fyg7t...
info.silobreaker.com/e2t/tc/ 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://info.silobreaker.com/e2t/tc/VX5zZg1gp8x2VCFB3550K860W3cF4jk4qG9qBMtGxl94Zc_rV3Zsc37CgT_JW17K2Qq9bPlJYW5R5dL59dVMXjW7z-4jR9b6FJDW4bq-V53tgQKTW8tHLRZ4dVxJjW5X0jSY1MnH23N2Ts1rMG0YF6W5tLSH572LsF8W1rrqm21l2bM6W6l0p7x81P3BfVl-fyg7tH-J6W2twwz68WDTNqW3r3Bvd3wKftsW5mr3fg2nf_gbW2VrGt93gjLQWW5tMRfB44zcX6W5vnz4C3mlJXwW5zdPZ94CZBQqW4KbNLY9jN6pzW22Y5Fy33S5RCLgX7x4K5nLW1lHk3C203SmzW6tWr4W5p1QgyW6kk-wR1gZbJ9W41hz-Y5HRKNnW29W_mF8dZnzDW11CY2f1MJSJ3W5tT3LY43lPrmW3v12rz8QQHpsW26Rn-Y7LSPN4W9jCfzd8Y_JW9W8V1Z8L2hdS2KW6HJRFm8qzlHwW18nlDw68njy634fF1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
df577ca20f9ec2e560a642708a5a4321affbfa8370863010a17a858fb73f9a41

Request headers

:method
GET
:authority
info.silobreaker.com
:scheme
https
:path
/e2t/tc/VX5zZg1gp8x2VCFB3550K860W3cF4jk4qG9qBMtGxl94Zc_rV3Zsc37CgT_JW17K2Qq9bPlJYW5R5dL59dVMXjW7z-4jR9b6FJDW4bq-V53tgQKTW8tHLRZ4dVxJjW5X0jSY1MnH23N2Ts1rMG0YF6W5tLSH572LsF8W1rrqm21l2bM6W6l0p7x81P3BfVl-fyg7tH-J6W2twwz68WDTNqW3r3Bvd3wKftsW5mr3fg2nf_gbW2VrGt93gjLQWW5tMRfB44zcX6W5vnz4C3mlJXwW5zdPZ94CZBQqW4KbNLY9jN6pzW22Y5Fy33S5RCLgX7x4K5nLW1lHk3C203SmzW6tWr4W5p1QgyW6kk-wR1gZbJ9W41hz-Y5HRKNnW29W_mF8dZnzDW11CY2f1MJSJ3W5tT3LY43lPrmW3v12rz8QQHpsW26Rn-Y7LSPN4W9jCfzd8Y_JW9W8V1Z8L2hdS2KW6HJRFm8qzlHwW18nlDw68njy634fF1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:09 GMT
content-type
text/html;charset=utf-8
set-cookie
__cfduid=dced06ffe77a32f35c66d4f7fcd7e8e231619003769; expires=Fri, 21-May-21 11:16:09 GMT; path=/; domain=.info.silobreaker.com; HttpOnly; SameSite=Lax __cfruid=919c9cbcb15a2cb9547ddf7434b1ecfe5f4fc030-1619003769; path=/; domain=.info.silobreaker.com; HttpOnly; Secure; SameSite=None
cf-ray
643632d4a88f1661-WAW
vary
Accept-Encoding
cf-cache-status
MISS
access-control-allow-credentials
false
cf-request-id
0995be18ed00001661f98af000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy
no-referrer
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8eQgUrZA7EsaRUEWYEmt4HFYlN0DjkvuGsV%2BadeYznJMQ37PlHUhTmlkz%2FPBL2aoKlsFFA9MafbrD6Cgr3sWAPTmrZtB%2FSXbGltcEsnDHQXWhcY5ew%3D%3D"}]}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
content-encoding
br
Primary Request a6014d78ca474fc98429ca45bcc005cc
www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/
Redirect Chain
  • https://info.silobreaker.com/events/public/v1/track/tc/VX5zZg1gp8x2VCFB3550K860W3cF4jk4qG9qBMtGxl94Zc_rV3Zsc37CgT_JW17K2Qq9bPlJYW5R5dL59dVMXjW7z-4jR9b6FJDW4bq-V53tgQKTW8tHLRZ4dVxJjW5X0jSY1MnH23N2Ts...
  • https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQ...
  • https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fbreaking-news%2fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2fnews-story%2...
  • https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQ...
  • https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fbreaking-news%2fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2fnews-story...
  • https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQ...
217 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac&nk=f277a6fd0b815eab7b320a6fb7d2a190-1619003770
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VX5zZg1gp8x2VCFB3550K860W3cF4jk4qG9qBMtGxl94Zc_rV3Zsc37CgT_JW17K2Qq9bPlJYW5R5dL59dVMXjW7z-4jR9b6FJDW4bq-V53tgQKTW8tHLRZ4dVxJjW5X0jSY1MnH23N2Ts1rMG0YF6W5tLSH572LsF8W1rrqm21l2bM6W6l0p7x81P3BfVl-fyg7tH-J6W2twwz68WDTNqW3r3Bvd3wKftsW5mr3fg2nf_gbW2VrGt93gjLQWW5tMRfB44zcX6W5vnz4C3mlJXwW5zdPZ94CZBQqW4KbNLY9jN6pzW22Y5Fy33S5RCLgX7x4K5nLW1lHk3C203SmzW6tWr4W5p1QgyW6kk-wR1gZbJ9W41hz-Y5HRKNnW29W_mF8dZnzDW11CY2f1MJSJ3W5tT3LY43lPrmW3v12rz8QQHpsW26Rn-Y7LSPN4W9jCfzd8Y_JW9W8V1Z8L2hdS2KW6HJRFm8qzlHwW18nlDw68njy634fF1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-111.deploy.static.akamaitechnologies.com
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
bddd4b9194c4d1cd2b410bfb005acbf1b5bdcca672b1e0dd4f0aee62c83a5cbb
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

:method
GET
:authority
www.heraldsun.com.au
:scheme
https
:path
/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac&nk=f277a6fd0b815eab7b320a6fb7d2a190-1619003770
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
n_regis=123456789
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://info.silobreaker.com/e2t/tc/VX5zZg1gp8x2VCFB3550K860W3cF4jk4qG9qBMtGxl94Zc_rV3Zsc37CgT_JW17K2Qq9bPlJYW5R5dL59dVMXjW7z-4jR9b6FJDW4bq-V53tgQKTW8tHLRZ4dVxJjW5X0jSY1MnH23N2Ts1rMG0YF6W5tLSH572LsF8W1rrqm21l2bM6W6l0p7x81P3BfVl-fyg7tH-J6W2twwz68WDTNqW3r3Bvd3wKftsW5mr3fg2nf_gbW2VrGt93gjLQWW5tMRfB44zcX6W5vnz4C3mlJXwW5zdPZ94CZBQqW4KbNLY9jN6pzW22Y5Fy33S5RCLgX7x4K5nLW1lHk3C203SmzW6tWr4W5p1QgyW6kk-wR1gZbJ9W41hz-Y5HRKNnW29W_mF8dZnzDW11CY2f1MJSJ3W5tT3LY43lPrmW3v12rz8QQHpsW26Rn-Y7LSPN4W9jCfzd8Y_JW9W8V1Z8L2hdS2KW6HJRFm8qzlHwW18nlDw68njy634fF1

Response headers

server
nginx
content-type
text/html; charset=UTF-8
set-cookie
AWSALB=m41asGWZHthTgWXc4HLtczOtLyrE5p1xiki7s2NP8BL0S5F9DWMpU2qIh6VCOEAOgW9z8LVZr8YeI0XzSfbPcZtOXSmulsMfaz+T2Uloa+U4098Clq/KSwOrVw9N; Expires=Wed, 28 Apr 2021 11:16:11 GMT; Path=/ nk=f277a6fd0b815eab7b320a6fb7d2a190; expires=Sat, 20 Apr 2024 11:16:14 GMT; path=/; domain=heraldsun.com.au; SameSite=None; Secure; AWSALBCORS=m41asGWZHthTgWXc4HLtczOtLyrE5p1xiki7s2NP8BL0S5F9DWMpU2qIh6VCOEAOgW9z8LVZr8YeI0XzSfbPcZtOXSmulsMfaz+T2Uloa+U4098Clq/KSwOrVw9N; Expires=Wed, 28 Apr 2021 11:16:11 GMT; Path=/; SameSite=None; Secure
x-powered-by
WordPress VIP <https://wpvip.com>
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https
true
vary
User-Agent Accept-Encoding
x-arrrg1
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fbreaking-news%2fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2fnews-story%2fa6014d78ca474fc98429ca45bcc005cc%3f_hsmi%3d88974744%26_hsenc%3dp2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac%26nk%3df277a6fd0b815eab7b320a6fb7d2a190-1619003770&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=a6014d78ca474fc98429ca45bcc005cc&session=f277a6fd0b815eab7b320a6fb7d2a190
x-arrrg5
BlaizeHappened
x-rq
ewr4 114 53 3245
x-xss-protection
1
x-content-type-options
nosniff
host-header
a9130478a60e5f9135f765b23f26593b
content-encoding
gzip
cache-control
max-age=58
expires
Wed, 21 Apr 2021 11:17:12 GMT
date
Wed, 21 Apr 2021 11:16:14 GMT

Redirect headers

server
AkamaiGHost
content-length
154
content-type
text/html
location
https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac&nk=f277a6fd0b815eab7b320a6fb7d2a190-1619003770
set-cookie
nk=f277a6fd0b815eab7b320a6fb7d2a190; expires=Sat, 20 Apr 2024 11:16:10 GMT; path=/; domain=news.com.au; SameSite=None; Secure;
mime-version
1.0
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
vary
Accept-Encoding
etag
"05563c72b22b39afb384f19701c03047:1600838589.100191"
expires
Wed, 21 Apr 2021 11:16:10 GMT
cache-control
max-age=0, no-cache
pragma
no-cache
date
Wed, 21 Apr 2021 11:16:10 GMT
css-metro-desktop-lazy.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		55 B
674 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac&nk=f277a6fd0b815eab7b320a6fb7d2a190-1619003770
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path
/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css
pragma
no-cache
cookie
AWSALB=m41asGWZHthTgWXc4HLtczOtLyrE5p1xiki7s2NP8BL0S5F9DWMpU2qIh6VCOEAOgW9z8LVZr8YeI0XzSfbPcZtOXSmulsMfaz+T2Uloa+U4098Clq/KSwOrVw9N; nk=f277a6fd0b815eab7b320a6fb7d2a190; AWSALBCORS=m41asGWZHthTgWXc4HLtczOtLyrE5p1xiki7s2NP8BL0S5F9DWMpU2qIh6VCOEAOgW9z8LVZr8YeI0XzSfbPcZtOXSmulsMfaz+T2Uloa+U4098Clq/KSwOrVw9N
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.heraldsun.com.au
referer
https://www.heraldsun.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:14 GMT
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https
true
content-length
74
x-rq
ewr4 114 24 3161
last-modified
Wed, 10 Mar 2021 01:11:17 GMT
server
nginx
etag
"60481cb5-37"
vary
User-Agent
content-type
text/css
cache-control
max-age=1
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Wed, 21 Apr 2021 11:16:15 GMT
lux.js
cdn.speedcurve.com/js/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.speedcurve.com/js/lux.js?id=338391603
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac&nk=f277a6fd0b815eab7b320a6fb7d2a190-1619003770
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
8e0cf75c2cfcb35edbce8e01875f1690dc3ffbfbb3eff4f3e02f69da5a5d6846

Request headers

Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:14 GMT
via
1.1 vegur, 1.1 varnish
age
5948
x-cache
HIT
x-cache-hits
41
content-encoding
gzip
content-length
6820
x-served-by
cache-hhn4042-HHN
last-modified
Wed, 21 Apr 2021 09:37:07 GMT
server
Apache
x-timer
S1619003775.703416,VS0,VE0
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Apr 2021 09:37:07 GMT
loader.js
cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/ 		256 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac&nk=f277a6fd0b815eab7b320a6fb7d2a190-1619003770
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4c24602f4466734b682caa9745add76e5e77dc3d3ae0c86b8f9311547f6d66dc

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
bA2AZEUhYBZqp42cVuS7t1rHrI8PBK2M
content-encoding
gzip
etag
"08d15730145b24d3b4279cba930272a4"
age
81
x-cache
HIT
content-length
35586
x-amz-id-2
g0RubKfgvCFRXzXBMsWPnZp3UbqzMytp1fcCNNiiHRu46bvlWDro+yc2/VN2BSlNCFw+RcCALl4=
x-served-by
cache-hhn11536-HHN
last-modified
Tue, 20 Apr 2021 09:03:37 GMT
server
AmazonS3
x-timer
S1619003775.702847,VS0,VE1
date
Wed, 21 Apr 2021 11:16:14 GMT
vary
Accept-Encoding
x-amz-request-id
QJV04ZW1SBFCD1DQ
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
95
x-cache-hits
1
heraldsun.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 		37 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
03cce1892cbfca0c35fe3b1f64307db1269f452bc8eb983a654d68166bfb57c0
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path
/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg
pragma
no-cache
cookie
AWSALB=m41asGWZHthTgWXc4HLtczOtLyrE5p1xiki7s2NP8BL0S5F9DWMpU2qIh6VCOEAOgW9z8LVZr8YeI0XzSfbPcZtOXSmulsMfaz+T2Uloa+U4098Clq/KSwOrVw9N; nk=f277a6fd0b815eab7b320a6fb7d2a190; AWSALBCORS=m41asGWZHthTgWXc4HLtczOtLyrE5p1xiki7s2NP8BL0S5F9DWMpU2qIh6VCOEAOgW9z8LVZr8YeI0XzSfbPcZtOXSmulsMfaz+T2Uloa+U4098Clq/KSwOrVw9N
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.heraldsun.com.au
referer
https://www.heraldsun.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:14 GMT
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https
true
content-length
14385
x-rq
ewr4 114 120 3167
last-modified
Mon, 12 Apr 2021 00:05:02 GMT
server
nginx
etag
W/"60738eae-948d"
vary
User-Agent
content-type
image/svg+xml
cache-control
max-age=1779975
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Wed, 12 May 2021 01:42:29 GMT
heraldsun-white.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun-white.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path
/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun-white.svg
pragma
no-cache
cookie
AWSALB=m41asGWZHthTgWXc4HLtczOtLyrE5p1xiki7s2NP8BL0S5F9DWMpU2qIh6VCOEAOgW9z8LVZr8YeI0XzSfbPcZtOXSmulsMfaz+T2Uloa+U4098Clq/KSwOrVw9N; nk=f277a6fd0b815eab7b320a6fb7d2a190; AWSALBCORS=m41asGWZHthTgWXc4HLtczOtLyrE5p1xiki7s2NP8BL0S5F9DWMpU2qIh6VCOEAOgW9z8LVZr8YeI0XzSfbPcZtOXSmulsMfaz+T2Uloa+U4098Clq/KSwOrVw9N
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.heraldsun.com.au
referer
https://www.heraldsun.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:14 GMT
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https
true
content-length
2891
x-rq
ewr4 113 245 3165
last-modified
Tue, 02 Feb 2021 00:35:25 GMT
server
nginx
etag
W/"60189e4d-1e5e"
vary
User-Agent
content-type
image/svg+xml
cache-control
max-age=1621479
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Mon, 10 May 2021 05:40:53 GMT
js-critical-desktop.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
174b9a58c7e4e80c420d329af6a87671f2a602c1878580298a832034adfe155a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path
/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
pragma
no-cache
cookie
AWSALB=m41asGWZHthTgWXc4HLtczOtLyrE5p1xiki7s2NP8BL0S5F9DWMpU2qIh6VCOEAOgW9z8LVZr8YeI0XzSfbPcZtOXSmulsMfaz+T2Uloa+U4098Clq/KSwOrVw9N; nk=f277a6fd0b815eab7b320a6fb7d2a190; AWSALBCORS=m41asGWZHthTgWXc4HLtczOtLyrE5p1xiki7s2NP8BL0S5F9DWMpU2qIh6VCOEAOgW9z8LVZr8YeI0XzSfbPcZtOXSmulsMfaz+T2Uloa+U4098Clq/KSwOrVw9N
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.heraldsun.com.au
referer
https://www.heraldsun.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:14 GMT
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https
true
content-length
1907
x-rq
ewr4 114 120 3167
last-modified
Tue, 13 Apr 2021 23:57:26 GMT
server
nginx
etag
W/"60762fe6-1246"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=27
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Wed, 21 Apr 2021 11:16:41 GMT
title-arrow.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		540 B
859 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac&nk=f277a6fd0b815eab7b320a6fb7d2a190-1619003770
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-190.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:14 GMT
last-modified
Wed, 16 Sep 2020 23:56:43 GMT
server
AmazonS3
x-amz-request-id
80805FC298EFFCF4
etag
"4d7595f832e4962b83a9428c3723233b"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=299713
accept-ranges
bytes
content-length
540
x-amz-id-2
A7Clz7HCePx1Ek5slYSVMJdtjiy61jm8cPQilsKeafI3hQRtTyE80fian+knWnPUDJ+OpyNGk5s=
expires
Sat, 24 Apr 2021 22:31:27 GMT
source-sans-pro-600.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-600.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac&nk=f277a6fd0b815eab7b320a6fb7d2a190-1619003770
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-190.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Request headers

Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:14 GMT
last-modified
Tue, 22 Sep 2020 06:30:09 GMT
server
AmazonS3
x-amz-request-id
F71F13E443C6B2FE
etag
"c85615b296302af51e683eecb5e371d4"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=114515
accept-ranges
bytes
content-length
15948
x-amz-id-2
Nlq1wgWYh3e+AC0TUoNBE9CTiNyyErOIlUApQuxB9Tpjk0xBPWMUGKncr3MAUeAFT97YCQMu7Vk=
expires
Thu, 22 Apr 2021 19:04:49 GMT
charter_bold.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac&nk=f277a6fd0b815eab7b320a6fb7d2a190-1619003770
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-190.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf

Request headers

Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:14 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
34037D7C97259F11
etag
"c4ced7adf03d84494a6c1da275896d38"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=306287
accept-ranges
bytes
content-length
11472
x-amz-id-2
8hpECIsS0O7dE/rOrT22b+WguT2pGbsJRr3icYp9VHDHuJZLFxHG23j6pozDBbA9W1Eo5ca1pXY=
expires
Sun, 25 Apr 2021 00:21:01 GMT
source-sans-pro-regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-regular.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac&nk=f277a6fd0b815eab7b320a6fb7d2a190-1619003770
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-190.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Request headers

Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:14 GMT
last-modified
Tue, 01 Sep 2020 04:31:33 GMT
server
AmazonS3
x-amz-request-id
EFC0AD8EBCCD7129
etag
"899c8f78ce650d4009d42443897aa723"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=208106
accept-ranges
bytes
content-length
16112
x-amz-id-2
KUKW+av4QFyzO1K/NgsGJU+kIOu+X9RuH2COg0hb48VfE4XQSsj5P4nijBPJqVMpSpao69k4s9o=
expires
Fri, 23 Apr 2021 21:04:40 GMT
charter_regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_regular.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac&nk=f277a6fd0b815eab7b320a6fb7d2a190-1619003770
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-190.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0

Request headers

Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:14 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
232BAC8F1E7A26D0
etag
"29e85ea235248e0a7761df4fe6643e1a"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=305534
accept-ranges
bytes
content-length
11372
x-amz-id-2
4ragS4nm2P2YO+wuj4WOaEwarsG8MPOvjg0Yww06PbhqcauOnbqvN1NBoN1h+SY8F0xcMAH9O4s=
expires
Sun, 25 Apr 2021 00:08:28 GMT
title-arrow-white.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		535 B
854 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow-white.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac&nk=f277a6fd0b815eab7b320a6fb7d2a190-1619003770
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-190.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:15 GMT
last-modified
Thu, 17 Sep 2020 00:28:25 GMT
server
AmazonS3
x-amz-request-id
E7FC71DCC76626B8
etag
"b0f5ec7455ded53e84de4fee006a5110"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=300424
accept-ranges
bytes
content-length
535
x-amz-id-2
cwPOFVoesdR8zziFLGKQvvlh/NrinqD0Royvn8X9ixprzFVnM6iJPyh3TlqFvT/UKPHaRfChR3Y=
expires
Sat, 24 Apr 2021 22:43:19 GMT
rampart.js
www.heraldsun.com.au/remote/identity/rampart/latest/ 		267 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-111.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f3ee7f733586379df35b59416987e636427861079c0780e08be2feff3c2af0a1
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path
/remote/identity/rampart/latest/rampart.js
pragma
no-cache
cookie
AWSALB=m41asGWZHthTgWXc4HLtczOtLyrE5p1xiki7s2NP8BL0S5F9DWMpU2qIh6VCOEAOgW9z8LVZr8YeI0XzSfbPcZtOXSmulsMfaz+T2Uloa+U4098Clq/KSwOrVw9N; nk=f277a6fd0b815eab7b320a6fb7d2a190; AWSALBCORS=m41asGWZHthTgWXc4HLtczOtLyrE5p1xiki7s2NP8BL0S5F9DWMpU2qIh6VCOEAOgW9z8LVZr8YeI0XzSfbPcZtOXSmulsMfaz+T2Uloa+U4098Clq/KSwOrVw9N; lux_uid=161900377504203101
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.heraldsun.com.au
referer
https://www.heraldsun.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server
AkamaiNetStorage
etag
"c9af8698c6758bd5b432f7c4daa8bddc:1617077678.533746"
vary
User-Agent Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1209
date
Wed, 21 Apr 2021 11:16:15 GMT
is-https
true
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Wed, 21 Apr 2021 11:36:24 GMT
js-metro-desktop-lazy.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		47 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
919a09d45286a3828a624e7dae7c7ee6b964ba70339274d8e333c5aaaf9c9ec9
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path
/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js
pragma
no-cache
cookie
AWSALB=m41asGWZHthTgWXc4HLtczOtLyrE5p1xiki7s2NP8BL0S5F9DWMpU2qIh6VCOEAOgW9z8LVZr8YeI0XzSfbPcZtOXSmulsMfaz+T2Uloa+U4098Clq/KSwOrVw9N; nk=f277a6fd0b815eab7b320a6fb7d2a190; AWSALBCORS=m41asGWZHthTgWXc4HLtczOtLyrE5p1xiki7s2NP8BL0S5F9DWMpU2qIh6VCOEAOgW9z8LVZr8YeI0XzSfbPcZtOXSmulsMfaz+T2Uloa+U4098Clq/KSwOrVw9N; lux_uid=161900377504203101
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.heraldsun.com.au
referer
https://www.heraldsun.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:15 GMT
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https
true
content-length
14341
x-rq
ewr4 114 88 3279
last-modified
Mon, 19 Apr 2021 23:52:30 GMT
server
nginx
etag
W/"607e17be-bbb6"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=23
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Wed, 21 Apr 2021 11:16:38 GMT
js-weather.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-weather.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
6d90199995b493e006d03ef62d624e59120a272ed586ff1496bd7a5c38ccb3fe
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path
/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-weather.js
pragma
no-cache
cookie
AWSALB=m41asGWZHthTgWXc4HLtczOtLyrE5p1xiki7s2NP8BL0S5F9DWMpU2qIh6VCOEAOgW9z8LVZr8YeI0XzSfbPcZtOXSmulsMfaz+T2Uloa+U4098Clq/KSwOrVw9N; nk=f277a6fd0b815eab7b320a6fb7d2a190; AWSALBCORS=m41asGWZHthTgWXc4HLtczOtLyrE5p1xiki7s2NP8BL0S5F9DWMpU2qIh6VCOEAOgW9z8LVZr8YeI0XzSfbPcZtOXSmulsMfaz+T2Uloa+U4098Clq/KSwOrVw9N; lux_uid=161900377504203101
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.heraldsun.com.au
referer
https://www.heraldsun.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:15 GMT
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https
true
content-length
1987
x-rq
ewr4 119 71 3093
last-modified
Tue, 13 Apr 2021 00:42:15 GMT
server
nginx
etag
W/"6074e8e7-182d"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Wed, 21 Apr 2021 11:16:16 GMT
load.js
widget.perfectmarket.com/newscorpau-aud-heraldsun/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/newscorpau-aud-heraldsun/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c6b30be9e2ecab19294bbf313c1b95df4ef35c8299bbabfd6e4ec67d95a12376

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
7clDTlv1b9nqXkJZmi.ciVRIswky16L3
content-encoding
gzip
etag
"1a868d280f9424f5d82876d6cf0c46b9"
age
0
x-cache
HIT, HIT
content-length
1123
x-amz-id-2
541OZeHMDp02kPXfbRvyGJDNmmZfSZ9Cz4Z6BpdomMdBuf5gueDI9HTxCreYYeN0D1r2vOhLOuw=
x-served-by
cache-sna10723-LGB, cache-fra19144-FRA
last-modified
Tue, 07 Apr 2020 10:39:09 GMT
server
AmazonS3
x-timer
S1619003775.245272,VS0,VE173
date
Wed, 21 Apr 2021 11:16:15 GMT
vary
Accept-Encoding,,
x-amz-request-id
D2CQFK210QXPDX48
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1, 1
impl.20210420-3-RELEASE.js
cdn.taboola.com/libtrc/ 		480 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20210420-3-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
b86d21583dd3952914d7ba83e83871fae6d2b3f7d99e6bfaca3f19b8d961f8b2

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
18_v1JiVjCtpocTPlg1RbwAwS4va4wC0
content-encoding
br
etag
"b7757415c2b3e461048260366ff5fa89"
age
9930
x-cache
HIT
content-length
112658
x-amz-id-2
BzF/OOzVQw/RJGaWtYtVgFODFWFLXQn6jI55yRPKEB0E9URgA8GB+cRliv6P0ED6wiXl3bFPEQw=
x-served-by
cache-hhn11536-HHN
last-modified
Tue, 20 Apr 2021 08:29:30 GMT
server
AmazonS3-br
x-timer
S1619003775.143313,VS0,VE0
date
Wed, 21 Apr 2021 11:16:15 GMT
vary
Accept-Encoding
x-amz-request-id
51FDJ5Z494N93GFA
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
60
x-cache-hits
79356
beacon.js
sb.scorecardresearch.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-14.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 10:50:47 GMT
via
1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
etag
"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
1529
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-length
1469
x-amz-cf-id
xtJuBo5ZHR4Zgw2NIOUTEmccPxi6MoixTnvYENRG7Su04K8jokNawg==
all.css
use.fontawesome.com/releases/v5.6.3/css/ 		52 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:15 GMT
content-encoding
gzip
last-modified
Thu, 20 Dec 2018 17:45:13 GMT
server
NetDNA-cache/2.2
etag
W/"dc93d584e41f8417f6b7163320d34329"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
json
trc.taboola.com/newscorpau-aud-heraldsun/trc/3/ 		19 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/newscorpau-aud-heraldsun/trc/3/json?tim=13%3A16%3A15.261&lti=deflated&data=%7B%22id%22%3A988%2C%22ii%22%3A%22%2Fbreaking-news%2Fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2Fnews-story%2Fa6014d78ca474fc98429ca45bcc005cc%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1618909415274%2C%22vi%22%3A1619003775259%2C%22cv%22%3A%2220210420-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.news.com.au%2Fbreaking-news%2Fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2Fnews-story%2Fa6014d78ca474fc98429ca45bcc005cc%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A2185%2C%22qs%22%3A%22%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-bc-desktop-article-02-native%3Aabp%3D0%22%2C%22uip%22%3A%22Desktop%20Below%20Article%20Native%22%2C%22orig_uip%22%3A%22Desktop%20Below%20Article%20Native%22%2C%22cd%22%3A993%2C%22mw%22%3A705.296875%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A993%2C%22mw%22%3A705.296875%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210420-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a059ea9f3f1dda839dbd3677cc33e78beac320e48daab29b1d89ff0a4e90cc42

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
284
date
Wed, 21 Apr 2021 11:16:15 GMT
content-encoding
gzip
server
nginx
x-timer
S1619003775.293516,VS0,VE284
x-served-by
cache-hhn11536-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
comments-count
mhr.talk.news.com.au/api/v1/ 		38 B
371 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mhr.talk.news.com.au/api/v1/comments-count?ids=e8350e53b0ec49241a15396908671c24
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-111.deploy.static.akamaitechnologies.com
Software
nginx/1.16.1 /
Resource Hash
f311b902fe391f051be176003e0c74f38898a540afbdd262c60498052ba3a806
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.16.1
etag
W/"26-RJ3iQD2waivljyoD8M5PoJjdJV0"
x-download-options
noopen
x-dns-prefetch-control
off
content-type
application/json; charset=utf-8
access-control-allow-origin
*
date
Wed, 21 Apr 2021 11:16:16 GMT
x-talk-trace-id
fd3cd780-a292-11eb-aaa9-611b3f7ef541
vary
Accept-Encoding
content-length
58
x-xss-protection
1; mode=block
8d5c53808095421a1c8dfdf29706530b
content.api.news/v3/images/bin/ 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/8d5c53808095421a1c8dfdf29706530b
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
b968a934b6b338adf51db6dc1387e7743122f577cf54df476590016f23ace614

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag
8d5c53808095421a1c8dfdf29706530b
date
Wed, 21 Apr 2021 11:16:15 GMT
last-modified
Wed, 21 Apr 2021 09:57:14 GMT
server
Akamai Image Manager
etag
3b3a1123949706c984c704e5a3c30d67-8d5c53808095421a1c8dfdf29706530b-0
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5179193
access-control-allow-headers
x-newsapi-api-key
content-length
91829
expires
Sun, 20 Jun 2021 09:56:08 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1619003775316&ns_c=UTF-8&cv=3.5&c8=German%20court%20throws%20out%20challenge%20against%20EU%20virus%20recovery%20fund%20%7C%20Herald%2...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1619003775316&ns_c=UTF-8&cv=3.5&c8=German%20court%20throws%20out%20challenge%20against%20EU%20virus%20recovery%20fund%20%7C%20Herald%...
64 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1619003775316&ns_c=UTF-8&cv=3.5&c8=German%20court%20throws%20out%20challenge%20against%20EU%20virus%20recovery%20fund%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2Fnews-story%2Fa6014d78ca474fc98429ca45bcc005cc%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac&c9=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-14.zrh50.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:15 GMT
via
1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
tAKKOU_ODRtyZM3Dr1WdqysTRVixxq5p9p7Y1aUtjTDwMA0F7a56zQ==

Redirect headers

date
Wed, 21 Apr 2021 11:16:15 GMT
via
1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1619003775316&ns_c=UTF-8&cv=3.5&c8=German%20court%20throws%20out%20challenge%20against%20EU%20virus%20recovery%20fund%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2Fnews-story%2Fa6014d78ca474fc98429ca45bcc005cc%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac&c9=
content-length
556
x-amz-cf-id
XTOMVxf9-JVTO_NmnXxjmlvaLKhPdlVkDrAZJdnH_2ih_quQqe9Z0g==
authorize
login.newscorpaustralia.com/ Frame D969 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=ues0RvEBx51L6db8BRuEntbUanH_bsx9&nonce=rT2pUU9jbppO-5G55C1hZvTwekfiHcTV&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-77.deploy.static.akamaitechnologies.com
Software
cloudflare /
Resource Hash
e6517ffa937a32d182f149b96693cd7c73af6c3db38018caf99c09d05ac3a723
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
login.newscorpaustralia.com
:scheme
https
:path
/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=ues0RvEBx51L6db8BRuEntbUanH_bsx9&nonce=rT2pUU9jbppO-5G55C1hZvTwekfiHcTV&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-type
text/html;charset=UTF-8
cf-ray
643632fd790e6253-OTP
strict-transport-security
max-age=31536000
cf-cache-status
DYNAMIC
cf-request-id
0995be326800006253fa97c000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id
643632fd790e6253
ot-tracer-sampled
true
ot-tracer-spanid
5ac8306e4e83b1c7
ot-tracer-traceid
634406550fbb36ed
x-auth0-requestid
2a624535be6854d3040e
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1619003776
server
cloudflare
content-encoding
gzip
x-akamai-transformed
9 576 0 pmb=mTOE,3
expires
Wed, 21 Apr 2021 11:16:15 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Wed, 21 Apr 2021 11:16:15 GMT
content-length
840
vary
Accept-Encoding
set-cookie
__cfduid=deaa2e02963385fcd95e6d0c1837eca101619003775; expires=Fri, 21-May-21 11:16:15 GMT; path=/; domain=.au.auth0.com; HttpOnly; SameSite=Lax; Secure did=s%3Av0%3Afcf6a6c0-a292-11eb-8883-2590f9e59205.md4lGly5aXqq02n01Y5BENAvNozkVYEmWjCnRTTBdXI; Max-Age=31557600; Path=/; Expires=Thu, 21 Apr 2022 17:16:15 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3Afcf6a6c0-a292-11eb-8883-2590f9e59205.md4lGly5aXqq02n01Y5BENAvNozkVYEmWjCnRTTBdXI; Max-Age=31557600; Path=/; Expires=Thu, 21 Apr 2022 17:16:15 GMT; HttpOnly; Secure ak_bmsc=72FB8D1E079539CF0FCAC21826F40C030210BB753C1300007F098060E8C41440~plTADi8g8RMtE/dAx8UtJ55+Zs6MMSzXawSKbyyIbtKjynsREpayaK0QO///C8YARucldRpK31dW+OwaztEuZ0JmoAnGq/slP8+c/FQfkGIxwtO970ULExxWwmTQO256CZMfejc22WoZY0JrJ9nPtqpPoiFrJ0SRJqtKISH7M/kRnk7HMjJhPmbZuh3fvmcNRIDZr9hGKgX48/8IlcRFZPquV3ByqDXJqwJOdA0UHi2SvJEYQ9ssOtywTO2/30955f; expires=Wed, 21 Apr 2021 13:16:15 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=2A244FF606779283158E53FCE058EF39~K7BPVS3RDArpt14EYGeAQD4b34A8fq+OzlOh6kEXZVpAg83roj5G4TAbsw2u6RtFYIlsmvn1LxMk79nugx8+WDv2iPus+oJxyIOXrMpZrb7vSv59wWEyNp8iQyGeR+a01pz8cDcD0IuvIKU7Zk33XubJm8wcj9OldpxpJ8CBdr8AXEAS1FF0G5luCgz+eZoUXYKYkXqWXvsvNbSKYgbG+vNbLT7qvM+VTAnObAlI4pmAji0C4NFnD/noY55QMhqE; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=DDD0A010FE207036E4C3501EB0FE8146~YAAQdbsQAnynF+t4AQAA1Rsl9Atkuky63uVGsa1OxNT8vqeU8JbKQVa31MqR11s4BHH1DJwfk2lIgBu5jjmEE6FS04rGUwrAr0/JO6X5SEpuWc5wiqyhEYQ2DCNKlc6HMXPB5BmSyjOCrzVAe0YazJBCF2bTzwiUuEwhJHKYm7O5y+1MG3TpPBRIhtV7jDysDMFxl50kFL9uUlQ=; Domain=.newscorpaustralia.com; Path=/; Expires=Wed, 21 Apr 2021 15:16:15 GMT; Max-Age=14400; HttpOnly _abck=8FCA77EA3C172764350B92F6317D71E1~-1~YAAQdbsQAn2nF+t4AQAA1Rsl9AX9Jn9Kqi8b081Jc1epPbgPI1yZ68X4fY0s/1ukTm/cCeWxa3Zc1+SYVC+NcV72ffbs7oK6T2tvq5iyaRcxNj9jU73mqXNwXmybnDpYcDyJNzIFnSnURPhkkfWATIS+xtMU4BLL+ln87viSr9T9kHXW1isIuB4+oiXiQ53kfJir2Z+h5nedNuqNl8hJALJKHQv7jycr9arBvXgNhBk0N5T88bn8CvzParDLu5+iibOohxVZR6ZeLTCRBNfn5V8w9qIp4TsTkzoXlxvIRb1PjveoiRj+5aIhyLAz4Re2OUnbDPunD3UMrv30iGVU1ZjDjoIH2P45byMSsk15IyasGnqG3ecJuwhMJ+ueF9LHROuKdZ0D4A==~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Thu, 21 Apr 2022 11:16:15 GMT; Max-Age=31536000; Secure
utag.sync.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.sync.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-77-38.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4379b5695f319d7ad15e6c86346e9117f0b4f4a8d4bcbab18aa840fd9e6d900a

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:15 GMT
content-encoding
gzip
last-modified
Wed, 14 Apr 2021 03:49:38 GMT
server
AkamaiNetStorage
etag
"cd574ccc8294fe1328dbeab462c8cb3f:1618372178.026573"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
1234
expires
Wed, 21 Apr 2021 11:21:15 GMT
utag.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		71 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-77-38.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
aeff34d9a1c253a230b7436d1f8798f9d4d096c0dd88ac2983997dce9ef88508

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:15 GMT
content-encoding
gzip
last-modified
Wed, 14 Apr 2021 03:49:39 GMT
server
AkamaiNetStorage
etag
"baf18b342a54172ca520ae382752ce1c:1618372179.176935"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
19094
expires
Wed, 21 Apr 2021 11:21:15 GMT
indies-loader.js
ts2020-indies-client.web.app/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ts2020-indies-client.web.app/indies-loader.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1136fd8d6ff6f21847aab9abfab903a5a0e2f26a6f621f34af563def44ceb81c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
last-modified
Thu, 17 Sep 2020 07:41:38 GMT
x-timer
S1619003776.561290,VS0,VE1
etag
"16a0649956d88d08059c392d3f4b3b1b1b6ee7a364d1e3444626bf6439417ed3-br"
x-served-by
cache-fra19137-FRA
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
date
Wed, 21 Apr 2021 11:16:15 GMT
accept-ranges
bytes
content-length
2338
x-cache-hits
4
js-c3po-bundle.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		155 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-c3po-bundle.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ecc18d5c60efc39097843e3f258303635aef5e6c15df6f8c577e2736eed82556
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path
/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-c3po-bundle.js
pragma
no-cache
cookie
AWSALB=m41asGWZHthTgWXc4HLtczOtLyrE5p1xiki7s2NP8BL0S5F9DWMpU2qIh6VCOEAOgW9z8LVZr8YeI0XzSfbPcZtOXSmulsMfaz+T2Uloa+U4098Clq/KSwOrVw9N; nk=f277a6fd0b815eab7b320a6fb7d2a190; AWSALBCORS=m41asGWZHthTgWXc4HLtczOtLyrE5p1xiki7s2NP8BL0S5F9DWMpU2qIh6VCOEAOgW9z8LVZr8YeI0XzSfbPcZtOXSmulsMfaz+T2Uloa+U4098Clq/KSwOrVw9N; lux_uid=161900377504203101; com.auth0.auth.ues0RvEBx51L6db8BRuEntbUanH_bsx9={%22nonce%22:%22rT2pUU9jbppO-5G55C1hZvTwekfiHcTV%22%2C%22state%22:%22ues0RvEBx51L6db8BRuEntbUanH_bsx9%22}
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.heraldsun.com.au
referer
https://www.heraldsun.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:15 GMT
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https
true
content-length
36432
x-rq
ewr4 113 245 3266
last-modified
Tue, 20 Apr 2021 23:59:38 GMT
server
nginx
etag
W/"607f6aea-26a64"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Wed, 21 Apr 2021 11:16:16 GMT
js-vidora-client.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a97178289ab863f2a651270e3ab1e833c4eee79e09b494e70be273047956a67e
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path
/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js
pragma
no-cache
cookie
AWSALB=m41asGWZHthTgWXc4HLtczOtLyrE5p1xiki7s2NP8BL0S5F9DWMpU2qIh6VCOEAOgW9z8LVZr8YeI0XzSfbPcZtOXSmulsMfaz+T2Uloa+U4098Clq/KSwOrVw9N; nk=f277a6fd0b815eab7b320a6fb7d2a190; AWSALBCORS=m41asGWZHthTgWXc4HLtczOtLyrE5p1xiki7s2NP8BL0S5F9DWMpU2qIh6VCOEAOgW9z8LVZr8YeI0XzSfbPcZtOXSmulsMfaz+T2Uloa+U4098Clq/KSwOrVw9N; lux_uid=161900377504203101; com.auth0.auth.ues0RvEBx51L6db8BRuEntbUanH_bsx9={%22nonce%22:%22rT2pUU9jbppO-5G55C1hZvTwekfiHcTV%22%2C%22state%22:%22ues0RvEBx51L6db8BRuEntbUanH_bsx9%22}
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.heraldsun.com.au
referer
https://www.heraldsun.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:15 GMT
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https
true
content-length
2941
x-rq
ewr4 114 88 3279
last-modified
Tue, 20 Apr 2021 23:59:51 GMT
server
nginx
etag
W/"607f6af7-1a3b"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=25
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Wed, 21 Apr 2021 11:16:40 GMT
pmk-202003261.4.js
widget.perfectmarket.com/newscorpau-aud-heraldsun/ 		111 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/newscorpau-aud-heraldsun/pmk-202003261.4.js
Requested by
Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/newscorpau-aud-heraldsun/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6f9b28ce46bc46d6dc12b7a3e09437e46b159144cf7ea835cfd4702cad05ad8

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
vvUnpxiCp2d1vGKAsSzC893juA9_vk_J
content-encoding
gzip
etag
"b7fcedf037c57085d364b689ca46f32e"
age
4748753
x-cache
HIT, HIT
content-length
30954
x-amz-id-2
XYQIZuXRGQLKpCjteWRIfe40KimlZFo+XFfJxMKCMpux3s7oK/kaztSR9488086wgvaYehwdgxg=
x-served-by
cache-lax10642-LGB, cache-fra19144-FRA
last-modified
Tue, 07 Apr 2020 10:39:09 GMT
server
AmazonS3
x-timer
S1619003776.501331,VS0,VE0
date
Wed, 21 Apr 2021 11:16:15 GMT
vary
Accept-Encoding,,
x-amz-request-id
A8BCB608B0341C35
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1, 2
authorize
login.newscorpaustralia.com/ Frame 2BE2 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=SLgGjUZ6.2c3Z83ym-6v11kJp1A2LoL1&nonce=PcedsuP~yLb_sBXClh8cOUN8ecVl-UfG&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-77.deploy.static.akamaitechnologies.com
Software
cloudflare /
Resource Hash
3a73ab7703a12dfbfc3cdd4c15e8f0deddcb105e07315987570a4be043bc8076
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
login.newscorpaustralia.com
:scheme
https
:path
/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=SLgGjUZ6.2c3Z83ym-6v11kJp1A2LoL1&nonce=PcedsuP~yLb_sBXClh8cOUN8ecVl-UfG&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-type
text/html;charset=UTF-8
cf-ray
643632fdef6efcfd-OTP
strict-transport-security
max-age=31536000
cf-cache-status
DYNAMIC
cf-request-id
0995be32b10000fcfddc00c000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id
643632fdef6efcfd
ot-tracer-sampled
true
ot-tracer-spanid
6d7f2138020f1a54
ot-tracer-traceid
4b9c122545453237
x-auth0-requestid
0d316056b5e4097b7be4
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1619003776
server
cloudflare
content-encoding
gzip
x-akamai-transformed
9 543 0 pmb=mTOE,3
expires
Wed, 21 Apr 2021 11:16:16 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Wed, 21 Apr 2021 11:16:16 GMT
content-length
840
vary
Accept-Encoding
set-cookie
__cfduid=dc94d8c2c57dc7b536c3a2ef9e8f9ca4e1619003775; expires=Fri, 21-May-21 11:16:15 GMT; path=/; domain=.au.auth0.com; HttpOnly; SameSite=Lax; Secure did=s%3Av0%3Afd01a340-a292-11eb-9942-b37d62a72c41.y7l2F5u3dSSLB6CPzO3BeD4D9HygJqXrA5cdrBGshQk; Max-Age=31557600; Path=/; Expires=Thu, 21 Apr 2022 17:16:15 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3Afd01a340-a292-11eb-9942-b37d62a72c41.y7l2F5u3dSSLB6CPzO3BeD4D9HygJqXrA5cdrBGshQk; Max-Age=31557600; Path=/; Expires=Thu, 21 Apr 2022 17:16:15 GMT; HttpOnly; Secure ak_bmsc=A59BE43CBA1539CB322470B505213D480210BB753C1300008009806074D05546~plw325AgRvXPolu0E0tA6kFiU/CHYKbM9qObcrRVZv9S7V5NUrHUiQK2qgQybpQT2wB5wScnaZyHFItLFThjDrw3W3vIIE/BZUOI07qLJULfzBGGqqj1AJAgUZbaPinPWfRC+71DVCiCK6ujrnuzEFGpnaKg6UwvKRp08POvhVwfDN109sCLThb0GWfzMhEksPndJs9Yd/smFuAIqDG5aT/Liw1Tnr5uYOP/Odtg8kP4JfC2bmViKJ+epcwT7kWSu6; expires=Wed, 21 Apr 2021 13:16:16 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=822F0586CBB03DD28C6E99859D9FB109~K7BPVS3RDArpt14EYGeAQK8HM3sP2+12hg/3VyFkJG7tdjoNXk8MZvvL0SKYbuL4cQOggDKRxVIN6gY9qWaAAjAf2TVqpK8a6v5uwOMG0+E3o0CR0gFDfpDEcQpuWPWjIA7W+fx3Y7OokU3WJwQzy/6P/nkEpRgURnAvdHYndqcHDp9xK+nHQOAAFrFlNt//farOoSO0nMvowAij7IhUkpyNbqswEZd7qEs+8/LY1HZG3yj76Xpzv956S3ejwTY+; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=7EE9A6514AE28C31CD0AFC59D93C57D4~YAAQdbsQAn6nF+t4AQAAIBwl9AtPJ1WYOKVZzDx5CBrc7Vn6tuW9vc4sQ9LkJs7sEbDBzUr+fJ+qCB+uUToRHbXHJaotbPGU/QIUW+YFHEA5196Wyi+jN30ZddNMzcgUte41zwJ+3VWa/P7fbcNC8af6wS0ab/phbbh9Ly/E/SVgnjOH00y7io2e9fK3AlG8OcLXm4vkljShvX8=; Domain=.newscorpaustralia.com; Path=/; Expires=Wed, 21 Apr 2021 15:16:15 GMT; Max-Age=14399; HttpOnly _abck=952D53BF19C1AB0CCAE239BC92C0FCBA~-1~YAAQdbsQAn+nF+t4AQAAIBwl9AWfxYqTF15F9+wSHSRzxtCbE70cXYq++BxaTUas+hCJRp2CN3mwsiVAc+PRA5CorC33v9wL0iWpysXyJ7t2DFBV/bfEJGhgOcqGBZJBcn4sZu23vx3ATkMKRhbCdCa/tahqDROfpDkfEJFk6LkL1WR+4AfJRNh3PXilWA+ehsyz/gRbowD3eb70hcrX2DTHRufJMzJxHIU9kZA8SX27SrSZDFE/KgPDj4wOQnXjpzpIkSB/KRBSYezpEVvLrO7lTyvFSn13Um/ERlZ8H79uh+guc/0Z1tGvJ3eE1mQdeLD3/9xfuHA969uutqmOI++PwC4FYwD98snrQCxxlsdINBv1Srm0yIGO2kfsdU7x9DrpWl4Z5A==~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Thu, 21 Apr 2022 11:16:16 GMT; Max-Age=31536000; Secure
cta-branding.js
cdn.taboola.com/demand-formats/cta-branding/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210420-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1173ff74d3bff944e1165a5bc72d7a122b3e80a12a67d9c7e21ee724a589c252

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
GLkvXXhkWrEA88PAu1lov9o2qFv0mrM9
content-encoding
gzip
etag
"b25b2d5dc58b4c31319963912a53dac6"
age
19975
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5161
x-amz-id-2
EH+n6pXAX74tp0wEQtQttqc3tqmJjCntLdbfn1zwwPbMc500Pb8XrJ+QWSZO02kNa4xtpb5+Hfw=
x-served-by
cache-hhn11536-HHN
last-modified
Tue, 20 Apr 2021 13:43:17 GMT
server
AmazonS3
x-timer
S1619003776.649539,VS0,VE0
date
Wed, 21 Apr 2021 11:16:15 GMT
vary
Accept-Encoding
x-amz-request-id
PFNEDCBW37C8M58C
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
60
x-cache-hits
374433
cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 		2 KB
1001 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210420-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
10qGt8O9hKdbB5IigEtXn8Bn._HPfO8j
content-encoding
gzip
etag
"10c372ee2c83a7fd12df18aebc5320c6"
age
16044
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
719
x-amz-id-2
WKHOafpT9qf7ClanGhqGwcczB303Ax3znQ9/m3xHolnoZIR6HeT7S39m4QTumo+QVxjz+gbVzlI=
x-served-by
cache-hhn11536-HHN
last-modified
Tue, 06 Apr 2021 14:48:01 GMT
server
AmazonS3
x-timer
S1619003776.649689,VS0,VE0
date
Wed, 21 Apr 2021 11:16:15 GMT
vary
Accept-Encoding
x-amz-request-id
CR4E2RJ6SANDVYVF
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
text/css
abp
60
x-cache-hits
224501
tfa-eid.20210420-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20210420-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
66f7324ad1295c82b8f851cb3d1924fb93b74be1bbc9efb7d71567fb43806d92

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
jj2DJ.e0GaQOUb80TQFTrsAWEI50Bq3S
content-encoding
gzip
etag
"12ab7a779fb0a1b8877ee96ecfbe153c"
age
25033
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4856
x-amz-id-2
BtPQcUvVRwYuvREvtPpodD3vdiMfRIvEdjqoMruQJ5IO4OV3wRSUdQ+O99g3cE4xjC4aoTbiiwY=
x-served-by
cache-hhn11536-HHN
last-modified
Wed, 21 Apr 2021 04:18:58 GMT
server
AmazonS3
x-timer
S1619003776.661620,VS0,VE0
date
Wed, 21 Apr 2021 11:16:15 GMT
vary
Accept-Encoding
x-amz-request-id
1Z39ENG7FFJNVH5W
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
60
x-cache-hits
524164
sha256.20210420-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/sha256.20210420-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
32fc280ccf71211c5f1e27bb7c9d61277c5dcf187fa34d14de3bcaa630911b8f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
QCU.fDnVcw7fLDJXCL_2MEO45W2LoLfN
content-encoding
gzip
etag
"c9d2b00fb01d01e2a3225dc7d74c90d0"
age
25024
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2595
x-amz-id-2
TAvxzBeyIaOK7Ukpv4YldeM/HURNQyEUiWbl6n6ASP64lCYZjnCOiVjj/hi6fSekNUKbc+iQbfc=
x-served-by
cache-hhn11536-HHN
last-modified
Wed, 21 Apr 2021 04:19:08 GMT
server
AmazonS3
x-timer
S1619003776.662075,VS0,VE0
date
Wed, 21 Apr 2021 11:16:15 GMT
vary
Accept-Encoding
x-amz-request-id
B1N1NT0DMCSMF3B3
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
60
x-cache-hits
495562
tb
15.taboola.com/ 		36 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tb?oid=15&pubnm=newscorpau-aud-heraldsun&unitType=244&tbloc=&pageType=text&pstn=Below%20Article%20Thumbnails&uuip=Feed%20-%20Below%20Article%20Thumbnails&cisrf=&cirf=https%3A%2F%2Fwww.news.com.au%2Fbreaking-news%2Fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2Fnews-story%2Fa6014d78ca474fc98429ca45bcc005cc&encoded=1&uid=7f6b5753-2082-4263-ad23-bed7b315e0e4-tuct7798eff&variant=-100|1260357984&callback=TRC.videoTagCallbacks.videoCallback1&cb=1619003775641&tagid=&cntry=PL&platform=1&sesid=113d94e26e6285e932e5c6e0ce085da9&itemid=/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc&viewid=1619003775259&geolat=&geoing=&deviceifa=&appid=&sd=v2_113d94e26e6285e932e5c6e0ce085da9_7f6b5753-2082-4263-ad23-bed7b315e0e4-tuct7798eff_1619003775_1619003775_CNawjgYQgPNHGJuylKGPLyABKAEwrgE47qgMQO7xK0jPhtgDUP___________wFYAGAAaLGv6bXK_ffOrQE&ri=d5551d19dce81f3ac7daa34ee7c2c739&appname=&cdb=&gdprApplies=true&rid=&sii=&oee=true&tpubid=1177984&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=14&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1177516&prcnt=&layer=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210420-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
00124834b3ad87802397a877f139fdff636e38728829f712e8bd78cff99e648d

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 21 Apr 2021 11:16:15 GMT
content-encoding
gzip
access-control-allow-origin
https://www.heraldsun.com.au
machineid
1430
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-hhn11536-HHN
pragma
no-cache
server
nginx
x-timer
S1619003776.669661,VS0,VE58
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://am-wf.taboola.com>; rel=preconnect
x-cache-hits
0
feed-card-placeholder.20210420-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20210420-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b2e3e0af1df28c35b102bbb29ccb3f878cb77bd09b87273e3e8a654427abe5bd

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
pLihkYJ8TWxVNvv7xs.kNEY1TCmEiPwP
content-encoding
gzip
etag
"76348edcba32648653b8dffb623011a9"
age
25007
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1268
x-amz-id-2
4L2HA+Xv8YgsDHEx/5FISr4vszroArJkzr/z5YABPCQyuwM4Kp/1KQBjjWiKCKXdgW0UilOIalk=
x-served-by
cache-hhn11536-HHN
last-modified
Wed, 21 Apr 2021 04:19:26 GMT
server
AmazonS3
x-timer
S1619003776.682060,VS0,VE0
date
Wed, 21 Apr 2021 11:16:15 GMT
vary
Accept-Encoding
x-amz-request-id
K6FXJMRZ7TWRRNQ4
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
60
x-cache-hits
264301
distance-from-article.20210420-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20210420-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0ccdbb11576c58a93fd6a0ab6c65ceb939b164163050bfbdd8684a84dabb51e2

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
KZRZutLHyzM0chJacMCiMRRUo03ngzfB
content-encoding
gzip
etag
"6ee6aaf6cfe713c5ea26c6aada5d6755"
age
25001
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1012
x-amz-id-2
42LZEBeEvPtHYEvqh18/JvAUZOdfsG8jMHEJ9g3xlB1zqU8zawUF9JadWWfwSX4nG84tuO6kQOw=
x-served-by
cache-hhn11536-HHN
last-modified
Wed, 21 Apr 2021 04:19:33 GMT
server
AmazonS3
x-timer
S1619003776.729562,VS0,VE0
date
Wed, 21 Apr 2021 11:16:15 GMT
vary
Accept-Encoding
x-amz-request-id
8F05VK28QE13V6Q2
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
60
x-cache-hits
34069
article-detection.20210420-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20210420-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f196089707771e3b680d40beaae3c670013268197a1441522f2a90c16ccc583

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
_aV2j8D1Knyevy2NhOf3kZt6iggZHOHd
content-encoding
gzip
etag
"7314249afb374899669e29480ddf270a"
age
24991
x-cache
HIT
x-amz-replication-status
PENDING
content-length
864
x-amz-id-2
J6RAI3XxzDxs75l7ShZ31SHC5CwkdYamKxX5iLiqVyIdp5UIiVt54uhoUA+D18IeXA4OF5hZnuU=
x-served-by
cache-hhn11536-HHN
last-modified
Wed, 21 Apr 2021 04:19:42 GMT
server
AmazonS3
x-timer
S1619003776.730049,VS0,VE0
date
Wed, 21 Apr 2021 11:16:15 GMT
vary
Accept-Encoding
x-amz-request-id
F3SW50RB9GGZDW1P
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
60
x-cache-hits
34152
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
age
15
via
1.1 varnish
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
NEmU1ZLGBivh17attqjutVeDItpvUZXBnAqIjCXHVmq+ljcnqasABW9FxsaZow932JBDe4UzNuo=
x-served-by
cache-hhn11536-HHN
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1619003776.749591,VS0,VE0
date
Wed, 21 Apr 2021 11:16:15 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-request-id
11HNEHRPNXTPWD7Z
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/svg+xml
access-control-allow-headers
*
abp
60
x-cache-hits
45
74529a0b-e967-4975-b8c8-e0c0c4f966b0.woff2
cdn.taboola.com/static/74/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/static/74/74529a0b-e967-4975-b8c8-e0c0c4f966b0.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0f961c62a5d3faf422bafd5ce3c490a54b95c68a1bb5aaca37b66a8257fe02ea

Request headers

Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
lTPw_HQcAdyouGxJIVR7UXSSSYo5BGPI
via
1.1 varnish
etag
"587de8ec039052f50e69c9654439b991"
age
78
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
15332
x-amz-id-2
9cn0vCnaaVADVqdPbb35mqeUwm4OTHh+6a62s6cG65RHNbMQeaVLtiDyIeVf8TM4oL2mrzQ0fIE=
x-served-by
cache-hhn11528-HHN
last-modified
Wed, 16 Jan 2019 04:43:39 GMT
server
AmazonS3
x-timer
S1619003776.847781,VS0,VE1
date
Wed, 21 Apr 2021 11:16:15 GMT
access-control-allow-methods
GET
x-amz-request-id
H9KNFX6CD1M55RDN
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
access-control-allow-headers
*
abp
60
x-cache-hits
1
fa-solid-900.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/ 		77 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903

Request headers

Origin
https://www.heraldsun.com.au
Referer
https://use.fontawesome.com/releases/v5.6.3/css/all.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:15 GMT
last-modified
Thu, 20 Dec 2018 17:45:39 GMT
server
NetDNA-cache/2.2
etag
"5dc01cfcd5336f696cb85da7ce53fa9b"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
accept-ranges
bytes
content-length
79100
vidora-client.1.x.x.min.js
assets.vidora.com/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3400:4:77d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4754c1f1fb712883286295c92774dddebef215996cfdfab9fd972d265473f025

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 22:36:30 GMT
content-encoding
gzip
etag
W/"0d9785869d3d057828f29bcf6b0f8119"
last-modified
Mon, 15 Mar 2021 13:51:58 GMT
server
AmazonS3
age
45587
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3d58896f901dbeed449603f5d2b4d9f1.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
ff-Pdj3qwhjGn1aDdZoR8xJdJhyrxD1-ENrFmgUqInlOWSORI3YHag==
social
trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/ 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/social?route=IL:IL:V&lti=deflated&ri=da50314f0f1c261241ddaf60f9afdd95&sd=v2_113d94e26e6285e932e5c6e0ce085da9_7f6b5753-2082-4263-ad23-bed7b315e0e4-tuct7798eff_1619003775_1619003775_CNawjgYQgPNHGJuylKGPLyABKAEwrgE47qgMQO7xK0jPhtgDUP___________wFYAGAAaLGv6bXK_ffOrQE&ui=7f6b5753-2082-4263-ad23-bed7b315e0e4-tuct7798eff&pi=/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc&wi=8656054134398740293&pt=text&vi=1619003775259&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.news.com.au%2Fbreaking-news%2Fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2Fnews-story%2Fa6014d78ca474fc98429ca45bcc005cc%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22German%20court%20throws%20out%20challenge%20against%20EU%20virus%20recovery%20fund%22%2C%22sec%22%3A%22news%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=13%3A16%3A15.824&id=7147&llvl=1&cv=20210420-3-RELEASE&
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:16 GMT
server
nginx
x-fastly-to-nlb-rtt
20927
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
tbl-x-upstream
10.41.22.181:10213
8e4dd95879be16c55f50e29c8b7071db.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e4dd95879be16c55f50e29c8b7071db.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
843b6a1b611f1736a75913ef5f29a81cfd6e12677de275ce9a4c666b604856dc

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 21 Apr 2021 11:16:15 GMT
via
1.1 varnish, 1.1 varnish
age
759740
edge-cache-tag
322089413535885002890087190934422546620,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e4dd95879be16c55f50e29c8b7071db.jpg
content-length
15920
x-request-id
96460faa200de5ec0609200bbfa84298
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Tue, 30 Mar 2021 21:06:50 GMT
server
nginx
x-timer
S1619003776.876257,VS0,VE1
etag
"e707a8fe0e601a6c0ec57048f7975486"
x-served-by
cache-wdc5567-WDC, cache-dca17764-DCA, cache-hhn11536-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
7e016667a06c3953bbd551436b1db2b6.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7e016667a06c3953bbd551436b1db2b6.jpeg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
81305ef42d3694d3216f5e4f1c03688c9973df425452298c4f5a63525f85d18f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 21 Apr 2021 11:16:15 GMT
via
1.1 varnish, 1.1 varnish
age
1311868
edge-cache-tag
482821531515689230506783830797345189770,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7e016667a06c3953bbd551436b1db2b6.jpeg
content-length
20622
x-request-id
6a855996ecd4593aa4dfef47a437581f
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified
Sun, 21 Mar 2021 08:03:01 GMT
server
nginx
x-timer
S1619003776.876321,VS0,VE0
etag
"49b61e91e66b9986c40149fc4967b8ab"
x-served-by
cache-wdc5530-WDC, cache-dca12928-DCA, cache-hhn11536-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/3.4.1/ 		96 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/3.4.1/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210420-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9635d0c2ad301f4b79011b25ef35cc869b3dc344a04beabfd886d7f1fb02ed4a

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:15 GMT
via
1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront), 1.1 varnish
age
353512
x-cache
Miss from cloudfront, HIT
content-encoding
gzip
content-length
28063
x-served-by
cache-hhn11536-HHN
last-modified
Sat, 17 Apr 2021 09:03:25 GMT
server
AmazonS3
x-timer
S1619003776.884799,VS0,VE0
etag
"e5fdc6c780f546f64ec48fe3656d6dcf"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
NVGOFmxCQ6h7QZgiMT62DgGGHCk_EtbMU6CMpmoBktHqHA7tYnQUzQ==
x-cache-hits
124612
debug
trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/ 		0
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/debug?tim=13%3A16%3A15.885&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbnails-bc-desktop-article-02-native&id=3955&cv=20210420-3-RELEASE&lt=deflated&pct=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:16 GMT
server
nginx
x-fastly-to-nlb-rtt
20927
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
tbl-x-upstream
10.41.10.199:10213
json
trc.taboola.com/newscorpau-aud-heraldsun/trc/3/ 		10 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/newscorpau-aud-heraldsun/trc/3/json?tim=13%3A16%3A15.887&route=IL:IL:V&lti=deflated&data=%7B%22id%22%3A822%2C%22ii%22%3A%22%2Fbreaking-news%2Fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2Fnews-story%2Fa6014d78ca474fc98429ca45bcc005cc%22%2C%22it%22%3A%22text%22%2C%22sd%22%3A%22v2_113d94e26e6285e932e5c6e0ce085da9_7f6b5753-2082-4263-ad23-bed7b315e0e4-tuct7798eff_1619003775_1619003775_CNawjgYQgPNHGJuylKGPLyABKAEwrgE47qgMQO7xK0jPhtgDUP___________wFYAGAAaLGv6bXK_ffOrQE%22%2C%22ui%22%3A%227f6b5753-2082-4263-ad23-bed7b315e0e4-tuct7798eff%22%2C%22uifp%22%3A%227f6b5753-2082-4263-ad23-bed7b315e0e4-tuct7798eff%22%2C%22lbt%22%3A1618909415274%2C%22vi%22%3A1619003775259%2C%22cv%22%3A%2220210420-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.news.com.au%2Fbreaking-news%2Fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2Fnews-story%2Fa6014d78ca474fc98429ca45bcc005cc%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22lspb%22%3A%22CwsIQhDE02oMCwjDARDE02oMCwiJARDE02oMCwiRARDE02oMCwggEMTTagwLCKEBEMTTagwLCKIBEMTTagwLCCQQxNNqDAsIJxDE02oMCwirARDE02oMCwitARDE02oMCwiuARDE02oMCwiwARDE02oMCwiyARDE02oMCwi1ARDE02oMCwi2ARDE02oMCwg7EMTTagwLCD8QhL1qDAwTFA%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A2771%2C%22qs%22%3A%22%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A993%2C%22mw%22%3A705.296875%2C%22fi%22%3A3%2C%22fb%22%3A2%2C%22fti%22%3A%22newscorpau-aud-heraldsun-newscorpau-aud-newscomau-mobile-feed-action-bucket-1557203444418-2%22%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210420-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
086433d5d4f7633cf877ffde268196f5fd9e15e0a9098f51468124fe96f5a659

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
258
date
Wed, 21 Apr 2021 11:16:16 GMT
content-encoding
gzip
server
nginx
x-timer
S1619003776.915886,VS0,VE258
x-served-by
cache-hhn11536-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
94a620e063a970f7874b8da697990474.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/94a620e063a970f7874b8da697990474.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c8a537f5a46497159b1de673a5f5a3b0b94c905f3fd530dfe7f13f877ea2543e

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 21 Apr 2021 11:16:15 GMT
via
1.1 varnish, 1.1 varnish
age
3108111
edge-cache-tag
322648653175037379240207699956225834719,541962383303260471128292306466498964506,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/94a620e063a970f7874b8da697990474.jpg
content-length
4192
x-request-id
115ab41671fcdcbbf27191624e352e88
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Tue, 09 Mar 2021 21:40:01 GMT
server
nginx
x-timer
S1619003776.920920,VS0,VE1
etag
"e1a10c18622833d0081d3b6f7a4ef8e1"
x-served-by
cache-wdc5541-WDC, cache-dca17723-DCA, cache-hhn11536-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
1603360782_de50016620bfde89efb3129cbee9296d4a9927c5.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.showmarker.com/afbeeldingen/1200x630/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.showmarker.com/afbeeldingen/1200x630/1603360782_de50016620bfde89efb3129cbee9296d4a9927c5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2403afc06bd8c89600aa4b84e4bf42f573dcf852ecf6057a864ee33b354f0918

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 21 Apr 2021 11:16:15 GMT
via
1.1 varnish, 1.1 varnish
age
2402144
edge-cache-tag
509172829063375291566087064889007569580,541962383303260471128292306466498964506,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.showmarker.com/afbeeldingen/1200x630/1603360782_de50016620bfde89efb3129cbee9296d4a9927c5.png
content-length
6278
x-request-id
155e3de6bc701f5bdb6058bfd82a2cc2
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Sun, 21 Mar 2021 03:31:13 GMT
server
nginx
x-timer
S1619003776.929497,VS0,VE0
etag
"698a9222ed1312f6b9d9797eb7aca8ef"
x-served-by
cache-wdc5570-WDC, cache-dca17758-DCA, cache-hhn11536-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
81e31940fc3e7015833a0c9c8d4d5c92.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/81e31940fc3e7015833a0c9c8d4d5c92.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
efefe003b31aafa99c1b642f5a976b1aae13940e44bc837df4607708c9d2cdd8

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 21 Apr 2021 11:16:15 GMT
via
1.1 varnish, 1.1 varnish
age
1585108
edge-cache-tag
574299789607471028115925437862511954637,541962383303260471128292306466498964506,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/81e31940fc3e7015833a0c9c8d4d5c92.png
content-length
10956
x-request-id
965c58b2be5cb3145a4f9b789f3649cb
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Fri, 05 Mar 2021 13:10:39 GMT
server
nginx
x-timer
S1619003776.931257,VS0,VE1
etag
"5410e3b765fc6a0775d3ce34d06eefb7"
x-served-by
cache-wdc5576-WDC, cache-dca17735-DCA, cache-hhn11536-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
authorize
login.newscorpaustralia.com/ Frame D097 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=9BYk8GALquXKoMIsojIjR4q0xVfUXJVy&nonce=VE_lI8jOhN9aXcZYcfY_A.NebXjfUQvO&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-77.deploy.static.akamaitechnologies.com
Software
cloudflare /
Resource Hash
6a8603621417c74537a3b74847c48ebd98f0f4a5457ddeecc0ef194a73a4405f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
login.newscorpaustralia.com
:scheme
https
:path
/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=9BYk8GALquXKoMIsojIjR4q0xVfUXJVy&nonce=VE_lI8jOhN9aXcZYcfY_A.NebXjfUQvO&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-type
text/html;charset=UTF-8
cf-ray
643633000c0c6253-OTP
strict-transport-security
max-age=31536000
cf-cache-status
DYNAMIC
cf-request-id
0995be34070000625314821000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id
643633000c0c6253
ot-tracer-sampled
true
ot-tracer-spanid
2566e3454d58661d
ot-tracer-traceid
1dacc51065f88d2c
x-auth0-requestid
778cb6924a18b7de816a
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
997
x-ratelimit-reset
1619003777
server
cloudflare
content-encoding
gzip
x-akamai-transformed
9 583 0 pmb=mTOE,3
expires
Wed, 21 Apr 2021 11:16:16 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Wed, 21 Apr 2021 11:16:16 GMT
content-length
842
vary
Accept-Encoding
set-cookie
__cfduid=ddc356f6d6bc0af4ec7eced743d8efa951619003776; expires=Fri, 21-May-21 11:16:16 GMT; path=/; domain=.au.auth0.com; HttpOnly; SameSite=Lax; Secure did=s%3Av0%3Afd329e50-a292-11eb-9e28-3f0f46bfdca5.vpY%2BVx3m1i%2BGr0aSNhpkE%2FDBI0qrRX9HxOiOEonrhhg; Max-Age=31557600; Path=/; Expires=Thu, 21 Apr 2022 17:16:16 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3Afd329e50-a292-11eb-9e28-3f0f46bfdca5.vpY%2BVx3m1i%2BGr0aSNhpkE%2FDBI0qrRX9HxOiOEonrhhg; Max-Age=31557600; Path=/; Expires=Thu, 21 Apr 2022 17:16:16 GMT; HttpOnly; Secure ak_bmsc=E51D07661056A5DC6EFCD8DD9A69506B0210BB753C13000080098060BD3F7C53~plROaUmDmRHMzIv4P6q3z/brviDCD4yGH4aDpBZh3Z7ohXCuWbNRYZgkG1P6r7UJoKJuMppyrriLtvCO2EaJgIdJR7BgL9MYDMK3FbS2XJecN6y28YYfL/4qAqbH52pHS4b9+/uHId1puxZ1CF7x4yLhgPqxzDSgPXaSv1KVvIyOVUJamI4Wvkupn9jqXyfuyH+X9QCE+DrumgPvojVuUueATZNHFd3G5GfFZaxmd+5tvopkUzGoJU3wVoWEggS5/s; expires=Wed, 21 Apr 2021 13:16:16 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=183FD94394021C99F2D0B5DDE60552E2~K7BPVS3RDArpt14EYGeAQPFKe9RTOO1//UQAheJugR+wt2G+myZ4d/M0vEoSEC7RELLgepNMmcuYw7Yhvqqx8Sz4kIX4XVAxxcdSxImg12DAbXKoylh/mkjE32y0DupR/OR/dpVBCMR0pR9xuyXs9zPS+i+ChpSQajYki1b+Ye5QE4+wwUxGMPM35UWVG2VVBQw9r+MYu4MLgxf7QJEooIyOI/APghZtQwVJFraFjYAzxVFhdQLkfJQ5yFidL0BS; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=FDDFFA4B3A424F58A3E4478FBAE8BE68~YAAQdbsQAoCnF+t4AQAAZh0l9AuVWsClUy0kwBwKfG3EZ1b+sCKzbEWU4672sEVOgkXDj5v6vMfKcdytD6Gv/G9OeWRDP/GM54PqkvdB5dAgVpNJAhdK/BKm3OP33urPTaQmBUKa8X2Kqg9WaqTIcQN8PaO0+cb8ivxfHT9qiAFAqWcjp2pno62oqQxtfU8vfRHsVabnRiB9nUU=; Domain=.newscorpaustralia.com; Path=/; Expires=Wed, 21 Apr 2021 15:16:15 GMT; Max-Age=14399; HttpOnly _abck=CDCE6FE1767944F75F7B44AFF8F62B51~-1~YAAQdbsQAoGnF+t4AQAAZh0l9AWrx+muvdJqGRxEkMTQcCc/1XxaJaj6ZYanYZ/yxYWU4HPsnediQhvcWNGI+1pJ2et9YokiupoU+chvBpVR/2w8TbH89j3Xt993cVkeN1Qct67cldRYgmWFsBijq/KyuuNwcYaLQEHKt3mH5RHZq7mrwhAz6mC2jrvoMtZVuZ7KRJst0O4CX+a9Z8gqvx6vF2p9Fp+OHzX312WhdyE+Ecw7W6DjZrkztax4LrOqsEqEpuNpOwiWr3RN9SZw8Ben+VYSF6niMqjkihRwfblr7XQS7jllnv1OE7q1FMB3o89rUd/l5svrG171Hk4MyVk0NTUTPcGRFha+NSuJfMWRJfX4Lp5LrCvGh7nM+VNWAscIqKfRxA==~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Thu, 21 Apr 2022 11:16:16 GMT; Max-Age=31536000; Secure
utrack.js
tags.news.com.au/prod/utrack/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/utrack/utrack.js?cb=16190037760240.807621536559241
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
69db8b2a48ae184507608101447b27c415dadec9f5c7265aec3c2633da5c6128

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:16 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"ab4f3fe7c5c43b61d4377ef72d3952fa:1558613430"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=0, no-cache, no-store
content-type
application/x-javascript
content-length
831
expires
Wed, 21 Apr 2021 11:16:16 GMT
mitas.js
tags.news.com.au/prod/mitas/ 		666 B
905 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/mitas/mitas.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:16 GMT
cache-control
max-age=15216
server
AkamaiNetStorage
content-type
application/x-javascript
etag
"83a2bbd4d3829f1d4278f4ff0988804c:1490850995"
content-length
666
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
B7670439;dcadv=4149947;sz=1x2;ord=449451119228.5342
ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=449451119228.5342?
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f6.1e100.net
Software
cafe /
Resource Hash
e67ef7de5bd2fa2db0f156a72f62b8120f29c69ac85be83c5ac2ad0d2ede9a3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7044
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
authorize
login.newscorpaustralia.com/ Frame 0261 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=vf02GqgtC4IAjJEexM0r1HqR-jIsSv-r&nonce=0S~RPbFUEQNgSAso_hf2ucRXmE5a0nbC&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-77.deploy.static.akamaitechnologies.com
Software
cloudflare /
Resource Hash
8a664c52ed0812e52cf11821b63f49f98a06808dbb69bb97c1a4bf432f53ffb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
login.newscorpaustralia.com
:scheme
https
:path
/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=vf02GqgtC4IAjJEexM0r1HqR-jIsSv-r&nonce=0S~RPbFUEQNgSAso_hf2ucRXmE5a0nbC&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
did=s%3Av0%3Afd01a340-a292-11eb-9942-b37d62a72c41.y7l2F5u3dSSLB6CPzO3BeD4D9HygJqXrA5cdrBGshQk
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-type
text/html;charset=UTF-8
cf-ray
643633017a93fcfd-OTP
strict-transport-security
max-age=31536000
cf-cache-status
DYNAMIC
cf-request-id
0995be34f10000fcfdb9b1e000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id
643633017a93fcfd
ot-tracer-sampled
true
ot-tracer-spanid
536b36e326bd586d
ot-tracer-traceid
61bb892f433576fa
x-auth0-requestid
05babf0aef887c19acfb
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
998
x-ratelimit-reset
1619003777
server
cloudflare
content-encoding
gzip
x-akamai-transformed
9 537 0 pmb=mTOE,3
expires
Wed, 21 Apr 2021 11:16:16 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Wed, 21 Apr 2021 11:16:16 GMT
content-length
841
vary
Accept-Encoding
set-cookie
__cfduid=d4f66d6ab5759cae545cdd43d078a42f51619003776; expires=Fri, 21-May-21 11:16:16 GMT; path=/; domain=.au.auth0.com; HttpOnly; SameSite=Lax; Secure did=s%3Av0%3Afd01a340-a292-11eb-9942-b37d62a72c41.y7l2F5u3dSSLB6CPzO3BeD4D9HygJqXrA5cdrBGshQk; Max-Age=31557600; Path=/; Expires=Thu, 21 Apr 2022 17:16:16 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3Afd01a340-a292-11eb-9942-b37d62a72c41.y7l2F5u3dSSLB6CPzO3BeD4D9HygJqXrA5cdrBGshQk; Max-Age=31557600; Path=/; Expires=Thu, 21 Apr 2022 17:16:16 GMT; HttpOnly; Secure ak_bmsc=62624CA367323CE509C10FAA2C89C9E30210BB753C13000080098060A98C2815~pl952LOjaPOI96XxPm9FpbNfeuA/IIMQA6FMMB+aRTyA9WY1/w/7c8owRdnEr0mG0AdM1UBd0DdAEiartKvZTrwzUkmSAAWjl3Sp7wX/c6y7QouqMm1Tl3tl5L4nJOZkLzos+tSeB2lo8yuc47Tss70IG0HBET1jLXb8KQoCO/iX+7NumrqOxbUqnGN4mrMM2mkHOa0VGmbLSUOK0u+sVmrdZlhS/bdi2QEywbF4hs/H1hRN3jCkGPLeGfbuCXQwta; expires=Wed, 21 Apr 2021 13:16:16 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=DC5A22BB9C5D159A2A257733A83AB5D6~K7BPVS3RDArpt14EYGeAQGhEb+Z5zp4O1Mfj3RZOIg3pX6No4y7zY9fuWgF6bagVkJAUMKJtTzqAoLaY6/BcZ6fiWjJ2avMuNQJspD1U4DC45j0i4ZiQPWuxbQeQtF3S2YcilT1LA2dRpFWaIi6resJNcpAH51IGEpKsptFv1ZRn9BfxGOugmrkUHHBn4pwh/WTj0UrppQe+NUiaRm9aOXlu5dBtnP7AV7GdZdLQO+ZqGqKrtm0OYeUX8/9qMYW5; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=0D839388660C531E7FEE22880A40FE49~YAAQdbsQAoanF+t4AQAAXx4l9AusDubDWpTGIClnveJB7opsS/w1TrhsFrvrp6/sX3jHxCecif099vUiFfoUXXIiFlCkF2kHQerH5Ki2aSjqejSx3JHciL48iyEt9Nw6elaM92WcwnAW80419YD/bbRDS/6VuM1E5WHqdW5/XhCEk8JFo7hfy2/34VP+aKUbfcTb/PtqevBg5eY=; Domain=.newscorpaustralia.com; Path=/; Expires=Wed, 21 Apr 2021 15:16:16 GMT; Max-Age=14400; HttpOnly _abck=B7B5DF5CF94F62B1758640778A981FC1~-1~YAAQdbsQAoenF+t4AQAAXx4l9AWK0aRpwVGZ7EWCi0Nt6ghgglECHT1/0Y/PW14Tj1yDVL500HR0Xvm6m4JOS1mI4W9FimwzRrdaNjUmX0KcsVjbDG0YLJ5+DtZsL5YpZMltmM1EOp3nsPc11D+hXq/D/oO37XUPmiWVzWLNf6BlHX/VvEAz6f5KNmaqmMiS/Zs4wyjpIMOk/ELfoj+pUNCcPHYZuyU5x+kSU3RLRjUoYqidQsvsDSjGqDQ5pkz7Se9fs7dKa0kG2wsv47NRuaN88FnnOtvjt1Uo3Pbaw1AICVSh6BDZuHWBfLalw8aj9kUWKTrbzegEbv12VLRkA/6lvZbeIYjRUyeLo20oXAMNuzAWoXvBM7ESWhMhZBJJIIr9aeGXbQ==~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Thu, 21 Apr 2022 11:16:16 GMT; Max-Age=31536000; Secure
chartbeat_video.js
static.chartbeat.com/js/ 		69 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:3c00:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
59bf4920a322377c761eec2dba5b7de57b64267e82b0d3a7e9fafcfd4a954e34

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 16:45:43 GMT
content-encoding
gzip
last-modified
Fri, 02 Apr 2021 00:06:15 GMT
server
nginx
age
66633
etag
W/"60665ff7-11377"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
aLfVsQ396xk2g4bqhTpyuwIKxwDDnXPSxNbQw91M2bw1UEkMY5QT4g==
expires
Wed, 21 Apr 2021 16:45:43 GMT
metrics.js
tags.news.com.au/prod/metrics/ 		177 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/metrics/metrics.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
82ef85db9124f8188c2c8c03a4ad9a0918591f752994d8ec228331c715ecac86

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:16 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"6865f68a18babd10a2b682180ae91370:1618193209.579457"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=57879
content-type
application/x-javascript
tad.js
tags.news.com.au/prod/tad/ 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/tad/tad.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9a800184984f1b83249bc6652a9b8eb9e31af36324a446fd22e7ff92eba75ce3

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:16 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"f3febcfe63c1b4a90c2cf98e06524a15:1618463584.191948"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=71944
content-type
application/x-javascript
content-length
29527
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		63 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
sffe /
Resource Hash
411ceefb13751f41ab6e23d2ef2dcf697ca653146ab0ac8df277245cc8b73498
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"848 / 65 of 1000 / last-modified: 1619003317"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21209
x-xss-protection
0
expires
Wed, 21 Apr 2021 11:16:16 GMT
prebid.js
tags.news.com.au/prod/prebid/ 		382 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/prebid/prebid.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
efcd038fff3becbe148fefb893ed26081fd0d8e7293fcd49d470c13fcd522e02

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:16 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"fb921cb139744e2aabd21ff0559deaa9:1617770917.60892"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=20106
content-type
application/x-javascript
nielsen.js
tags.news.com.au/prod/nielsen/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/nielsen/nielsen.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9a32bed4e81651c9c81c8d7a215a2f5cfbdec52ea96a40e2866a6864842e6ee6

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:16 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"13d6117aad2dff6ce86d3a0e528e266f:1617253408.513135"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=78088
content-type
application/x-javascript
content-length
8802
v60.js
cdn-gl.imrworldwide.com/
Redirect Chain
  • https://secure-gl.imrworldwide.com/v60.js
  • https://cdn-gl.imrworldwide.com/v60.js
21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/v60.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:2600:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
75481bc06d1b02e50fd1cc921a7838e3af6caa9b8c0745b50182ebf29f195e20

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
.KrDWJ6YcsmnfI6j8sx8eWw9CjCealBE
content-encoding
gzip
etag
W/"cc7339d315e5ab16597dd66d153a0e7e"
last-modified
Mon, 12 Oct 2020 13:35:53 GMT
server
AmazonS3
age
32152
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Wed, 21 Apr 2021 02:20:25 GMT
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
Pl5H91m8DSl9jXCNsJrh8QU6B0_cpl_nyzCOHaTc5IJho47SMpBlDw==

Redirect headers

date
Wed, 21 Apr 2021 11:16:16 GMT
via
1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
server
awselb/2.0
x-amz-cf-pop
ZRH50-C1
x-cache
Miss from cloudfront
content-type
text/html
location
https://cdn-gl.imrworldwide.com:443/v60.js
content-length
134
x-amz-cf-id
41oYWP_TQi_pjxouh1rtGeiiENyDQgI5B1VNyRkB8FrSiQHWoKz3Zw==
ncg.js
au.tags.newscgp.com/prod/ncg/ 		155 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.2.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-2-49.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89868194e8809928df37974211d2477ad0723d6aee71386fb438b3e939eb5bce

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 11:06:09 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 16 Dec 2020 00:19:19 GMT
Server
AmazonS3
Age
618
ETag
W/"a0ed145148d17426a72696cecfa585ae"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 d3039ad83798b26ecb9f9f1e666afe27.cloudfront.net (CloudFront)
Cache-Control
max-age=3600
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA6-C1
X-Amz-Cf-Id
eS-zdx5PFXuzt6xGF3M5HbroWDhJ5q4GbG0fekXNoJQnMQ_kpWG-jw==
2988.js
script.crazyegg.com/pages/scripts/0018/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0018/2988.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fd1737f4343dbfc7a9b915eaf41e30b6f114d254d7043d13b4faa370a36589c

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:16 GMT
content-encoding
gzip
cf-cache-status
HIT
age
49194
cf-polished
origSize=4157
ce-version
11.1.272
cf-request-id
0995be351900004a68a4b45000000001
timing-allow-origin
*
last-modified
Tue, 20 Apr 2021 21:36:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
cf-ray
64363301cbdb4a68-FRA
cf-bgj
minify
utag.903.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.903.js?utv=ut4.46.202009280518
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-77-38.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c7a8d4e8c6cad88c36def71504911446af10622eddf2c23004e9cb586fcd7db6

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:16 GMT
content-encoding
gzip
last-modified
Mon, 28 Sep 2020 05:18:23 GMT
server
AkamaiNetStorage
etag
"d32b6958018409f79ae783037f4eb748:1601270303.476185"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1032
expires
Thu, 06 May 2021 11:16:16 GMT
utag.985.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.985.js?utv=ut4.46.201911200449
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-77-38.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d5ba954163b526260314b95b75779981e8bc6645c4b3a7bd40cede3ba2799c80

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:16 GMT
content-encoding
gzip
last-modified
Wed, 20 Nov 2019 04:49:47 GMT
server
AkamaiNetStorage
etag
"a2af0d00bb0e150c0e6e47d44b9436d7:1574225387.905732"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
900
expires
Thu, 06 May 2021 11:16:16 GMT
3834f48c4dd06e1e017189312fe2d1e7.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3834f48c4dd06e1e017189312fe2d1e7.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fee8a5ad9046ca5e00c3fb2711a288126336c3bf2850ecdeff348e74b7343ade

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 21 Apr 2021 11:16:16 GMT
via
1.1 varnish, 1.1 varnish
age
3381024
edge-cache-tag
592741756466995385295110340917814440657,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
98
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3834f48c4dd06e1e017189312fe2d1e7.png
content-length
15322
x-request-id
2d3b62d8879477985959a1554eec5b2e
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified
Fri, 12 Mar 2021 19:09:47 GMT
server
nginx
x-timer
S1619003776.384249,VS0,VE1
etag
"38d142403b7485f5ec93453930ebe94d"
x-served-by
cache-wdc5529-WDC, cache-dca17737-DCA, cache-hhn11536-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
80882725-fdd4-4268-8547-1c71b33cff69.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3.eu-central-1.amazonaws.com/ad-uploads-long/1/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3.eu-central-1.amazonaws.com/ad-uploads-long/1/80882725-fdd4-4268-8547-1c71b33cff69.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f08fd9ca9e8c01cc6ca0da3239d2c649d1983d0fe3caa52a53900bd62d706659

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 21 Apr 2021 11:16:16 GMT
via
1.1 varnish, 1.1 varnish
age
2337986
edge-cache-tag
352089440218326332410027525645372019751,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3.eu-central-1.amazonaws.com/ad-uploads-long/1/80882725-fdd4-4268-8547-1c71b33cff69.jpg
content-length
29424
x-request-id
3698170d3c20e633322cded682b2565a
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Wed, 24 Mar 2021 14:42:33 GMT
server
nginx
x-timer
S1619003776.384321,VS0,VE1
etag
"5a3f28f38e89fc8b3c03904598ff0546"
x-served-by
cache-wdc5550-WDC, cache-dca17723-DCA, cache-hhn11536-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
a056e94d7bd755ed44c948477834aac9.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a056e94d7bd755ed44c948477834aac9.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b57ea42d6f189deb85463d41a421c1b3cc4d16f30348f68bcd206d9f398fb86a

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 21 Apr 2021 11:16:16 GMT
via
1.1 varnish, 1.1 varnish
age
1065218
edge-cache-tag
330573775031420079196567232735253778179,541962383303260471128292306466498964506,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a056e94d7bd755ed44c948477834aac9.png
content-length
9872
x-request-id
f0e0350c87fe0cd99fcd455e5485a403
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Thu, 08 Apr 2021 09:42:15 GMT
server
nginx
x-timer
S1619003776.384447,VS0,VE1
etag
"c7b649c31bade36fe335a4bcfebbc18a"
x-served-by
cache-wdc5566-WDC, cache-dca17729-DCA, cache-hhn11536-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
b224a5a91b1a211651e1924d050ccdc2.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b224a5a91b1a211651e1924d050ccdc2.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c58db10d9c36b130397bf9392498e01dd89291e18ee6b1acd6d345fb828eac04

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 21 Apr 2021 11:16:16 GMT
via
1.1 varnish, 1.1 varnish
age
1520386
edge-cache-tag
547151531129475792249325353031806808034,541962383303260471128292306466498964506,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b224a5a91b1a211651e1924d050ccdc2.jpg
content-length
5984
x-request-id
c9766c7cb18a58988883d1083bf06ca1
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Mon, 08 Mar 2021 18:26:18 GMT
server
nginx
x-timer
S1619003776.384464,VS0,VE1
etag
"777aa251924a4bba990f7cb5c21d4f22"
x-served-by
cache-wdc5560-WDC, cache-dca17740-DCA, cache-hhn11536-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
1602666386_9aefa8e12a7d77deee304b5b47420a234220530f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.showmarker.com/afbeeldingen/0x0/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.showmarker.com/afbeeldingen/0x0/1602666386_9aefa8e12a7d77deee304b5b47420a234220530f.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5be25b59bb21ab37e81a59a9f9787bb67beca15cf5905be8620721268dedf7d2

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 21 Apr 2021 11:16:16 GMT
via
1.1 varnish, 1.1 varnish
age
824290
edge-cache-tag
309928030110699722813024966695276099187,541962383303260471128292306466498964506,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.showmarker.com/afbeeldingen/0x0/1602666386_9aefa8e12a7d77deee304b5b47420a234220530f.jpg
content-length
7102
x-request-id
dfd7ac30f93c98ad214ba61e2c261297
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified
Mon, 29 Mar 2021 08:34:05 GMT
server
nginx
x-timer
S1619003776.384404,VS0,VE1
etag
"425c60cf65f671bfe4a962b8be9ffd30"
x-served-by
cache-wdc5563-WDC, cache-dca17779-DCA, cache-hhn11536-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1
29a7127
login.newscorpaustralia.com/akam/11/ Frame D969 		32 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/akam/11/29a7127
Requested by
Host: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=ues0RvEBx51L6db8BRuEntbUanH_bsx9&nonce=rT2pUU9jbppO-5G55C1hZvTwekfiHcTV&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-77.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=ues0RvEBx51L6db8BRuEntbUanH_bsx9&nonce=rT2pUU9jbppO-5G55C1hZvTwekfiHcTV&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:16 GMT
content-encoding
gzip
last-modified
Thu, 02 May 2019 20:04:35 GMT
etag
"0c02a2723df1f08f233c02796d0c57921365230073c715b911d49824e0e24262"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
content-length
10454
expires
Wed, 21 Apr 2021 11:16:16 GMT
64c4f9debe4ti17991ecfa342459f501b
login.newscorpaustralia.com/staticweb/ Frame D969 		73 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/staticweb/64c4f9debe4ti17991ecfa342459f501b
Requested by
Host: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=ues0RvEBx51L6db8BRuEntbUanH_bsx9&nonce=rT2pUU9jbppO-5G55C1hZvTwekfiHcTV&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-77.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=ues0RvEBx51L6db8BRuEntbUanH_bsx9&nonce=rT2pUU9jbppO-5G55C1hZvTwekfiHcTV&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:16 GMT
content-encoding
gzip
last-modified
Tue, 16 Feb 2021 22:20:44 GMT
etag
"77ab0fb0bef6d3471b849a9e26e339e68a4c60a0a2f5d2cf6ab40c38bc1b0875"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=21600
content-length
18915
29a7127
login.newscorpaustralia.com/akam/11/ Frame 2BE2 		32 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/akam/11/29a7127
Requested by
Host: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=SLgGjUZ6.2c3Z83ym-6v11kJp1A2LoL1&nonce=PcedsuP~yLb_sBXClh8cOUN8ecVl-UfG&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-77.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=SLgGjUZ6.2c3Z83ym-6v11kJp1A2LoL1&nonce=PcedsuP~yLb_sBXClh8cOUN8ecVl-UfG&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:16 GMT
content-encoding
gzip
last-modified
Thu, 02 May 2019 20:04:35 GMT
etag
"0c02a2723df1f08f233c02796d0c57921365230073c715b911d49824e0e24262"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
content-length
10454
expires
Wed, 21 Apr 2021 11:16:16 GMT
64c4f9debe4ti17991ecfa342459f501b
login.newscorpaustralia.com/staticweb/ Frame 2BE2 		73 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/staticweb/64c4f9debe4ti17991ecfa342459f501b
Requested by
Host: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=SLgGjUZ6.2c3Z83ym-6v11kJp1A2LoL1&nonce=PcedsuP~yLb_sBXClh8cOUN8ecVl-UfG&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-77.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=SLgGjUZ6.2c3Z83ym-6v11kJp1A2LoL1&nonce=PcedsuP~yLb_sBXClh8cOUN8ecVl-UfG&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:16 GMT
content-encoding
gzip
last-modified
Tue, 16 Feb 2021 22:20:44 GMT
etag
"77ab0fb0bef6d3471b849a9e26e339e68a4c60a0a2f5d2cf6ab40c38bc1b0875"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=21600
content-length
18915
2988.json
script.crazyegg.com/pages/data-scripts/0018/ 		24 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0018/2988.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0018/2988.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
884e7a71e6fef3883866981a05a4aa1f19291212581b722377c7359753ea725b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:16 GMT
content-encoding
gzip
cf-cache-status
HIT
age
49194
ce-version
11.1.272
content-length
1796
cf-request-id
0995be35840000dfd34e802000000001
timing-allow-origin
*
last-modified
Tue, 20 Apr 2021 21:36:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
cf-ray
643633026eeddfd3-FRA
ping
ping.chartbeat.net/ 		43 B
169 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2Fnews%2Fbreaking-news%2Fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2Fnews-story%2Fa6014d78ca474fc98429ca45bcc005cc&u=CvEsS44ZQzADlVryE&d=heraldsun.com.au&g=36976&g0=news%2Cbreaking-news%2Cstory%2Cno_video%2Cpc.ct.free&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=3273&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=7218&t=DS5tYeD2it2ADdYtEJC08YrxD_AWkx&V=126&i=German%20court%20throws%20out%20challenge%20against%20EU%20virus%20recovery%20fund%20%7C%20Herald%20Sun&tz=-120&_acct=anon&sn=1&sv=D0E982DTPhaeB_m0kHkAg1dBTH8L4&sd=1&im=06530c52&_
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.2.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-2-75.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0
ggcmb510.js
seccdn-gl.imrworldwide.com/novms/js/2/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://seccdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:2600:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
v8EFEAmgyOIEHPdRap_4kHFd7N20k7gR
content-encoding
gzip
etag
W/"afa0d379b1e6e0a61fad577d0043ff26"
last-modified
Mon, 15 Mar 2021 14:07:26 GMT
server
AmazonS3
age
798
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Wed, 21 Apr 2021 11:02:59 GMT
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
3kuHWnnXP4fCij_1KhkdrQQxvQgaIfWHlaZOtEXyYuG0rzQ9RGsBCA==
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/tad/tad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-69.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
54138d578ed166d5381db70b3dd14a16830233553b6e4213402bae2fdb0564b4

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Apr 2021 18:47:13 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 08 Jul 2020 20:34:30 GMT
Server
AmazonS3
Age
145744
ETag
W/"a8663f72a1dbe614b19f167a59af368d"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
Cache-Control
max-age=604800
Transfer-Encoding
chunked
X-Amz-Cf-Pop
ZRH50-C1
X-Amz-Cf-Id
tWVZA0B4fM27hL8Mzmwp1XKSpaL4ERQ5uKW4ShIi_Lqd_JpYQoCJgA==
11.1.272.js
script.crazyegg.com/pages/versioned/common-scripts/ 		60 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/11.1.272.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0018/2988.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ad835c4747bb13fd0aba70ccdf79f30275af189e93d6e0b3c3bd7e53237c1a3

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:16 GMT
content-encoding
gzip
cf-cache-status
HIT
age
82499
cf-ray
643633035eae4a68-FRA
content-length
20482
cf-request-id
0995be361500004a6886b9c000000001
last-modified
Fri, 09 Apr 2021 17:32:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
ebOneTag.js
secure-ds.serving-sys.com/SemiCachedScripts/ 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.247.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-247-190.deploy.static.akamaitechnologies.com
Software
/ ARR/3.0
Resource Hash
560ff2564fbf2bef305cf0e9533c4db2671c96297d978fd31ac0310727fe455f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:16 GMT
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 15:15:57 GMT
server
x-powered-by
ARR/3.0
etag
"84a7fce7aaabd61:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=186
accept-ranges
bytes
content-length
15848
undefined
www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/
Redirect Chain
  • https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/undefined
  • https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fbreaking-news%2fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2fnews-story%2...
  • https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/undefined
  • https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fbreaking-news%2fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2fnews-story...
  • https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/undefined?nk=f0438412004a727eaba0ac78fb9d77ca-1619003777
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/undefined?nk=f0438412004a727eaba0ac78fb9d77ca-1619003777
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-111.deploy.static.akamaitechnologies.com
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

:path
/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/undefined?nk=f0438412004a727eaba0ac78fb9d77ca-1619003777
pragma
no-cache
cookie
trc_cookie_storage=newscorpau-aud-heraldsun%253Asession-data%3Dv2_113d94e26e6285e932e5c6e0ce085da9_7f6b5753-2082-4263-ad23-bed7b315e0e4-tuct7798eff_1619003775_1619003775_CNawjgYQgPNHGJuylKGPLyABKAEwrgE47qgMQO7xK0jPhtgDUP___________wFYAGAAaLGv6bXK_ffOrQE%7Ctaboola%2520global%253Alocal-storage-keys%3D%255B%2522newscorpau-aud-heraldsun%253Asession-data%2522%252C%2522taboola%2520global%253Alspb%2522%252C%2522taboola%2520global%253Auser-id%2522%255D%7Ctaboola%2520global%253Alspb%3DCwsIQhDE02oMCwjDARDE02oMCwiJARDE02oMCwiRARDE02oMCwggEMTTagwLCKEBEMTTagwLCKIBEMTTagwLCCQQxNNqDAsIJxDE02oMCwirARDE02oMCwitARDE02oMCwiuARDE02oMCwiwARDE02oMCwiyARDE02oMCwi1ARDE02oMCwi2ARDE02oMCwg7EMTTagwLCD8QhL1qDAwTFA%7Ctaboola%2520global%253Auser-id%3D7f6b5753-2082-4263-ad23-bed7b315e0e4-tuct7798eff; vidoraUserId=pk96ludk76hdb7m7vd0l4o30oejef2; _cb_ls=1; _cb=CvEsS44ZQzADlVryE; _chartbeat2=.1619003776379.1619003776379.1.D0E982DTPhaeB_m0kHkAg1dBTH8L4.1; _cb_svref=null; ad_site_view_t=2021-4-21; ad_site_view=1; nc_eu=y; n_regis=123456789; _ncg_sp_ses.ff50=*; _ncg_sp_id.ff50=4fcab625-69a0-47a2-b77d-1fd131deb751.1619003777.1.1619003777.1619003777.995dc3a7-c844-4791-aff6-d1b4890bac7d; AMCVS_5FE61C8B533204850A490D4D%40AdobeOrg=1; AMCV_5FE61C8B533204850A490D4D%40AdobeOrg=-637568504%7CMCIDTS%7C18739%7CMCMID%7C33918118395447284063114391529233568145%7CMCAAMLH-1619608577%7C6%7CMCAAMB-1619608577%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCCIDH%7C2062342484%7CMCOPTOUT-1619010977s%7CNONE%7CvVersion%7C5.1.1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.heraldsun.com.au
referer
https://www.heraldsun.com.au/
:scheme
https
sec-fetch-site
cross-site
:method
GET
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
x-content-type-options
nosniff
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-powered-by
WordPress VIP <https://wpvip.com>
is-https
true
host-header
a9130478a60e5f9135f765b23f26593b
x-xss-protection
1
x-rq
ewr4 115 233 3223
server
nginx
date
Wed, 21 Apr 2021 11:16:21 GMT
vary
User-Agent Accept-Encoding
content-type
text/html; charset=UTF-8
x-arrrg5
BlaizeHappened
cache-control
max-age=53
x-arrrg1
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fbreaking-news%2fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2fnews-story%2fundefined%3fnk%3df0438412004a727eaba0ac78fb9d77ca-1619003777&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=undefined&session=f0438412004a727eaba0ac78fb9d77ca
set-cookie
AWSALB=FU+dPchos01FQ9HujiAz8E5QteREgocdSF31p/ccl1zvKFP+nSi4JMA5XMKq6/ODSOda6N2FHS0Y+j93MqFl3BD28dj8X1P18wkgyUzLQHJ9qoYU/9YNst59vB/X; Expires=Wed, 28 Apr 2021 11:16:20 GMT; Path=/ nk=f0438412004a727eaba0ac78fb9d77ca; expires=Sat, 20 Apr 2024 11:16:21 GMT; path=/; domain=heraldsun.com.au; SameSite=None; Secure; AWSALBCORS=FU+dPchos01FQ9HujiAz8E5QteREgocdSF31p/ccl1zvKFP+nSi4JMA5XMKq6/ODSOda6N2FHS0Y+j93MqFl3BD28dj8X1P18wkgyUzLQHJ9qoYU/9YNst59vB/X; Expires=Wed, 28 Apr 2021 11:16:20 GMT; Path=/; SameSite=None; Secure
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Wed, 21 Apr 2021 11:17:14 GMT

Redirect headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:17 GMT
server
AkamaiGHost
mime-version
1.0
etag
"05563c72b22b39afb384f19701c03047:1600838589.100191"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
location
https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/undefined?nk=f0438412004a727eaba0ac78fb9d77ca-1619003777
cache-control
max-age=0, no-cache
content-type
text/html
content-length
154
expires
Wed, 21 Apr 2021 11:16:17 GMT
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsltd/hwt/202104140349&cb=1619003776555
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-77-38.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:16 GMT
last-modified
Thu, 14 Apr 2016 16:57:51 GMT
server
AkamaiNetStorage
etag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type
application/x-javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Wed, 21 Apr 2021 11:26:16 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210415/r20110914/elements/html/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210415/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=449451119228.5342?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:14:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 05 May 2021 11:14:23 GMT
view
googleads4.g.doubleclick.net/pcs/ 		0
528 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvQoW6uC1otIZG7mmX3u7wDNIRQf3hKJePSV9BZ1k0acoz8rsKzJZINlrEDdb9btg5gkyKCIRN4k7n3nmF9RAsn9e81Lqv64k9oXBRAeVSFgP1CPvXUun5Zc_ofVsuJJX7B&sig=Cg0ArKJSzE5SedRRnIuUEAE&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20210415.37089&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=449451119228.5342?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Wed, 21 Apr 2021 11:16:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1619003776596
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1619003776596
5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1619003776596
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.115.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-115-248.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d99dce007ef306d7378dfcd9358d66c31082f58269098ea17a759e07a19b8e4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v091-0d80da61d.edge-irl1.demdex.com 5.80.8.20210419103046 3ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-TID
qEZJSJmQRXc=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1537
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Origin
https://www.heraldsun.com.au
X-TID
BYHLkjFWRwE=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1619003776596
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pubads_impl_2021041501.js
securepubads.g.doubleclick.net/gpt/ 		299 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
sffe /
Resource Hash
21684099693050fe6fecb937bb35c94dac2dc990158ed38a53d44ae28fd9c6e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Apr 2021 08:41:55 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
107555
x-xss-protection
0
expires
Wed, 21 Apr 2021 11:16:16 GMT
st
imprammp.taboola.com/ Frame D4D3 		973 B
609 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66334005&crid=5473015&dast=V7xN4CFgNYHlJsek3YlARYHlJsek3YlAUAAAAGBvQHGjKhzTgsBmu5GCxXq8FqNFwsh7vhYjIZwoZMaDMOi8FaLgbL1Wqw2iwGu9VsMpwtB1P4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73hAoiabT4XPd63W_313u8n3uGr_brnD9JZaXw-u0-9xyl-_z17ksb4fdrfG7Lqe36Gj5-z5vvev01hgdZrPL7nO5FT6H0-45vVWut-xpeX3ekpfHb3tZnm-Z627yy12-z1tz-luef4VtsBiNfMONw7QbzTzO4Wiy3DhMq4nHYxisNh47AAAAADwATAneQ_wAAgBEAAAAAEgAAAAAUARU_FsIXAAAAABgACDojGkAqHIY3MPyefj-AQDwUAACACCAQQJQsFdcArAx0n8CAAAAAAAAAMDy____HzNA31IjAxByltAD8OAD8EBUYFnECAAAACDXHtrraFInVBZVAAAE6VYAVwAAAXj0JRrfYQAAAARjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTQgqHCktCLUnTu0XEABg7RcQAIBN3QAA3gLggo6gFYPB6hRiMhtsVrvlcDQ7AAAAgLv___9_PZBYbEbO0coyW9kmw9XKuZmsXBvbyrBxGYarkcO5vYhOBXwn9eSqvhBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmN-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhbmabuHarzVoyGE7Woslss1aYLJu1xGXyTTyL1cqwMq1Fr4_pt1sOVzabFwUDOvciuEgncpfv8_FbDg_XW-E6uYUuy8Ns8rzuFrFEc7JIJ7LLvrHYjJyjlWW2sk2Gq5VzM1m5NraVYeMyDFcjh3Pfm9kmrt1qs5YMhpO1aDLbrBUmy2YtcZl8E89itTKsTGvR62P67ZbDlc3mb8wWy8Fgs9ut9o3ZYjkYbHa71b5DZ_iuPmejZ6gTeVTW8-zlEcrMB4XLYPEuPxdpt_i5GX3e8EuYGoqmn4lV6Pf7_X6_3-_3-70bs8FjMBhmHu02MXb5NZuf8mhRxBLB6SKdiF7G00UskTwt0onItVotRo7lyOMyLmaehcc3cjg8o5XLt7FsfJvlRCxRmi7SiV5ieTm8TrvPLXf5Pn-dy_J22N0av-tyeouOlr_v89a7Tm-N0WE2u-w-l1vhczjtntNb5XrLnpbX5y15efy2l-X5lrnuJr_c5fu8Nae_5flX2AaL0cg33DhMu9HM4xyOJsuNw7SaeDyGwWrjsaj_6BDD1Vwyms0lg-FcOVolAAAAAAAAAIAlzJk3AQAAADgNZrXczFbLBYjIB9QFBgEAAAAAAChu_BjDXb7Px285PFxvhevkFrosD7PJ87pbGSDinpV5s2eCWKvVsgYAABDABgAACODWzVsgRiMH!&cmcv=&pix=undefined&cb=1619003776765&uv=2955&tms=1619003776765&abt=aat1_vB!adh5c-1_vA!insc_vA!spa2_vA!sre_vA!t45!ufm&ft=0&unm=FEED_MANAGER&aure=false&agl=1&cirid=2B6FCEA5910955054819878122&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.1/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0574e172e3545369b75a00ab474444ad0b84bc2c6dd4f93c302d19d5c555fecc

Request headers

:method
GET
:authority
imprammp.taboola.com
:scheme
https
:path
/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66334005&crid=5473015&dast=V7xN4CFgNYHlJsek3YlARYHlJsek3YlAUAAAAGBvQHGjKhzTgsBmu5GCxXq8FqNFwsh7vhYjIZwoZMaDMOi8FaLgbL1Wqw2iwGu9VsMpwtB1P4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73hAoiabT4XPd63W_313u8n3uGr_brnD9JZaXw-u0-9xyl-_z17ksb4fdrfG7Lqe36Gj5-z5vvev01hgdZrPL7nO5FT6H0-45vVWut-xpeX3ekpfHb3tZnm-Z627yy12-z1tz-luef4VtsBiNfMONw7QbzTzO4Wiy3DhMq4nHYxisNh47AAAAADwATAneQ_wAAgBEAAAAAEgAAAAAUARU_FsIXAAAAABgACDojGkAqHIY3MPyefj-AQDwUAACACCAQQJQsFdcArAx0n8CAAAAAAAAAMDy____HzNA31IjAxByltAD8OAD8EBUYFnECAAAACDXHtrraFInVBZVAAAE6VYAVwAAAXj0JRrfYQAAAARjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTQgqHCktCLUnTu0XEABg7RcQAIBN3QAA3gLggo6gFYPB6hRiMhtsVrvlcDQ7AAAAgLv___9_PZBYbEbO0coyW9kmw9XKuZmsXBvbyrBxGYarkcO5vYhOBXwn9eSqvhBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmN-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhbmabuHarzVoyGE7Woslss1aYLJu1xGXyTTyL1cqwMq1Fr4_pt1sOVzabFwUDOvciuEgncpfv8_FbDg_XW-E6uYUuy8Ns8rzuFrFEc7JIJ7LLvrHYjJyjlWW2sk2Gq5VzM1m5NraVYeMyDFcjh3Pfm9kmrt1qs5YMhpO1aDLbrBUmy2YtcZl8E89itTKsTGvR62P67ZbDlc3mb8wWy8Fgs9ut9o3ZYjkYbHa71b5DZ_iuPmejZ6gTeVTW8-zlEcrMB4XLYPEuPxdpt_i5GX3e8EuYGoqmn4lV6Pf7_X6_3-_3-70bs8FjMBhmHu02MXb5NZuf8mhRxBLB6SKdiF7G00UskTwt0onItVotRo7lyOMyLmaehcc3cjg8o5XLt7FsfJvlRCxRmi7SiV5ieTm8TrvPLXf5Pn-dy_J22N0av-tyeouOlr_v89a7Tm-N0WE2u-w-l1vhczjtntNb5XrLnpbX5y15efy2l-X5lrnuJr_c5fu8Nae_5flX2AaL0cg33DhMu9HM4xyOJsuNw7SaeDyGwWrjsaj_6BDD1Vwyms0lg-FcOVolAAAAAAAAAIAlzJk3AQAAADgNZrXczFbLBYjIB9QFBgEAAAAAAChu_BjDXb7Px285PFxvhevkFrosD7PJ87pbGSDinpV5s2eCWKvVsgYAABDABgAACODWzVsgRiMH!&cmcv=&pix=undefined&cb=1619003776765&uv=2955&tms=1619003776765&abt=aat1_vB!adh5c-1_vA!insc_vA!spa2_vA!sre_vA!t45!ufm&ft=0&unm=FEED_MANAGER&aure=false&agl=1&cirid=2B6FCEA5910955054819878122&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

server
nginx
content-type
text/html;charset=ISO-8859-1
content-encoding
gzip
accept-ranges
bytes
date
Wed, 21 Apr 2021 11:16:16 GMT
via
1.1 varnish
x-served-by
cache-hhn11536-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1619003777.802316,VS0,VE10
vary
Accept-Encoding
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66334005&crid=5473015&dast=V7xN4CFgNYHlJsek3YlARYHlJsek3YlAUAAAAGBvQHGjKhzTgsBmu5GCxXq8FqNFwsh7vhYjIZwoZMaDMOi8FaLgbL1Wqw2iwGu9VsMpwtB1P4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73hAoiabT4XPd63W_313u8n3uGr_brnD9JZaXw-u0-9xyl-_z17ksb4fdrfG7Lqe36Gj5-z5vvev01hgdZrPL7nO5FT6H0-45vVWut-xpeX3ekpfHb3tZnm-Z627yy12-z1tz-luef4VtsBiNfMONw7QbzTzO4Wiy3DhMq4nHYxisNh47AAAAADwATAneQ_wAAgBEAAAAAEgAAAAAUARU_FsIXAAAAABgACDojGkAqHIY3MPyefj-AQDwUAACACCAQQJQsFdcArAx0n8CAAAAAAAAAMDy____HzNA31IjAxByltAD8OAD8EBUYFnECAAAACDXHtrraFInVBZVAAAE6VYAVwAAAXj0JRrfYQAAAARjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTQgqHCktCLUnTu0XEABg7RcQAIBN3QAA3gLggo6gFYPB6hRiMhtsVrvlcDQ7AAAAgLv___9_PZBYbEbO0coyW9kmw9XKuZmsXBvbyrBxGYarkcO5vYhOBXwn9eSqvhBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmN-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhbmabuHarzVoyGE7Woslss1aYLJu1xGXyTTyL1cqwMq1Fr4_pt1sOVzabFwUDOvciuEgncpfv8_FbDg_XW-E6uYUuy8Ns8rzuFrFEc7JIJ7LLvrHYjJyjlWW2sk2Gq5VzM1m5NraVYeMyDFcjh3Pfm9kmrt1qs5YMhpO1aDLbrBUmy2YtcZl8E89itTKsTGvR62P67ZbDlc3mb8wWy8Fgs9ut9o3ZYjkYbHa71b5DZ_iuPmejZ6gTeVTW8-zlEcrMB4XLYPEuPxdpt_i5GX3e8EuYGoqmn4lV6Pf7_X6_3-_3-70bs8FjMBhmHu02MXb5NZuf8mhRxBLB6SKdiF7G00UskTwt0onItVotRo7lyOMyLmaehcc3cjg8o5XLt7FsfJvlRCxRmi7SiV5ieTm8TrvPLXf5Pn-dy_J22N0av-tyeouOlr_v89a7Tm-N0WE2u-w-l1vhczjtntNb5XrLnpbX5y15efy2l-X5lrnuJr_c5fu8Nae_5flX2AaL0cg33DhMu9HM4xyOJsuNw7SaeDyGwWrjsaj_6BDD1Vwyms0lg-FcOVolAAAAAAAAAIAlzJk3AQAAADgNZrXczFbLBYjIB9QFBgEAAAAAAChu_BjDXb7Px285PFxvhevkFrosD7PJ87pbGSDinpV5s2eCWKvVsgYAABDABgAACODWzVsgRiMH!&cmcv=&pix=31589837&cb=1619003776765&uv=2955&tms=1619003776765&abt=aat1_vB!adh5c-1_vA!insc_vA!spa2_vA!sre_vA!t45!ufm&ft=0&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1619003769198.7908!ts:1619003776765&mntl=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:16 GMT
content-length
0
server
nginx
gdpr_user_check.esi
tags.news.com.au/prod/data-esi/top/ 		61 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi?
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-190.deploy.static.akamaitechnologies.com
Software
AkamaiGHost /
Resource Hash
12a174500222f25e802175d5cf739d6ed5aeb7ad9812cbfe18b97992d6692a89

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:17 GMT
server
AkamaiGHost
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
etag
"f1d1adc077c1f1f826a151ee3db530bc:1600839199.327003"
content-type
text/plain
access-control-allow-origin
*
cache-control
max-age=0, no-cache
content-length
61
mime-version
1.0
expires
Wed, 21 Apr 2021 11:16:17 GMT
29a7127
login.newscorpaustralia.com/akam/11/ Frame D097 		32 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/akam/11/29a7127
Requested by
Host: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=9BYk8GALquXKoMIsojIjR4q0xVfUXJVy&nonce=VE_lI8jOhN9aXcZYcfY_A.NebXjfUQvO&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-77.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=9BYk8GALquXKoMIsojIjR4q0xVfUXJVy&nonce=VE_lI8jOhN9aXcZYcfY_A.NebXjfUQvO&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:16 GMT
content-encoding
gzip
last-modified
Thu, 02 May 2019 20:04:35 GMT
etag
"0c02a2723df1f08f233c02796d0c57921365230073c715b911d49824e0e24262"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
content-length
10454
expires
Wed, 21 Apr 2021 11:16:16 GMT
64c4f9debe4ti17991ecfa342459f501b
login.newscorpaustralia.com/staticweb/ Frame D097 		73 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/staticweb/64c4f9debe4ti17991ecfa342459f501b
Requested by
Host: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=9BYk8GALquXKoMIsojIjR4q0xVfUXJVy&nonce=VE_lI8jOhN9aXcZYcfY_A.NebXjfUQvO&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-77.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=9BYk8GALquXKoMIsojIjR4q0xVfUXJVy&nonce=VE_lI8jOhN9aXcZYcfY_A.NebXjfUQvO&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:16 GMT
content-encoding
gzip
last-modified
Tue, 16 Feb 2021 22:20:44 GMT
etag
"77ab0fb0bef6d3471b849a9e26e339e68a4c60a0a2f5d2cf6ab40c38bc1b0875"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=21600
content-length
18915
m
secure-gl.imrworldwide.com/cgi-bin/ 		44 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1619003776863&ci=newscorp&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2Fnews-story%2Fa6014d78ca474fc98429ca45bcc005cc%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac&sr=1600x1200&tz=2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:1000:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:16 GMT
via
1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
ZRH50-C1
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
x-cache
Miss from cloudfront
content-type
image/gif
content-length
44
x-amz-cf-id
X8U9yItXAlqRkVXWk4iS6oUDKJQxILqpjA5w0j8vETkcMGRb4h5DZw==
expires
Thu, 01 Dec 1994 16:00:00 GMT
bulk
trc.taboola.com/newscorpau-aud-heraldsun/log/3/ 		0
272 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/newscorpau-aud-heraldsun/log/3/bulk?route=IL%3AIL%3AV&lti=deflated&bulkSize=5
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210420-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
75
pragma
no-cache
date
Wed, 21 Apr 2021 11:16:17 GMT
via
1.1 varnish
server
nginx
x-timer
S1619003777.946587,VS0,VE75
x-served-by
cache-hhn11536-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
visible
trc.taboola.com/newscorpau-aud-heraldsun/log/3/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/newscorpau-aud-heraldsun/log/3/visible?route=IL%3AIL%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210420-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
69
pragma
no-cache
date
Wed, 21 Apr 2021 11:16:17 GMT
via
1.1 varnish
server
nginx
x-timer
S1619003777.970732,VS0,VE69
x-served-by
cache-hhn11536-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
6630
secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/ 		16 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/6630
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.247.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-247-190.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
584ebca28b361c3381c686b75b71c2cb4cdc074bc0ba6e44980c9db33c5cdf1c

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
wNcZVqk5y.Y6LUl0L8PK4xYsYrqrcsAQ
content-encoding
gzip
last-modified
Tue, 09 Mar 2021 03:28:57 GMT
server
ATS/7.1.0
x-amz-request-id
9SXCG9AF7TZDXKC9
etag
"14ead9bc02aa8f3cf645cfb425ed68e2"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=600
date
Wed, 21 Apr 2021 11:16:17 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
1179
x-amz-id-2
qODc3EVBxwWnUAdpAcEznlFoZUk4IKA2wyvb2jU7EwliWGb84PPp49dZ0r4oqpJsi4U9cUkyWFM=
29a7127
login.newscorpaustralia.com/akam/11/ Frame 0261 		0
0
64c4f9debe4ti17991ecfa342459f501b
login.newscorpaustralia.com/staticweb/ Frame 0261 		0
0
glcfg510.js
cdn-gl.imrworldwide.com/novms/js/2/configs/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/configs/glcfg510.js
Requested by
Host: seccdn-gl.imrworldwide.com
URL: https://seccdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:2600:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hQDJIZwJWrviezp1bF9091Jf9LSRyY9_
content-encoding
gzip
etag
W/"931051f801612c3a0e2782961ac3d56c"
last-modified
Mon, 15 Mar 2021 14:07:26 GMT
server
AmazonS3
age
963
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Wed, 21 Apr 2021 11:00:15 GMT
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
N6jk2VJH7qwFHWFzvRsIBKf9UqZ1KDYvwb4bYGeqGdzEDyu3pmUrOA==
show_companion_ad.js
pagead2.googlesyndication.com/pagead/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:02:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
822
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5863
x-xss-protection
0
server
cafe
etag
12453517290502062038
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 21 Apr 2021 12:02:35 GMT
pub
pixel.adsafeprotected.com/services/ 		856 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10507&slot=%7Bid:ad-block-728x90-1,ss:%5B728.90,970.250,970.50,1000.100%5D,p:/5129/ndm.hwt/news/breakingnews,t:display%7D&slot=%7Bid:ad-block-728x90-2,ss:%5B728.90%5D,p:/5129/ndm.hwt/news/breakingnews,t:display%7D&slot=%7Bid:ad-block-300x250-1,ss:%5B300.250,300.600%5D,p:/5129/ndm.hwt/news/breakingnews,t:display%7D&slot=%7Bid:ad-block-300x250-2,ss:%5B300.250%5D,p:/5129/ndm.hwt/news/breakingnews,t:display%7D&slot=%7Bid:ad-block-1000x50-1,ss:%5B1000.50,728.1%5D,p:/5129/ndm.hwt/news/breakingnews,t:display%7D&slot=%7Bid:ad-block-300x90-1,ss:%5B300.90,315.90%5D,p:/5129/ndm.hwt/news/breakingnews,t:display%7D&slot=%7Bid:ad-out-of-page,ss:%5B1.1%5D,p:/5129/ndm.hwt/news/breakingnews,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=bda1382a-101f-bb71-c83b-1073aa2ac275&url=https%253A%252F%252Fwww.heraldsun.com.au%252Fnews%252Fbreaking-news%252Fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%252Fnews-story%252Fa6014d78ca474fc98429ca45bcc005cc%253F_hsmi%253D88974744%2526_hsenc%253Dp2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.19.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b30a55ce288da3b4cb2e3b7f032d7c9ae7d8e680b9e5a26403be805414ed3009

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:17 GMT
x-server-name
app03.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
server
nginx
Cookie set dest5.html
newscorpau.demdex.net/ Frame 3FBA 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newscorpau.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.19.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-19-208.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
newscorpau.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.heraldsun.com.au/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
demdex=33942183780729677563111995985015898251
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=21600
Content-Encoding
gzip
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified
Tue, 20 Apr 2021 15:48:27 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Set-Cookie
demdex=33942183780729677563111995985015898251;Path=/;Domain=.demdex.net;Expires=Mon, 18-Oct-2021 11:16:17 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding, User-Agent
X-TID
7Fm47IfKS7c=
Content-Length
2785
Connection
keep-alive
id
metrics.heraldsun.com.au/ 		48 B
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://metrics.heraldsun.com.au/id?d_visid_ver=5.1.1&d_fieldgroup=A&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&mid=33918118395447284063114391529233568145&ts=1619003777145
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.237.76.117 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-237-76-117.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
e6bde6c40cf42f781d4447abb8a45409f436534b9a50f7cdc031aa30832d675c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 21 Apr 2021 11:16:17 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-5db677d464-ncmgc
vary
Origin
x-c
main-1455.Icbb9a9.M0-487
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=YIAJgQAAAMZKxikN
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=33942183780729677563111995985015898251
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YIAJgQAAAMZKxikN
42 B
975 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YIAJgQAAAMZKxikN
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.115.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-115-248.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v004-0fd5a9680.edge-irl1.demdex.com 6.2.1.20210416163652-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
giEGVW8ZQms=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YIAJgQAAAMZKxikN
Date
Wed, 21 Apr 2021 11:16:17 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
sync
taboola-supply-partners.tremorhub.com/ Frame D4D3 		43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66334005&crid=5473015&dast=V7xN4CFgNYHlJsek3YlARYHlJsek3YlAUAAAAGBvQHGjKhzTgsBmu5GCxXq8FqNFwsh7vhYjIZwoZMaDMOi8FaLgbL1Wqw2iwGu9VsMpwtB1P4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73hAoiabT4XPd63W_313u8n3uGr_brnD9JZaXw-u0-9xyl-_z17ksb4fdrfG7Lqe36Gj5-z5vvev01hgdZrPL7nO5FT6H0-45vVWut-xpeX3ekpfHb3tZnm-Z627yy12-z1tz-luef4VtsBiNfMONw7QbzTzO4Wiy3DhMq4nHYxisNh47AAAAADwATAneQ_wAAgBEAAAAAEgAAAAAUARU_FsIXAAAAABgACDojGkAqHIY3MPyefj-AQDwUAACACCAQQJQsFdcArAx0n8CAAAAAAAAAMDy____HzNA31IjAxByltAD8OAD8EBUYFnECAAAACDXHtrraFInVBZVAAAE6VYAVwAAAXj0JRrfYQAAAARjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTQgqHCktCLUnTu0XEABg7RcQAIBN3QAA3gLggo6gFYPB6hRiMhtsVrvlcDQ7AAAAgLv___9_PZBYbEbO0coyW9kmw9XKuZmsXBvbyrBxGYarkcO5vYhOBXwn9eSqvhBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmN-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhbmabuHarzVoyGE7Woslss1aYLJu1xGXyTTyL1cqwMq1Fr4_pt1sOVzabFwUDOvciuEgncpfv8_FbDg_XW-E6uYUuy8Ns8rzuFrFEc7JIJ7LLvrHYjJyjlWW2sk2Gq5VzM1m5NraVYeMyDFcjh3Pfm9kmrt1qs5YMhpO1aDLbrBUmy2YtcZl8E89itTKsTGvR62P67ZbDlc3mb8wWy8Fgs9ut9o3ZYjkYbHa71b5DZ_iuPmejZ6gTeVTW8-zlEcrMB4XLYPEuPxdpt_i5GX3e8EuYGoqmn4lV6Pf7_X6_3-_3-70bs8FjMBhmHu02MXb5NZuf8mhRxBLB6SKdiF7G00UskTwt0onItVotRo7lyOMyLmaehcc3cjg8o5XLt7FsfJvlRCxRmi7SiV5ieTm8TrvPLXf5Pn-dy_J22N0av-tyeouOlr_v89a7Tm-N0WE2u-w-l1vhczjtntNb5XrLnpbX5y15efy2l-X5lrnuJr_c5fu8Nae_5flX2AaL0cg33DhMu9HM4xyOJsuNw7SaeDyGwWrjsaj_6BDD1Vwyms0lg-FcOVolAAAAAAAAAIAlzJk3AQAAADgNZrXczFbLBYjIB9QFBgEAAAAAAChu_BjDXb7Px285PFxvhevkFrosD7PJ87pbGSDinpV5s2eCWKvVsgYAABDABgAACODWzVsgRiMH!&cmcv=&pix=undefined&cb=1619003776765&uv=2955&tms=1619003776765&abt=aat1_vB!adh5c-1_vA!insc_vA!spa2_vA!sre_vA!t45!ufm&ft=0&unm=FEED_MANAGER&aure=false&agl=1&cirid=2B6FCEA5910955054819878122&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:7c39:f94b:b1fb:416c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:17 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame D4D3 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66334005&crid=5473015&dast=V7xN4CFgNYHlJsek3YlARYHlJsek3YlAUAAAAGBvQHGjKhzTgsBmu5GCxXq8FqNFwsh7vhYjIZwoZMaDMOi8FaLgbL1Wqw2iwGu9VsMpwtB1P4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73hAoiabT4XPd63W_313u8n3uGr_brnD9JZaXw-u0-9xyl-_z17ksb4fdrfG7Lqe36Gj5-z5vvev01hgdZrPL7nO5FT6H0-45vVWut-xpeX3ekpfHb3tZnm-Z627yy12-z1tz-luef4VtsBiNfMONw7QbzTzO4Wiy3DhMq4nHYxisNh47AAAAADwATAneQ_wAAgBEAAAAAEgAAAAAUARU_FsIXAAAAABgACDojGkAqHIY3MPyefj-AQDwUAACACCAQQJQsFdcArAx0n8CAAAAAAAAAMDy____HzNA31IjAxByltAD8OAD8EBUYFnECAAAACDXHtrraFInVBZVAAAE6VYAVwAAAXj0JRrfYQAAAARjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTQgqHCktCLUnTu0XEABg7RcQAIBN3QAA3gLggo6gFYPB6hRiMhtsVrvlcDQ7AAAAgLv___9_PZBYbEbO0coyW9kmw9XKuZmsXBvbyrBxGYarkcO5vYhOBXwn9eSqvhBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmN-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhbmabuHarzVoyGE7Woslss1aYLJu1xGXyTTyL1cqwMq1Fr4_pt1sOVzabFwUDOvciuEgncpfv8_FbDg_XW-E6uYUuy8Ns8rzuFrFEc7JIJ7LLvrHYjJyjlWW2sk2Gq5VzM1m5NraVYeMyDFcjh3Pfm9kmrt1qs5YMhpO1aDLbrBUmy2YtcZl8E89itTKsTGvR62P67ZbDlc3mb8wWy8Fgs9ut9o3ZYjkYbHa71b5DZ_iuPmejZ6gTeVTW8-zlEcrMB4XLYPEuPxdpt_i5GX3e8EuYGoqmn4lV6Pf7_X6_3-_3-70bs8FjMBhmHu02MXb5NZuf8mhRxBLB6SKdiF7G00UskTwt0onItVotRo7lyOMyLmaehcc3cjg8o5XLt7FsfJvlRCxRmi7SiV5ieTm8TrvPLXf5Pn-dy_J22N0av-tyeouOlr_v89a7Tm-N0WE2u-w-l1vhczjtntNb5XrLnpbX5y15efy2l-X5lrnuJr_c5fu8Nae_5flX2AaL0cg33DhMu9HM4xyOJsuNw7SaeDyGwWrjsaj_6BDD1Vwyms0lg-FcOVolAAAAAAAAAIAlzJk3AQAAADgNZrXczFbLBYjIB9QFBgEAAAAAAChu_BjDXb7Px285PFxvhevkFrosD7PJ87pbGSDinpV5s2eCWKvVsgYAABDABgAACODWzVsgRiMH!&cmcv=&pix=undefined&cb=1619003776765&uv=2955&tms=1619003776765&abt=aat1_vB!adh5c-1_vA!insc_vA!spa2_vA!sre_vA!t45!ufm&ft=0&unm=FEED_MANAGER&aure=false&agl=1&cirid=2B6FCEA5910955054819878122&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.87.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-87-152.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:17 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
pixel.advertising.com/ups/58166/ Frame D4D3 		0
125 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66334005&crid=5473015&dast=V7xN4CFgNYHlJsek3YlARYHlJsek3YlAUAAAAGBvQHGjKhzTgsBmu5GCxXq8FqNFwsh7vhYjIZwoZMaDMOi8FaLgbL1Wqw2iwGu9VsMpwtB1P4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73hAoiabT4XPd63W_313u8n3uGr_brnD9JZaXw-u0-9xyl-_z17ksb4fdrfG7Lqe36Gj5-z5vvev01hgdZrPL7nO5FT6H0-45vVWut-xpeX3ekpfHb3tZnm-Z627yy12-z1tz-luef4VtsBiNfMONw7QbzTzO4Wiy3DhMq4nHYxisNh47AAAAADwATAneQ_wAAgBEAAAAAEgAAAAAUARU_FsIXAAAAABgACDojGkAqHIY3MPyefj-AQDwUAACACCAQQJQsFdcArAx0n8CAAAAAAAAAMDy____HzNA31IjAxByltAD8OAD8EBUYFnECAAAACDXHtrraFInVBZVAAAE6VYAVwAAAXj0JRrfYQAAAARjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTQgqHCktCLUnTu0XEABg7RcQAIBN3QAA3gLggo6gFYPB6hRiMhtsVrvlcDQ7AAAAgLv___9_PZBYbEbO0coyW9kmw9XKuZmsXBvbyrBxGYarkcO5vYhOBXwn9eSqvhBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmN-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhbmabuHarzVoyGE7Woslss1aYLJu1xGXyTTyL1cqwMq1Fr4_pt1sOVzabFwUDOvciuEgncpfv8_FbDg_XW-E6uYUuy8Ns8rzuFrFEc7JIJ7LLvrHYjJyjlWW2sk2Gq5VzM1m5NraVYeMyDFcjh3Pfm9kmrt1qs5YMhpO1aDLbrBUmy2YtcZl8E89itTKsTGvR62P67ZbDlc3mb8wWy8Fgs9ut9o3ZYjkYbHa71b5DZ_iuPmejZ6gTeVTW8-zlEcrMB4XLYPEuPxdpt_i5GX3e8EuYGoqmn4lV6Pf7_X6_3-_3-70bs8FjMBhmHu02MXb5NZuf8mhRxBLB6SKdiF7G00UskTwt0onItVotRo7lyOMyLmaehcc3cjg8o5XLt7FsfJvlRCxRmi7SiV5ieTm8TrvPLXf5Pn-dy_J22N0av-tyeouOlr_v89a7Tm-N0WE2u-w-l1vhczjtntNb5XrLnpbX5y15efy2l-X5lrnuJr_c5fu8Nae_5flX2AaL0cg33DhMu9HM4xyOJsuNw7SaeDyGwWrjsaj_6BDD1Vwyms0lg-FcOVolAAAAAAAAAIAlzJk3AQAAADgNZrXczFbLBYjIB9QFBgEAAAAAAChu_BjDXb7Px285PFxvhevkFrosD7PJ87pbGSDinpV5s2eCWKvVsgYAABDABgAACODWzVsgRiMH!&cmcv=&pix=undefined&cb=1619003776765&uv=2955&tms=1619003776765&abt=aat1_vB!adh5c-1_vA!insc_vA!spa2_vA!sre_vA!t45!ufm&ft=0&unm=FEED_MANAGER&aure=false&agl=1&cirid=2B6FCEA5910955054819878122&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.153.186 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-153-186.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:17 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame D4D3
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=fde67fea-a292-11eb-a4c6-194044dd2906&orig=video&us_privacy=1---
0
226 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=fde67fea-a292-11eb-a4c6-194044dd2906&orig=video&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66334005&crid=5473015&dast=V7xN4CFgNYHlJsek3YlARYHlJsek3YlAUAAAAGBvQHGjKhzTgsBmu5GCxXq8FqNFwsh7vhYjIZwoZMaDMOi8FaLgbL1Wqw2iwGu9VsMpwtB1P4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73hAoiabT4XPd63W_313u8n3uGr_brnD9JZaXw-u0-9xyl-_z17ksb4fdrfG7Lqe36Gj5-z5vvev01hgdZrPL7nO5FT6H0-45vVWut-xpeX3ekpfHb3tZnm-Z627yy12-z1tz-luef4VtsBiNfMONw7QbzTzO4Wiy3DhMq4nHYxisNh47AAAAADwATAneQ_wAAgBEAAAAAEgAAAAAUARU_FsIXAAAAABgACDojGkAqHIY3MPyefj-AQDwUAACACCAQQJQsFdcArAx0n8CAAAAAAAAAMDy____HzNA31IjAxByltAD8OAD8EBUYFnECAAAACDXHtrraFInVBZVAAAE6VYAVwAAAXj0JRrfYQAAAARjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTQgqHCktCLUnTu0XEABg7RcQAIBN3QAA3gLggo6gFYPB6hRiMhtsVrvlcDQ7AAAAgLv___9_PZBYbEbO0coyW9kmw9XKuZmsXBvbyrBxGYarkcO5vYhOBXwn9eSqvhBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmN-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhbmabuHarzVoyGE7Woslss1aYLJu1xGXyTTyL1cqwMq1Fr4_pt1sOVzabFwUDOvciuEgncpfv8_FbDg_XW-E6uYUuy8Ns8rzuFrFEc7JIJ7LLvrHYjJyjlWW2sk2Gq5VzM1m5NraVYeMyDFcjh3Pfm9kmrt1qs5YMhpO1aDLbrBUmy2YtcZl8E89itTKsTGvR62P67ZbDlc3mb8wWy8Fgs9ut9o3ZYjkYbHa71b5DZ_iuPmejZ6gTeVTW8-zlEcrMB4XLYPEuPxdpt_i5GX3e8EuYGoqmn4lV6Pf7_X6_3-_3-70bs8FjMBhmHu02MXb5NZuf8mhRxBLB6SKdiF7G00UskTwt0onItVotRo7lyOMyLmaehcc3cjg8o5XLt7FsfJvlRCxRmi7SiV5ieTm8TrvPLXf5Pn-dy_J22N0av-tyeouOlr_v89a7Tm-N0WE2u-w-l1vhczjtntNb5XrLnpbX5y15efy2l-X5lrnuJr_c5fu8Nae_5flX2AaL0cg33DhMu9HM4xyOJsuNw7SaeDyGwWrjsaj_6BDD1Vwyms0lg-FcOVolAAAAAAAAAIAlzJk3AQAAADgNZrXczFbLBYjIB9QFBgEAAAAAAChu_BjDXb7Px285PFxvhevkFrosD7PJ87pbGSDinpV5s2eCWKvVsgYAABDABgAACODWzVsgRiMH!&cmcv=&pix=undefined&cb=1619003776765&uv=2955&tms=1619003776765&abt=aat1_vB!adh5c-1_vA!insc_vA!spa2_vA!sre_vA!t45!ufm&ft=0&unm=FEED_MANAGER&aure=false&agl=1&cirid=2B6FCEA5910955054819878122&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.40.0.195:10213
date
Wed, 21 Apr 2021 11:16:17 GMT
server
nginx
x-fastly-to-nlb-rtt
20928

Redirect headers

Date
Wed, 21 Apr 2021 11:16:17 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=fde67fea-a292-11eb-a4c6-194044dd2906&orig=video&us_privacy=1---
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
140
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame D4D3 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66334005&crid=5473015&dast=V7xN4CFgNYHlJsek3YlARYHlJsek3YlAUAAAAGBvQHGjKhzTgsBmu5GCxXq8FqNFwsh7vhYjIZwoZMaDMOi8FaLgbL1Wqw2iwGu9VsMpwtB1P4MJbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR73hAoiabT4XPd63W_313u8n3uGr_brnD9JZaXw-u0-9xyl-_z17ksb4fdrfG7Lqe36Gj5-z5vvev01hgdZrPL7nO5FT6H0-45vVWut-xpeX3ekpfHb3tZnm-Z627yy12-z1tz-luef4VtsBiNfMONw7QbzTzO4Wiy3DhMq4nHYxisNh47AAAAADwATAneQ_wAAgBEAAAAAEgAAAAAUARU_FsIXAAAAABgACDojGkAqHIY3MPyefj-AQDwUAACACCAQQJQsFdcArAx0n8CAAAAAAAAAMDy____HzNA31IjAxByltAD8OAD8EBUYFnECAAAACDXHtrraFInVBZVAAAE6VYAVwAAAXj0JRrfYQAAAARjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTQgqHCktCLUnTu0XEABg7RcQAIBN3QAA3gLggo6gFYPB6hRiMhtsVrvlcDQ7AAAAgLv___9_PZBYbEbO0coyW9kmw9XKuZmsXBvbyrBxGYarkcO5vYhOBXwn9eSqvhBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmN-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhbmabuHarzVoyGE7Woslss1aYLJu1xGXyTTyL1cqwMq1Fr4_pt1sOVzabFwUDOvciuEgncpfv8_FbDg_XW-E6uYUuy8Ns8rzuFrFEc7JIJ7LLvrHYjJyjlWW2sk2Gq5VzM1m5NraVYeMyDFcjh3Pfm9kmrt1qs5YMhpO1aDLbrBUmy2YtcZl8E89itTKsTGvR62P67ZbDlc3mb8wWy8Fgs9ut9o3ZYjkYbHa71b5DZ_iuPmejZ6gTeVTW8-zlEcrMB4XLYPEuPxdpt_i5GX3e8EuYGoqmn4lV6Pf7_X6_3-_3-70bs8FjMBhmHu02MXb5NZuf8mhRxBLB6SKdiF7G00UskTwt0onItVotRo7lyOMyLmaehcc3cjg8o5XLt7FsfJvlRCxRmi7SiV5ieTm8TrvPLXf5Pn-dy_J22N0av-tyeouOlr_v89a7Tm-N0WE2u-w-l1vhczjtntNb5XrLnpbX5y15efy2l-X5lrnuJr_c5fu8Nae_5flX2AaL0cg33DhMu9HM4xyOJsuNw7SaeDyGwWrjsaj_6BDD1Vwyms0lg-FcOVolAAAAAAAAAIAlzJk3AQAAADgNZrXczFbLBYjIB9QFBgEAAAAAAChu_BjDXb7Px285PFxvhevkFrosD7PJ87pbGSDinpV5s2eCWKvVsgYAABDABgAACODWzVsgRiMH!&cmcv=&pix=undefined&cb=1619003776765&uv=2955&tms=1619003776765&abt=aat1_vB!adh5c-1_vA!insc_vA!spa2_vA!sre_vA!t45!ufm&ft=0&unm=FEED_MANAGER&aure=false&agl=1&cirid=2B6FCEA5910955054819878122&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.245.144 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-245-144.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
cdn-gl.imrworldwide.com/conf/ 		32 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Requested by
Host: secure-gl.imrworldwide.com
URL: https://secure-gl.imrworldwide.com/v60.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:2600:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d0bfefba0e699b77fc665e11e791631d5773acbfd215098e31fa6b72d3a6cafc

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
wynOZekdfiScty.dJEADBpa.4yz5teLi
content-encoding
gzip
etag
W/"20a7cde39a94b12755e4e9ca89f07df4"
last-modified
Tue, 20 Apr 2021 15:18:13 GMT
server
AmazonS3
age
4097
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront)
cache-control
max-age=86400,s-maxage=86400
date
Wed, 21 Apr 2021 10:19:25 GMT
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
0liAuMZTYBZTAwrPnOOTV6T8pmpTJzizo3ZiDy9ciD89LeUFf2PA6g==
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/ 		176 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:2600:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
984af48e7efc952d96c92943d3dc213bfc599182fac15dfb9409eaa655b38f34

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
doo8zakPyk_h6a65dWBtLeBk97YNaGf5
content-encoding
gzip
etag
W/"5040f47ea411a7f5e3c03138f192bc36"
last-modified
Mon, 15 Mar 2021 14:07:26 GMT
server
AmazonS3
age
653
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Wed, 21 Apr 2021 11:05:25 GMT
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
An-nXuqcNJ5ICV-VAX7UAWFp5IHRgYOaCz76V79IONMsu-eKyGyQZg==
Serving
bs.serving-sys.com/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving?cn=ot&onetagid=6630&dispType=js&sync=0&sessionid=2714562434477421109&pageurl=$$https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2Fnews-story%2Fa6014d78ca474fc98429ca45bcc005cc%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac$$&activityValues=$$Session%3D3931374480923177438$$&ns=0&rnd=5840044239175579
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
82.199.68.72 Zwolle, Netherlands, ASN15830 (EQUINIX-CONNECT, GB),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
387196e3e7af3f2ccfe870f225d8c411c26f2a6cb8b46b6a7059dae09489db07

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 11:16:17 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
P3P
CP="NOI DEVa OUR BUS UNI"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store
Content-Type
text/html; charset=UTF-8
Content-Length
2361
Expires
Sun, 05-Jun-2005 22:00:00 GMT
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 5774 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:2600:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

:method
GET
:authority
cdn-gl.imrworldwide.com
:scheme
https
:path
/novms/html/ls.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-type
text/html
last-modified
Mon, 15 Mar 2021 14:07:25 GMT
x-amz-server-side-encryption
AES256
x-amz-version-id
CQNsfisV0FRFvEwJtnSHt.sxZ.rmJ_Zz
server
AmazonS3
content-encoding
gzip
date
Wed, 21 Apr 2021 10:52:28 GMT
cache-control
max-age=86400
etag
W/"7fa83dfc7b78314b137e2eb13834daa7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
0NAr4sHa2caOk4h2j0YuxWhwjbokf1awuqTGg0qXqmjUkvUYD37sxQ==
age
1430
integrator.js
adservice.google.pl/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.pl/adsid/integrator.js?domain=www.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 21 Apr 2021 11:16:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 21 Apr 2021 11:16:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		188 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3984433780929436&correlator=2941645173645225&output=ldjh&impl=fifs&hxva=1&scor=2105692522564382&eid=31060843%2C31060706%2C31060506&vrg=2021041501&ptt=17&co=1&npa=1&sc=1&sfv=1-0-38&ecs=20210421&iu_parts=5129%2Cndm.hwt%2Cnews%2Cbreakingnews&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x250%7C970x50%7C1000x100%2C728x90%2C300x250%7C300x600%2C300x250%2C1000x50%7C728x1%2C300x90%7C315x90%2C1x1&ists=1&prev_scp=pos%3D1%26id%3Dfdda9eba-a292-11eb-8497-0a6fa201f3de%7Cpos%3D2%26id%3Dfdda9ebb-a292-11eb-8497-0a6fa201f3de%7Cpos%3D1%26id%3Dfdda9ebc-a292-11eb-8497-0a6fa201f3de%26vw%3D40%2C50%2C60%2C70%2C80%26vw05%3D40%2C50%2C60%26vw15%3D40%2C50%26grm%3D40%2C50%2C60%2C70%26vw10%3D40%2C50%2C60%26pub%3D40%2C50%2C60%2C70%7Cpos%3D2%26id%3Dfdda9ebd-a292-11eb-8497-0a6fa201f3de%7Cpos%3D1%26id%3Dfdda9ebe-a292-11eb-8497-0a6fa201f3de%7Cpos%3D1%26id%3Dfdda9ebf-a292-11eb-8497-0a6fa201f3de%7Cpos%3D1%26id%3Dfdda9ec0-a292-11eb-8497-0a6fa201f3de&eri=1&cust_params=tts%3Dn%26ttm%3Dn%26us%3Db%26s%3D0%26co%3D1%26kw%3DEu%252CEU%252CBreaking%2520News%252CONLINENEWSEN%252CHealth%252CONLINENEWSEN_BREAKINGNEWS%252CBerlin%252Ceconomy%252Ccourt%252Cvirus%252CGermany%26nk%3Df277a6fd0b815eab7b320a6fb7d2a190%26sec1%3Dnews%26sec2%3Dbreakingnews%26ksgmnt%3D%26siteview%3D1%26pagetype%3Dstory%26aid%3Da6014d78ca474fc98429ca45bcc005cc%26adl%3Dfalse%26snol%3De%252Cg%26pvid%3Df277a6fd0b815eab7b320a6fb7d2a190-a6014d78ca474fc98429ca45bcc005cc-1619003776360-514099%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_7246_1381_KW%252CIAS_UNSCORED_PG%252CIAS_5192_KW%252CIAS_2400_KW&bc=31&abxe=1&lmt=1619003777&dt=1619003777344&dlt=1619003774556&idt=2501&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C176%2C1124%2C1124%2C176%2C1124%2C0&adys=28%2C2623%2C638%2C1615%2C2623%2C612%2C3273&adks=3343294207%2C2808698625%2C1478358836%2C2507937728%2C1895762110%2C1679177193%2C2353233395&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2Fnews-story%2Fa6014d78ca474fc98429ca45bcc005cc%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x134%7C1248x0%7C299x0%7C299x0%7C1248x0%7C299x0%7C1600x3273&msz=728x133%7C728x90%7C299x276%7C299x276%7C1000x50%7C300x90%7C1x1&ga_vid=2019167334.1619003777&ga_sid=1619003777&ga_hid=1968942045&ga_fc=false&fws=640%2C128%2C640%2C640%2C128%2C644%2C128&ohw=0%2C0%2C0%2C0%2C0%2C300%2C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
5612fb7531e5a53d1cc83d3cc588cbb7bfab4eace29c0cd8cb11b7c19bdf9ec5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21963
x-xss-protection
0
google-lineitem-id
4682990628,4682990628,4682990628,4682990628,4682990628,4795254195,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138234025551,138234025560,138234025548,138234092456,138234082439,138345071646,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
0316522e3603390df187489bd7e0b6e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://0316522e3603390df187489bd7e0b6e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
id
dpm.demdex.net/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=33918118395447284063114391529233568145&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=newsnkidcookie%01f277a6fd0b815eab7b320a6fb7d2a190%011&ts=1619003777420
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.115.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-115-248.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3dbc8989d735635bcfcdcda0c5026cce3b4a9bbad66dffd90348b6713ae9b687
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v091-0cf78a2e7.edge-irl1.demdex.com 5.80.8.20210419103046 3ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-TID
f0hPlGwOQF4=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1536
Expires
Thu, 01 Jan 1970 00:00:00 GMT
gn
secure-dcr.imrworldwide.com/cgi-bin/ Frame 5774 		44 B
529 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&sessionId=rxhzybjbkyyvqnttfgu5o6femnfph1619003777&c16=sdkv,bj.6.0.0&uoo=&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&c30=bldv,6.0.0.587&retry=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.217.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-217-185.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:17 GMT
server
nginx
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
content-type
image/gif
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
/
rxhzybjbkyyvqnttfgu5o6femnfph1619003777.nuid.imrworldwide.com/ Frame 5774 		35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rxhzybjbkyyvqnttfgu5o6femnfph1619003777.nuid.imrworldwide.com/
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:8c00:1d:667e:2a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 15:05:53 GMT
via
1.1 355e7d579c41c1dcc2113e41403be663.cloudfront.net (CloudFront)
last-modified
Tue, 11 Sep 2018 17:05:20 GMT
server
AmazonS3
age
72625
etag
"c2196de8ba412c60c22ab491af7b1409"
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
35
x-amz-cf-id
ChmRviTRDBmAwhQBsIRqIcEYxhOVzvv6L55Wu2LXuC6XWZ7-K5gZog==
campaigns
resourcesssl.newscdn.com.au/indies/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22article%22,site:%22heraldsun.com.au%22,section:%22/news/breaking-news%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Protocol
H2
Server
184.30.24.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-190.deploy.static.akamaitechnologies.com
Software
Google Frontend / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.heraldsun.com.au
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
content-type
text/html
function-execution-id
ckv2k60y57tj
server
Google Frontend
x-cloud-trace-context
3fe3f407a5a75f6beb94af4e91677381
x-country-code
DE
x-orig-accept-language
en-US
x-powered-by
Express
accept-ranges
bytes
x-served-by
cache-ams21057-AMS
x-cache-hits
0
x-timer
S1619003778.522927,VS0,VE255
cache-control
private, max-age=604760
expires
Wed, 28 Apr 2021 11:15:37 GMT
date
Wed, 21 Apr 2021 11:16:17 GMT
x-i
true
campaigns
resourcesssl.newscdn.com.au/indies/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22article%22,site:%22heraldsun.com.au%22,section:%22/news/breaking-news%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Requested by
Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-190.deploy.static.akamaitechnologies.com
Software
Google Frontend / Express
Resource Hash
acfb1f0de15111045cdd0e765b51a974602fed8d35459a3fad5e1b02d09b7dba

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 21 Apr 2021 11:16:17 GMT
content-encoding
gzip
etag
W/"a86-9Cgurj3mQkWki9/cFyEOFLiz4rY"
x-powered-by
Express
x-cache-hits
0
content-length
769
x-served-by
cache-ams21059-AMS
server
Google Frontend
x-timer
S1618997412.351392,VS0,VE358
x-i
true
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
db41498dc5e2dd049201da44e02a56ee
cache-control
private, max-age=598487
function-execution-id
v7973xsiz7xr
accept-ranges
bytes
x-orig-accept-language
ar,en-US;q=0.9,en;q=0.8
x-country-code
DE
expires
Wed, 28 Apr 2021 09:31:04 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9EB3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJd-ZeVAGcFn7ltWdOeI10vMb8XlgdNX_S4gb147-IYa5s5wgFEB2CmfQgH0l6bD6EZQMS-LbhUm1KtrGlw2LrSB03D08Bn_BJwyArw07g1Tk4eiMrRIPC-WW9me8f4rw8aHN5v5xae2yR0q9MabeuCPM0OgSZRLWNaC-epGt2NKrf6SOWyDAXBWKTsEx4UirOM9Xt8tUfziBrFyV7rc5IeQY0vqFsRkUzT_4Ce5UQ0hNplctL7gC5fXYc814u9v6mteNl4rV0YCiwtY4SkD0pbPVCjacLwjJ32D_0V6kegGXhUl-tuS0_AkWtJIpVPDU&sai=AMfl-YSSYA7lJeeFr20t_VCFixzEIL3VHjIY-CQQBSX9TJjR3WEVuIUsVDUaaA8CWaVtdCdhnKSCANaB0lin&sig=Cg0ArKJSzL8oWZKNNZWuEAE&adurl=
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VX5zZg1gp8x2VCFB3550K860W3cF4jk4qG9qBMtGxl94Zc_rV3Zsc37CgT_JW17K2Qq9bPlJYW5R5dL59dVMXjW7z-4jR9b6FJDW4bq-V53tgQKTW8tHLRZ4dVxJjW5X0jSY1MnH23N2Ts1rMG0YF6W5tLSH572LsF8W1rrqm21l2bM6W6l0p7x81P3BfVl-fyg7tH-J6W2twwz68WDTNqW3r3Bvd3wKftsW5mr3fg2nf_gbW2VrGt93gjLQWW5tMRfB44zcX6W5vnz4C3mlJXwW5zdPZ94CZBQqW4KbNLY9jN6pzW22Y5Fy33S5RCLgX7x4K5nLW1lHk3C203SmzW6tWr4W5p1QgyW6kk-wR1gZbJ9W41hz-Y5HRKNnW29W_mF8dZnzDW11CY2f1MJSJ3W5tT3LY43lPrmW3v12rz8QQHpsW26Rn-Y7LSPN4W9jCfzd8Y_JW9W8V1Z8L2hdS2KW6HJRFm8qzlHwW18nlDw68njy634fF1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 21 Apr 2021 11:16:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/ Frame 9EB3 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1064ddcbdb0bd8fe55ca8f9a8615eeeb0660e990eb28aa424bb786c6569ba084
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:13:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
138
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7114
x-xss-protection
0
server
cafe
etag
5240039360651012885
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 05 May 2021 11:13:59 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame 9EB3 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:14:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 05 May 2021 11:14:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9EB3 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618831897855645"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36793
x-xss-protection
0
expires
Wed, 21 Apr 2021 11:16:17 GMT
7114969398400660195
tpc.googlesyndication.com/simgad/ Frame 9EB3 		68 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7114969398400660195
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 20:54:35 GMT
x-content-type-options
nosniff
age
51702
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
x-xss-protection
0
last-modified
Wed, 23 May 2018 07:39:36 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Apr 2022 20:54:35 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A9FF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstngWKCgch3SQMIXTUIliB_o0Nr8ivGmQ5zt_SjNyzdZRvHC0NzfVbNwMPIFxXwCEcRmIfEAZxlaY9yB0OEUVrKSgnH9sMrzNhQRSgFzYCWhqskIg9sqXSh2FdePq7096MJMO5LVmk7Yf0MBHSrBBh-Ey89iWzRTw_KWqY61x56jw_f6toLr3yJZNvgIBmSVi7FDSEHFXWNbbGJfIiznvlZY7wc9yFbDIC9_Y9V2X_j0aG6EkGcjv8aFXvMzO7xZX8hsdJBkTRJh7Ap2KaVG-4W2JnBLhJdrb22vtwIL4l7zEowsUTM-xVDnthrAqZU_-c&sai=AMfl-YQ2dDns-0yvnUQln0bzVQaVCgLDsBin4JbV873m_adHeRfeJwllYInP5X3iYtP5AIQNy0TmHXkeMnoZ&sig=Cg0ArKJSzMQYdAX79q8LEAE&adurl=
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VX5zZg1gp8x2VCFB3550K860W3cF4jk4qG9qBMtGxl94Zc_rV3Zsc37CgT_JW17K2Qq9bPlJYW5R5dL59dVMXjW7z-4jR9b6FJDW4bq-V53tgQKTW8tHLRZ4dVxJjW5X0jSY1MnH23N2Ts1rMG0YF6W5tLSH572LsF8W1rrqm21l2bM6W6l0p7x81P3BfVl-fyg7tH-J6W2twwz68WDTNqW3r3Bvd3wKftsW5mr3fg2nf_gbW2VrGt93gjLQWW5tMRfB44zcX6W5vnz4C3mlJXwW5zdPZ94CZBQqW4KbNLY9jN6pzW22Y5Fy33S5RCLgX7x4K5nLW1lHk3C203SmzW6tWr4W5p1QgyW6kk-wR1gZbJ9W41hz-Y5HRKNnW29W_mF8dZnzDW11CY2f1MJSJ3W5tT3LY43lPrmW3v12rz8QQHpsW26Rn-Y7LSPN4W9jCfzd8Y_JW9W8V1Z8L2hdS2KW6HJRFm8qzlHwW18nlDw68njy634fF1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 21 Apr 2021 11:16:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
7114969398400660195
tpc.googlesyndication.com/simgad/ Frame A9FF 		68 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7114969398400660195
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 20:54:35 GMT
x-content-type-options
nosniff
age
51702
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
x-xss-protection
0
last-modified
Wed, 23 May 2018 07:39:36 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Apr 2022 20:54:35 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/ Frame A9FF 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1064ddcbdb0bd8fe55ca8f9a8615eeeb0660e990eb28aa424bb786c6569ba084
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:13:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
138
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7114
x-xss-protection
0
server
cafe
etag
5240039360651012885
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 05 May 2021 11:13:59 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame A9FF 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:14:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 05 May 2021 11:14:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A9FF 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618831897855645"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36793
x-xss-protection
0
expires
Wed, 21 Apr 2021 11:16:17 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32feae1eaa46d369fe0a42d46b7e90a05cce2cdb8dc87c4dde67315e0d2a26f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618831909828443"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28266
x-xss-protection
0
expires
Wed, 21 Apr 2021 11:16:17 GMT
demconf.jpg
dpm.demdex.net/ Frame 3FBA
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=6416948277860112457
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=358&dpuuid=6416948277860112457
42 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=358&dpuuid=6416948277860112457
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.115.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-115-248.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v091-052ac261e.edge-irl1.demdex.com 5.80.8.20210419103046 0ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
/47BC/d5RHY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
3Cqt9tHQRpI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=358&dpuuid=6416948277860112457
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B07A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYklFpsgJKG2bzC3sq0tjKBTwy7JdaC4QVE_EuoG3ZphbQfPTIWNN7Vll2WCHysC-9GlISgR_UC30bmeYDgHAOlMFKYf21IxZDA26vw2gTJDhc4piaPlDX0v6qVlFLjP-171iajkWBJDElxzko3OxSTUrTswQTBrtxmX85jhWgZ40I_gIkcvoGM7a4LvRG4bK5Gr9uiOWRPo11gQ7H7NlO_ByTZdomEHWVLnfzUKh22INhmJJp8XXmydBog-H2zYR53VJ3SPoaizpsVQnqPjitTBYf5McbW9eLgijzyulcumoPTiGJzh-RHFhnm1AUnxg&sai=AMfl-YTBpCGBFHAwJYaNZXa1Q-JcluTewIlxDHSf_PFNnj7UaIuT1jvnI3MxPuqRIWY14HhNBzBwGNta64zg&sig=Cg0ArKJSzMBrZI7XxyHZEAE&adurl=
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VX5zZg1gp8x2VCFB3550K860W3cF4jk4qG9qBMtGxl94Zc_rV3Zsc37CgT_JW17K2Qq9bPlJYW5R5dL59dVMXjW7z-4jR9b6FJDW4bq-V53tgQKTW8tHLRZ4dVxJjW5X0jSY1MnH23N2Ts1rMG0YF6W5tLSH572LsF8W1rrqm21l2bM6W6l0p7x81P3BfVl-fyg7tH-J6W2twwz68WDTNqW3r3Bvd3wKftsW5mr3fg2nf_gbW2VrGt93gjLQWW5tMRfB44zcX6W5vnz4C3mlJXwW5zdPZ94CZBQqW4KbNLY9jN6pzW22Y5Fy33S5RCLgX7x4K5nLW1lHk3C203SmzW6tWr4W5p1QgyW6kk-wR1gZbJ9W41hz-Y5HRKNnW29W_mF8dZnzDW11CY2f1MJSJ3W5tT3LY43lPrmW3v12rz8QQHpsW26Rn-Y7LSPN4W9jCfzd8Y_JW9W8V1Z8L2hdS2KW6HJRFm8qzlHwW18nlDw68njy634fF1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 21 Apr 2021 11:16:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/ Frame B07A 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1064ddcbdb0bd8fe55ca8f9a8615eeeb0660e990eb28aa424bb786c6569ba084
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:13:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
138
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7114
x-xss-protection
0
server
cafe
etag
5240039360651012885
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 05 May 2021 11:13:59 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame B07A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:14:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 05 May 2021 11:14:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B07A 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618831897855645"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36793
x-xss-protection
0
expires
Wed, 21 Apr 2021 11:16:17 GMT
l
www.google.com/ads/measurement/ Frame B07A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSlCESIxH73Ji5YfZiIV5xSTPMgREHQFBr7l8bPpCc4fcOmY5PyKUuHztasHsR6j-h7ddZ7
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
13756812283639570429
tpc.googlesyndication.com/simgad/ Frame B07A 		68 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13756812283639570429
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 05:41:47 GMT
x-content-type-options
nosniff
age
279270
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
x-xss-protection
0
last-modified
Wed, 23 May 2018 07:40:06 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Apr 2022 05:41:47 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2EB5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvi5ma0vZ4-m3BQ8qsXEUSLxJKr1b-owYLuHhjpwAHIIQnMGcvLV7HGmIq2ep34Jj35_jJDbZCzpe7zIW-JnZEZW-BxX8V4CtIYLV9sa9b5P-K7OYvO9sa2dKiOJotiJ5WwLEIVotxL8kn1VTDKR3ZTnnsp2wlUPxl1JSL0PbtGPwSsTK7IhXyWBLLiJFef3HO4d_P4OJDCgpyzgZcKCfYOXLZZydtCELhsAMgNuj2kePAu8xeujk8OsSCQ-BoPUrgcxogVTjICiwI4V4Cnkm1DKA83Javr73-QGKBkRm1-uKAGfThIVRuO5CD-mj6yhLc&sai=AMfl-YS25uYRT7lVYVDBJr0sObXHTgAOaF00EZ2ZDsMXyqfqPeA077amrzmXpoYBkd0LlLqyyl-yxoTX-Jho&sig=Cg0ArKJSzJ04DI5Z9ZjcEAE&adurl=
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VX5zZg1gp8x2VCFB3550K860W3cF4jk4qG9qBMtGxl94Zc_rV3Zsc37CgT_JW17K2Qq9bPlJYW5R5dL59dVMXjW7z-4jR9b6FJDW4bq-V53tgQKTW8tHLRZ4dVxJjW5X0jSY1MnH23N2Ts1rMG0YF6W5tLSH572LsF8W1rrqm21l2bM6W6l0p7x81P3BfVl-fyg7tH-J6W2twwz68WDTNqW3r3Bvd3wKftsW5mr3fg2nf_gbW2VrGt93gjLQWW5tMRfB44zcX6W5vnz4C3mlJXwW5zdPZ94CZBQqW4KbNLY9jN6pzW22Y5Fy33S5RCLgX7x4K5nLW1lHk3C203SmzW6tWr4W5p1QgyW6kk-wR1gZbJ9W41hz-Y5HRKNnW29W_mF8dZnzDW11CY2f1MJSJ3W5tT3LY43lPrmW3v12rz8QQHpsW26Rn-Y7LSPN4W9jCfzd8Y_JW9W8V1Z8L2hdS2KW6HJRFm8qzlHwW18nlDw68njy634fF1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 21 Apr 2021 11:16:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
13756812283639570429
tpc.googlesyndication.com/simgad/ Frame 2EB5 		68 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13756812283639570429
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 05:41:47 GMT
x-content-type-options
nosniff
age
279270
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
x-xss-protection
0
last-modified
Wed, 23 May 2018 07:40:06 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Apr 2022 05:41:47 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/ Frame 2EB5 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1064ddcbdb0bd8fe55ca8f9a8615eeeb0660e990eb28aa424bb786c6569ba084
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:13:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
138
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7114
x-xss-protection
0
server
cafe
etag
5240039360651012885
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 05 May 2021 11:13:59 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame 2EB5 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:14:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 05 May 2021 11:14:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2EB5 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618831897855645"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36793
x-xss-protection
0
expires
Wed, 21 Apr 2021 11:16:17 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1D9B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupwgH9Y9XHTZlMr5hPNDOr-09kHyTbrZPo1CpTSYGMNTIIjWCwcxV4UqQsr3pFyztyH0aJbC1rkOeNjXqkdrBcP0BFrYkbGgW2fTz78DZ_QquPApZG56cplkGV5uA-F9_KSEttUl03ncBvM2oawCUBCDvSVIchSZtDAf4iAv2yAnTm2tkj6_CFofm7X-ZIuD9IAYjew_r2UQFaePQqfqzgw6RmnJsNIpZMq3D9mLT0KYP4Ak9tIjE973poMDn0z0ZAgzm7bwix6dsRN-rKS37Xfb06surhD_VjMnKZsHitlOg8g-IHj2-10m8NG8FNBCA&sai=AMfl-YRG4oNBtvLfRiDoL0RNUfqu3l3scDBpSg3gMJeXtyiwe0V6GDUFtA_OLrbLIUo76Xfdm6s0GotxpKnO&sig=Cg0ArKJSzBso9AvcQAceEAE&adurl=
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VX5zZg1gp8x2VCFB3550K860W3cF4jk4qG9qBMtGxl94Zc_rV3Zsc37CgT_JW17K2Qq9bPlJYW5R5dL59dVMXjW7z-4jR9b6FJDW4bq-V53tgQKTW8tHLRZ4dVxJjW5X0jSY1MnH23N2Ts1rMG0YF6W5tLSH572LsF8W1rrqm21l2bM6W6l0p7x81P3BfVl-fyg7tH-J6W2twwz68WDTNqW3r3Bvd3wKftsW5mr3fg2nf_gbW2VrGt93gjLQWW5tMRfB44zcX6W5vnz4C3mlJXwW5zdPZ94CZBQqW4KbNLY9jN6pzW22Y5Fy33S5RCLgX7x4K5nLW1lHk3C203SmzW6tWr4W5p1QgyW6kk-wR1gZbJ9W41hz-Y5HRKNnW29W_mF8dZnzDW11CY2f1MJSJ3W5tT3LY43lPrmW3v12rz8QQHpsW26Rn-Y7LSPN4W9jCfzd8Y_JW9W8V1Z8L2hdS2KW6HJRFm8qzlHwW18nlDw68njy634fF1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 21 Apr 2021 11:16:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/ Frame 1D9B 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1064ddcbdb0bd8fe55ca8f9a8615eeeb0660e990eb28aa424bb786c6569ba084
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:13:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
138
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7114
x-xss-protection
0
server
cafe
etag
5240039360651012885
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 05 May 2021 11:13:59 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame 1D9B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:14:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 05 May 2021 11:14:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1D9B 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618831897855645"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36793
x-xss-protection
0
expires
Wed, 21 Apr 2021 11:16:17 GMT
l
www.google.com/ads/measurement/ Frame 1D9B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSqSgE_9tgo-6v-SlUk2GiRRI2EGkU2Rm1xPuPc2LqOFjt5pvFPmOpsat0CZbbCcPuW4uMx
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
13503232906761715217
tpc.googlesyndication.com/simgad/ Frame 1D9B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13503232906761715217
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a87453753b5611e7806718ec99a837dc8068d9eb20b4b6b3bb0d38ee2bd84d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 23:02:08 GMT
x-content-type-options
nosniff
age
44049
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3270
x-xss-protection
0
last-modified
Wed, 23 May 2018 04:43:28 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Apr 2022 23:02:08 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9CF2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssj-9o5xkA6-kqn-g3xvploTDQ09uCIf7CPA9mxCOXWlnGzruNzzd0F6TD-xn0wFdSn4Ds84ynUEAHnWzwXwpv4FqSyLco3qDwXL-2UYB9eCC3cGir543tIOLeLpI0ig1dp-Lw3znzHFWVqXwPrleuxcxWkCsgbqMiZFcHYM49K-RO7Q10AdWaU_vF48dkITHfL8HhOdk4judesdA__5w-3TpG-Eas0I7G_-no9IW4LS6cy13P713DCGXb-7Tu0kDM9d-hmLRz8Nc7WARk9H4yr7V83PGMmAf0TgFWmmNTmWlO6Z2yT7SHT6yI9lAzdBdQ&sai=AMfl-YR8jsAF5YNwW12-FprRe_Zv8mTjrTiS2CPgdzf844Winw-je4BKUk0V3gOIgz9S7eIp_4aftuP5WBRM&sig=Cg0ArKJSzIu_8aD4fHKbEAE&adurl=
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VX5zZg1gp8x2VCFB3550K860W3cF4jk4qG9qBMtGxl94Zc_rV3Zsc37CgT_JW17K2Qq9bPlJYW5R5dL59dVMXjW7z-4jR9b6FJDW4bq-V53tgQKTW8tHLRZ4dVxJjW5X0jSY1MnH23N2Ts1rMG0YF6W5tLSH572LsF8W1rrqm21l2bM6W6l0p7x81P3BfVl-fyg7tH-J6W2twwz68WDTNqW3r3Bvd3wKftsW5mr3fg2nf_gbW2VrGt93gjLQWW5tMRfB44zcX6W5vnz4C3mlJXwW5zdPZ94CZBQqW4KbNLY9jN6pzW22Y5Fy33S5RCLgX7x4K5nLW1lHk3C203SmzW6tWr4W5p1QgyW6kk-wR1gZbJ9W41hz-Y5HRKNnW29W_mF8dZnzDW11CY2f1MJSJ3W5tT3LY43lPrmW3v12rz8QQHpsW26Rn-Y7LSPN4W9jCfzd8Y_JW9W8V1Z8L2hdS2KW6HJRFm8qzlHwW18nlDw68njy634fF1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 21 Apr 2021 11:16:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/ Frame 9CF2 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1064ddcbdb0bd8fe55ca8f9a8615eeeb0660e990eb28aa424bb786c6569ba084
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:13:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
138
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7114
x-xss-protection
0
server
cafe
etag
5240039360651012885
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 05 May 2021 11:13:59 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame 9CF2 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:14:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 05 May 2021 11:14:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9CF2 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618831897855645"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36793
x-xss-protection
0
expires
Wed, 21 Apr 2021 11:16:17 GMT
l
www.google.com/ads/measurement/ Frame 9CF2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTRfU0gabOEzgS26xD6h5YKRz-xpMIXenfVDae6qwy4OgXAkoK7FjsixTG74a30Lkv-N2qW
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
4573440487296087453
tpc.googlesyndication.com/simgad/ Frame 9CF2 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4573440487296087453
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fa06bea7bb296b456d46727e9b3a4a62cbfb2901247b9f93434c4cb3b7fbd18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 07:08:09 GMT
x-content-type-options
nosniff
age
14888
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11304
x-xss-protection
0
last-modified
Thu, 01 Apr 2021 01:19:20 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Apr 2022 07:08:09 GMT
s7262452652938
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.0/ 		43 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.0/s7262452652938?AQB=1&ndh=1&pf=1&t=21%2F3%2F2021%2013%3A16%3A17%203%20-120&cid.&newsnkidcookie.&id=f277a6fd0b815eab7b320a6fb7d2a190&as=1&.newsnkidcookie&.cid&vid=f277a6fd0b815eab7b320a6fb7d2a190&mid=33918118395447284063114391529233568145&aamlh=6&ce=UTF-8&ns=newscorpau&cdp=3&g=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2Fnews-story%2Fa6014d78ca474fc98429ca45bcc005cc%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfD&cc=AUD&ch=D%3Dv4&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=D%3Dv1&v1=news%20corp%20au&h1=news%20corp%20au%7Cherald%20sun%7Cherald%20sun%20web%7Cnews%7Cbreaking-news&c2=D%3Dv2&v2=herald%20sun&c3=D%3Dv3&v3=herald%20sun%20web&c4=D%3Dv4&v4=news&c5=D%3Dv5&v5=breaking-news&c9=D%3Dv9&v9=story&c10=D%3Dg&v10=D%3DpageName&c11=D%3Dv11&v11=D%3Dvid&c14=D%3Dv14&v14=anonymous&c15=D%3Dv15&v15=free&c16=D%3Dv16&v16=a6014d78ca474fc98429ca45bcc005cc&c17=D%3Dv17&v17=german%20court%20throws%20out%20challenge%20against%20eu%20virus%20recovery%20fund&c19=D%3Dv19&v19=afp&c20=D%3Dv20&v20=2021-04-21%2017%3A56%3A21&c22=D%3Dv22&v22=9%3A16%20PM%7CWednesday&c24=D%3Dv24&v24=New&c30=First%20Visit&v34=D%3Dg&c46=D%3Dv46&v46=not%20logged%20in&c50=D%3Dv50&v50=2021-04-21%2017%3A46%3A46&v52=1600x1200%7Cwindows%7C10&c60=TypeError%3A%20Cannot%20read%20property%20%27getItem%27%20of%20null&v77=D%3Dmid&v111=0&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&-g=fEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&AQE=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.237.76.117 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-237-76-117.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:17 GMT
x-content-type-options
nosniff
x-c
main-1455.Icbb9a9.M0-487
p3p
CP="This is not a P3P policy"
vary
*
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 22 Apr 2021 11:16:17 GMT
server
jag
xserver
anedge-5db677d464-fwfm5
etag
3476784137370271744-4621944728404505471
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Tue, 20 Apr 2021 11:16:17 GMT
sync
rtb.mfadsrvr.com/ul_cb/ Frame 8654
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.8.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 11:16:18 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
Date
Wed, 21 Apr 2021 11:16:18 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
sd
u.openx.net/w/1.0/ Frame 8654
Redirect Chain
  • https://u.openx.net/w/1.0/sd?id=543998486&val=7f6b5753-2082-4263-ad23-bed7b315e0e4-tuct7798eff&gdpr=0&gdpr_consent=
  • https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=7f6b5753-2082-4263-ad23-bed7b315e0e4-tuct7798eff&gdpr=0&gdpr_consent=
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=7f6b5753-2082-4263-ad23-bed7b315e0e4-tuct7798eff&gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:18 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=7f6b5753-2082-4263-ad23-bed7b315e0e4-tuct7798eff&gdpr=0&gdpr_consent=
date
Wed, 21 Apr 2021 11:16:17 GMT
via
1.1 google
server
OXGW/16.205.4
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
sync.php
pixel.rubiconproject.com/exchange/ Frame 8654 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif
/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 8654
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=m5vrLwq4RUP7&ev=1&orig=trc&pid=562107
0
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=m5vrLwq4RUP7&ev=1&orig=trc&pid=562107
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.10.199:10213
date
Wed, 21 Apr 2021 11:16:18 GMT
server
nginx
x-fastly-to-nlb-rtt
20931

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=m5vrLwq4RUP7&ev=1&orig=trc&pid=562107
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-stage-0
expires
-1
/
sync.taboola.com/sg/appnexus-network/1/rtb-h/ Frame 8654
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc
  • https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=6416948277860112457&orig=trc
0
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=6416948277860112457&orig=trc
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.12.133:10213
date
Wed, 21 Apr 2021 11:16:18 GMT
server
nginx
x-fastly-to-nlb-rtt
20932

Redirect headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 11:16:17 GMT
X-Proxy-Origin
185.246.208.94; 185.246.208.94; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.10:80
AN-X-Request-Uuid
5c71b595-e36b-4fd1-8f0f-54ec813a02dd
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=6416948277860112457&orig=trc
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 8654
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEPYlAH9KOTCq6pKwf-3DWoQ&google_cver=1
0
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEPYlAH9KOTCq6pKwf-3DWoQ&google_cver=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
68
date
Wed, 21 Apr 2021 11:16:18 GMT
via
1.1 varnish
server
nginx
x-timer
S1619003778.489203,VS0,VE68
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn11536-HHN

Redirect headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEPYlAH9KOTCq6pKwf-3DWoQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 8654 		42 B
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=7f6b5753-2082-4263-ad23-bed7b315e0e4-tuct7798eff:$UID
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 11:16:18 GMT
X-lat
lhrpug008:0:378
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42
pixel
cm.g.doubleclick.net/ Frame 8654
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=9f0e2d2f-70da-43a0-9f36-0eda806771e7-tuct7798f01
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=0&gdpr_consent=&google_hm=9f0e2d2f-70da-43a0-9f36-0eda806771e7-tuct7798f01&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=0&gdpr_consent=&google_hm=9f0e2d2f-70da-43a0-9f36-0eda806771e7-tuct7798f01&google_tc=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=0&gdpr_consent=&google_hm=9f0e2d2f-70da-43a0-9f36-0eda806771e7-tuct7798f01&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
376
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmb/ Frame 8654
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
70 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.87.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-87-152.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:18 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:17 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
167
merge
ce.lijit.com/ Frame 8654
Redirect Chain
  • https://ce.lijit.com/merge?pid=42&3pid=7f6b5753-2082-4263-ad23-bed7b315e0e4-tuct7798eff&us_privacy=&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=42&3pid=7f6b5753-2082-4263-ad23-bed7b315e0e4-tuct7798eff&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=42&3pid=7f6b5753-2082-4263-ad23-bed7b315e0e4-tuct7798eff&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 11:16:18 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 11:16:18 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=42&3pid=7f6b5753-2082-4263-ad23-bed7b315e0e4-tuct7798eff&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 8654 		49 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=7f6b5753-2082-4263-ad23-bed7b315e0e4-tuct7798eff
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-US
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-7c488d4f5b-gfz22
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 8654 		43 B
697 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=7f6b5753-2082-4263-ad23-bed7b315e0e4-tuct7798eff&gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.110 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:17 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
put
e1.emxdgt.com/ Frame 8654 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d41&uid=7f6b5753-2082-4263-ad23-bed7b315e0e4-tuct7798eff
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:18 GMT
content-length
0
content-type
text/html
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 8654
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=0020d1db-e696-4f18-b5e3-eb356b673661
0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=0020d1db-e696-4f18-b5e3-eb356b673661
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.22.84:10213
date
Wed, 21 Apr 2021 11:16:18 GMT
server
nginx
x-fastly-to-nlb-rtt
20931

Redirect headers

pragma
no-cache
x-errorlevel
0
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=0020d1db-e696-4f18-b5e3-eb356b673661
cache-control
no-cache
date
Wed, 21 Apr 2021 11:16:18 GMT
server-processing-duration-in-ticks
3445
content-type
text/html; charset=utf-8
content-length
222
expires
Wed, 21 Apr 2021 00:00:00 GMT
6.gif
id5-sync.com/c/464/108/2/ Frame 8654
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=7f6b5753-2082-4263-ad23-bed7b315e0e4-tuct7798eff&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://id5-sync.com/c/464/464/7/1.gif?puid=7f6b5753-2082-4263-ad23-bed7b315e0e4-tuct7798eff&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOTQIa13FbiK1hqFYOTUICCVzSOjnu9sL3FF7EOA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOTQIa13FbiK1hqFYOTUICCVzSOjnu9sL3FF7EOA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp...
  • https://id5-sync.com/cq/464/124/6/2.gif?puid=fb078a12-cdc0-4220-a88d-be306d0ce464&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEDR6dYQm7MRgjGmoiKO95pg&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=3071104051653182818&opid=apx&ops=&utidl=tech:goo:CAESEDR6dYQm7MRgjGmoiKO95pg&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A17041977473&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/464/19/4/4.gif?puid=498d791ff56d76b8feeb788010247e6c&gdpr=1&gdpr_consent=
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/464/101/3/5.gif?puid=041032c9-7e6b-46ef-b9e9-847eb3b47ac2&gdpr=1&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gd...
  • https://id5-sync.com/c/464/108/2/6.gif?puid=002e5220-a293-11eb-a1bf-ca0a6b936eb6&gdpr=1&gdpr_consent=
0
0
rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame 8654
Redirect Chain
  • https://s.c.appier.net/taboola
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=kqFkeNJcDzGyPFpqgwmAYA
0
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=kqFkeNJcDzGyPFpqgwmAYA
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.22.181:10213
date
Wed, 21 Apr 2021 11:16:19 GMT
server
nginx
x-fastly-to-nlb-rtt
20930

Redirect headers

location
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=kqFkeNJcDzGyPFpqgwmAYA
date
Wed, 21 Apr 2021 11:16:19 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
110
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cookiesync
bttrack.com/pixel/ Frame 8654 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName
Track003-dc3
Pragma
no-cache
Date
Wed, 21 Apr 2021 11:15:15 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
sync
x.bidswitch.net/ul_cb/ Frame 8654
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.245.144 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-245-144.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=
date
Wed, 21 Apr 2021 11:16:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
demconf.jpg
dpm.demdex.net/ Frame 3FBA
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=4410628738367370014
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=470&dpuuid=4410628738367370014
42 B
975 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=470&dpuuid=4410628738367370014
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.115.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-115-248.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v004-0e47d899e.edge-irl1.demdex.com 6.2.1.20210416163652-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
Hz3QAfobRBk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
gPGm7sT8Sa4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=470&dpuuid=4410628738367370014
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
truncated
/ Frame 9EB3 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf1dee5a271962ec5c25e0576bd29107e5a47bc38ce5caa0dad95d81481307fd

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame FDDD 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234025551&pubOrder=305536031&cb=1083997873&custom=story&custom3=168400391&adsafe_par&impId=fdda9eba-a292-11eb-8497-0a6fa201f3de
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.19.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
82149dfc1580c3dccc7dee99c246b62ea13ded27b89c0b79a803fd824c5f9226

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:18 GMT
content-encoding
gzip
x-server-name
app22.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
truncated
/ Frame A9FF 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad3f914f571d99c1e4c56e1deb974e6605ce3c912908ab8d0cc98579d1dc1cdd

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame D6E1 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234025560&pubOrder=305536031&cb=1648490816&custom=story&custom3=168400391&adsafe_par&impId=fdda9ebb-a292-11eb-8497-0a6fa201f3de
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.19.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
392921766f874a7d395e64acfd9a328aff6de0b1aa63ceea0e06d5c8f9f4be68

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:18 GMT
content-encoding
gzip
x-server-name
app28.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
truncated
/ Frame B07A 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
38eda9e0855906ad4437951acbb23ef4eb4834f37bc083dd0e7f65e548f9d9bb

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 25EC 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234025548&pubOrder=305536031&cb=1809257187&custom=story&custom3=168400391&adsafe_par&impId=fdda9ebc-a292-11eb-8497-0a6fa201f3de
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.19.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
db7312edae68f0ca75799fdd032ecaebed3971a3f733fd025718ed9b1e96f950

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:18 GMT
content-encoding
gzip
x-server-name
app29.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1D9B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv120PW2Moa_ebMuySHUPXBZj24WQ4y7T42vQOJ7cud-SHTYqd8O-_cfrODj-TTfme4xITVH3WTBbHG4M5U7Ji_auJbSa_3g7zz1lFlxfgVdb4gQhHBAimY7nBCoL02VrJLouVbUuoxzpIxDi8lxMcLLH8k0sxYF_bKtTwDt9y2aDZE5GvPr4PdHkv-UuK-UGZZOWtu5A6Ga4pvRxceh9rYOcI8Yj43_kq-ERjxEx-v3bfbFHd3VaZAfihnL3R338DF8ZL-Q-jISmrUnhu30xQbQOUvFHW8-vXuvjCOCV0IK5JOuSd3UZ7TH8tU1cEfvbKcdw&sai=AMfl-YRQNkcs_7P4YMshiHfekQmYB_vCiAKAVub1LRtJod4Ugu0-lV4O-TmsbbWNM189BPIgy_sTfNQQUMOR&sig=Cg0ArKJSzOjihmWrlooaEAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 21 Apr 2021 11:16:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame 1D9B 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
20a92e0b26344a7f59c3f8ef449e73001feb8198ecd48081bcc38d7f6d48c2c5

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 9F43 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234082439&pubOrder=305536031&cb=1485295675&custom=story&custom3=168400391&adsafe_par&impId=fdda9ebe-a292-11eb-8497-0a6fa201f3de
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.19.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7d3b3438836ac6bb19ba30225b2cc9738f6f9330e64f30fd95b7c9608c60f7cb

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:18 GMT
content-encoding
gzip
x-server-name
app29.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
truncated
/ Frame 2EB5 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
597e90496a257576c42b322d81a9f3c5f8907289b68729bf1c672155bd8668db

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 718E 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234092456&pubOrder=305536031&cb=1964600842&custom=story&custom3=168400391&adsafe_par&impId=fdda9ebd-a292-11eb-8497-0a6fa201f3de
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.19.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7a535ddfce332ddb2cb976b65cb423a3ed725c90d37779bbd5c49a88387da047

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:18 GMT
content-encoding
gzip
x-server-name
app34.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9CF2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss7LNLsZEJXoItP-elnOPCpyi5g2lQyt9KAnPp9X0FOBgtpCse0CNUfrtxpWX3HJiiZ-Nibief7J3KpiRqXxxBPLeo30BEgLvIY95DLVLLoonugT06bRp9bM0Y-JCTZdckRGmMOtoth9iuLr1KP65tP5bB_vk588fIBUPrXoW3dibTpGz5gbDBMjZ3KQ3PxU16YmZQ3YD8Z_zKyOAMf5obPoBHjCpwYp_Y9Jd4GNdcow-bOYfENHV4-n_TgQteCKa-sCXDYV1lYUElui_uHQQAdW3i_Xft-SULdzDrdumphUlNX5tNQZ5KpQDNOWboBmOp6Tw&sai=AMfl-YS8pMdfXuPhpqvzeMWZ8KgwBxCSXHTRi2sabQYmtpbXA4xCMHviqF7sJUnMTDweIUg8dvT5ET9qtztR&sig=Cg0ArKJSzIlEjPP3mkBYEAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 21 Apr 2021 11:16:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame 9CF2 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a463642be10b44d2068da2b7c31e2452ffbf3304a5c3034d92cf136268e2b633

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 6522 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x90|1&pubId=36557831&chanId=21941980990&placementId=4795254195&pubCreative=138345071646&pubOrder=2161406623&cb=1014513803&custom=story&custom3=168400391&adsafe_par&impId=fdda9ebf-a292-11eb-8497-0a6fa201f3de
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.19.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0ed547e40ec78fbc5f46555843234e6f794734ded7ef732dc00cac6437f5612d

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:18 GMT
content-encoding
gzip
x-server-name
app32.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
up_loader.1.1.0.js
js.adsrvr.org/ Frame 5A03 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.100.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-100-124.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 08:06:08 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
11411
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 d92debab8d9ca0518390aebaec8733a7.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
ZRH50-C1
X-Amz-Cf-Id
N_uX7EXmspIvia0P_BtCKO5ha8NLGpEV1pdv-oYCKsjS2Kv8TnWlkw==
uwt.js
static.ads-twitter.com/ Frame 2C55 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VX5zZg1gp8x2VCFB3550K860W3cF4jk4qG9qBMtGxl94Zc_rV3Zsc37CgT_JW17K2Qq9bPlJYW5R5dL59dVMXjW7z-4jR9b6FJDW4bq-V53tgQKTW8tHLRZ4dVxJjW5X0jSY1MnH23N2Ts1rMG0YF6W5tLSH572LsF8W1rrqm21l2bM6W6l0p7x81P3BfVl-fyg7tH-J6W2twwz68WDTNqW3r3Bvd3wKftsW5mr3fg2nf_gbW2VrGt93gjLQWW5tMRfB44zcX6W5vnz4C3mlJXwW5zdPZ94CZBQqW4KbNLY9jN6pzW22Y5Fy33S5RCLgX7x4K5nLW1lHk3C203SmzW6tWr4W5p1QgyW6kk-wR1gZbJ9W41hz-Y5HRKNnW29W_mF8dZnzDW11CY2f1MJSJ3W5tT3LY43lPrmW3v12rz8QQHpsW26Rn-Y7LSPN4W9jCfzd8Y_JW9W8V1Z8L2hdS2KW6HJRFm8qzlHwW18nlDw68njy634fF1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:18 GMT
via
1.1 varnish
last-modified
Fri, 04 Dec 2020 00:21:46 GMT
age
37489
etag
"cbc512946c8abb461c6215ed5b454e5f+gzip"
vary
Accept-Encoding,Host
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding
gzip
cache-control
no-cache
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
1957
x-timer
S1619003779.668065,VS0,VE0
x-served-by
cache-hhn11549-HHN
insight.min.js
snap.licdn.com/li.lms-analytics/ Frame E17C 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VX5zZg1gp8x2VCFB3550K860W3cF4jk4qG9qBMtGxl94Zc_rV3Zsc37CgT_JW17K2Qq9bPlJYW5R5dL59dVMXjW7z-4jR9b6FJDW4bq-V53tgQKTW8tHLRZ4dVxJjW5X0jSY1MnH23N2Ts1rMG0YF6W5tLSH572LsF8W1rrqm21l2bM6W6l0p7x81P3BfVl-fyg7tH-J6W2twwz68WDTNqW3r3Bvd3wKftsW5mr3fg2nf_gbW2VrGt93gjLQWW5tMRfB44zcX6W5vnz4C3mlJXwW5zdPZ94CZBQqW4KbNLY9jN6pzW22Y5Fy33S5RCLgX7x4K5nLW1lHk3C203SmzW6tWr4W5p1QgyW6kk-wR1gZbJ9W41hz-Y5HRKNnW29W_mF8dZnzDW11CY2f1MJSJ3W5tT3LY43lPrmW3v12rz8QQHpsW26Rn-Y7LSPN4W9jCfzd8Y_JW9W8V1Z8L2hdS2KW6HJRFm8qzlHwW18nlDw68njy634fF1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:1bd::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 11:16:18 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Jan 2021 22:14:03 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=18348
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1855
js
www.googletagmanager.com/gtag/ Frame 1CCB 		84 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-707564276
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
10378baeb5aa20759b13d322c2b79b5f447a05d35ab83bd641ea3f3a0cc5785f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:18 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34043
x-xss-protection
0
last-modified
Wed, 21 Apr 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 21 Apr 2021 11:16:18 GMT
up_loader.1.1.0.js
js.adsrvr.org/ Frame C14C 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.100.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-100-124.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 08:06:08 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
11411
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 376bac901e689131d2a41914df1245d9.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
ZRH50-C1
X-Amz-Cf-Id
TVmKklomxksEXLSG70zC6FuozR5o0Q0OQKSF9i3w1bbSAP2zSbOpyw==
pixie.js
acdn.adnxs.com/dmp/up/ Frame E2D2 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/up/pixie.js
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VX5zZg1gp8x2VCFB3550K860W3cF4jk4qG9qBMtGxl94Zc_rV3Zsc37CgT_JW17K2Qq9bPlJYW5R5dL59dVMXjW7z-4jR9b6FJDW4bq-V53tgQKTW8tHLRZ4dVxJjW5X0jSY1MnH23N2Ts1rMG0YF6W5tLSH572LsF8W1rrqm21l2bM6W6l0p7x81P3BfVl-fyg7tH-J6W2twwz68WDTNqW3r3Bvd3wKftsW5mr3fg2nf_gbW2VrGt93gjLQWW5tMRfB44zcX6W5vnz4C3mlJXwW5zdPZ94CZBQqW4KbNLY9jN6pzW22Y5Fy33S5RCLgX7x4K5nLW1lHk3C203SmzW6tWr4W5p1QgyW6kk-wR1gZbJ9W41hz-Y5HRKNnW29W_mF8dZnzDW11CY2f1MJSJ3W5tT3LY43lPrmW3v12rz8QQHpsW26Rn-Y7LSPN4W9jCfzd8Y_JW9W8V1Z8L2hdS2KW6HJRFm8qzlHwW18nlDw68njy634fF1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3883ff2a5b46193da5464f5ae5fb94169d1361cfecedbd187439d459dc669f31

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 11:16:18 GMT
Content-Encoding
gzip
Age
56208
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
2601
X-Served-By
cache-lga21934-LGA, cache-hhn4063-HHN
Access-Control-Allow-Origin
*
Last-Modified
Thu, 14 May 2020 21:04:36 GMT
Server
nginx/1.13.10
X-Timer
S1619003779.709046,VS0,VE0
ETag
W/"5ebdb264-1cfb"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish, 1.1 varnish
Expires
Thu, 10 Dec 2020 19:35:03 GMT
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
1, 18235
activityi;dc_pre=CL2O64ibj_ACFRDHuwgdvFoODw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8273617966547.326
8228261.fls.doubleclick.net/ Frame 3F33
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8273617966547.326?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CL2O64ibj_ACFRDHuwgdvFoODw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=827361796654...
507 B
415 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=CL2O64ibj_ACFRDHuwgdvFoODw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8273617966547.326?
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VX5zZg1gp8x2VCFB3550K860W3cF4jk4qG9qBMtGxl94Zc_rV3Zsc37CgT_JW17K2Qq9bPlJYW5R5dL59dVMXjW7z-4jR9b6FJDW4bq-V53tgQKTW8tHLRZ4dVxJjW5X0jSY1MnH23N2Ts1rMG0YF6W5tLSH572LsF8W1rrqm21l2bM6W6l0p7x81P3BfVl-fyg7tH-J6W2twwz68WDTNqW3r3Bvd3wKftsW5mr3fg2nf_gbW2VrGt93gjLQWW5tMRfB44zcX6W5vnz4C3mlJXwW5zdPZ94CZBQqW4KbNLY9jN6pzW22Y5Fy33S5RCLgX7x4K5nLW1lHk3C203SmzW6tWr4W5p1QgyW6kk-wR1gZbJ9W41hz-Y5HRKNnW29W_mF8dZnzDW11CY2f1MJSJ3W5tT3LY43lPrmW3v12rz8QQHpsW26Rn-Y7LSPN4W9jCfzd8Y_JW9W8V1Z8L2hdS2KW6HJRFm8qzlHwW18nlDw68njy634fF1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f6.1e100.net
Software
cafe /
Resource Hash
6068303ea296ff2d659dba397063c4a146aab9bdc82451f431af904a9eafb692
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8228261.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CL2O64ibj_ACFRDHuwgdvFoODw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8273617966547.326?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Wed, 21 Apr 2021 11:16:18 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
390
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 21-Apr-2021 11:31:18 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Wed, 21 Apr 2021 11:16:18 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8228261.fls.doubleclick.net/activityi;dc_pre=CL2O64ibj_ACFRDHuwgdvFoODw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8273617966547.326?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
conversion.js
www.googleadservices.com/pagead/ Frame 2D28 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
28efd6fe192789ec933ddd5421da0d4d86ebeb1caf0a1cefeb1556e2a7f8b119
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16562
x-xss-protection
0
server
cafe
etag
15733049745449987369
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 21 Apr 2021 11:16:18 GMT
activity
au-gmtdmp.mookie1.com/t/v2/ Frame 1B44 		43 B
606 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296557&src.rand=[timestamp]
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.202.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:18 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
bounce
secure.adnxs.com/ Frame 4D4C
Redirect Chain
  • https://secure.adnxs.com/px?id=879166&seg=9702347&t=2
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 11:16:18 GMT
X-Proxy-Origin
185.246.208.94; 185.246.208.94; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.29:80
AN-X-Request-Uuid
0e6860d8-f397-4e20-9600-1e3d92279dc9
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 11:16:18 GMT
X-Proxy-Origin
185.246.208.94; 185.246.208.94; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.58:80
AN-X-Request-Uuid
cf1ed9c3-76a9-42b3-a709-f23b177a2e2b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1
0
1019 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 11:16:18 GMT
X-Proxy-Origin
185.246.208.94; 185.246.208.94; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.203:80
AN-X-Request-Uuid
a9cec501-3d5a-4cb6-9720-d467ad90c885
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 11:16:18 GMT
X-Proxy-Origin
185.246.208.94; 185.246.208.94; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.242:80
AN-X-Request-Uuid
82397db8-99b7-4386-828b-4333aae6a5f4
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
token
token.rubiconproject.com/ Frame 3FBA 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=6404&puid=33942183780729677563111995985015898251&gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
view
securepubads.g.doubleclick.net/pcs/ Frame B07A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvL-4vYP20VYIxGcm_CrULU54suIdhdx-W30ysUdYLdTRPLRCrpQZhQABFW-Dr02UFhiYBeaGphwK-csuUUQo7E-yikCtXlNP8S14kR-RqofepJy_dakNRN9UnH9rX91RXRJ0D0H98jgxkbqcflfOcN06h-IKcB9G2tgEsuVSn_L-v9JWbLobilqSuqeopoRirnMqrCkxOgfCF3Rh4P6zzNZEmMJ5x5ED4AXG4FIoOAvll91RhXHJ69k8f5_ATAPlDxrM4SbaiyoigAhV16FMgAwsXPtdwXKOmbLDjvJZ64NCsEVwXqaJU3JFFejSm3IcQPfw&sai=AMfl-YR6Zqogn3LBbzYDZ0tH-SKya_HGNjyY3AgpB1TfmaxBMfvtzCQMPqnSDt3NDZzta37alUiE-Qhtpayf&sig=Cg0ArKJSzE98dPcO3hWVEAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 21 Apr 2021 11:16:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 9EB3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuJj-2d2f3Ao9gjx9OPPz6lwB7KFhTHqqfH-LeqGHSRKBkh_WgR5STRQffZGF_FvBTqogtyWakCtuw7xG17Vk6vyxx54KeB8HJt1lmB02FPfDB43yBHmOOgDfTYXfRK6Yf3B3Tlsb6rBkavfttOFj4T9PECAHA_h4H4V9uM2sKINp6Spq8eIdjC1hx0Sleqb_pM83z6L8ejMd7nIW-NkvcuH7lg-fRtYACmrLhvSrwHH8jtYe4CD2GyWg13_PUHWpcCq7eTYamRmktY6U31656yG-swz5chYElU-K4g40KjSI2xNE5UUA3OtrbsUs9lvMbSTA&sai=AMfl-YRXR2MqzGTT-9l4G87m62KHybf93onXU-gs_P6QALSNQ3-3PsoIPIrrRrkO_x4vH7Lwuiqr5p3PoU3T&sig=Cg0ArKJSzLRVEo_jCVaREAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 21 Apr 2021 11:16:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame A9FF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssB0sGXhWwTf940GczrbcXLrbZimmQRTVV0uYc-do5ecEmOZdvyjcjCoie8xUkeIsA30U664bHpAkpsgihXl2K5tvLJ1ukgu2Lkt9y6MgMCc1ZCD6yv9Eqd4O5O8vhJ4uId1pdv9VUd05yDD5JKUDCQn3SA9FlhcYRQxqnvNYmo6VNLovE9360cc2_6pzGDeF0BRo1_iGwM8nMsYjvpZ15rpFxQvsUANjTBR3z56MQc8bwIT2rfki1ifd6UPKLm5SmfT84Wg9uXx_IHRcYfFvCtEWjMfkJW1dZqLeW-6bBp9aUnm2Ar6PebhJEU1aMNfp3sFA&sai=AMfl-YQ8fCyWMDe2CnKYDMj_x0g0WSXWc0tgrjl8xgH5xbEmadxj2g7FBg5gJqhPzcEvxIE6HWqTlnP9VDCM&sig=Cg0ArKJSzFSVDw-BCDoPEAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 21 Apr 2021 11:16:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 2EB5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBM4vwkbE27jC28uyCBYFiM3ozuRQE3h4gsmkZF_j9sJqmne0-DlhHicHnaVHG6RzCI8YEMmXW28NjY0wHrarC-oxEjiuolwaLongq0Mqsc7DDRgqXxXAyhTCMgTIdld1glFMrevVL_ptxuayRxZcVRBr5qIel1CsWJYUNdT3QDfz52KmGOCqBcfrWqAfq-087QdQr_dK1awFyaHcF_wR8g_Z1JymG6zT_H-7K_l4gHkzkDIV9PUwNf9kirlgfSB0bxcqxCf9rEgpEioMXmcSKU3gck-Dv5dW2Bevvktez9Jmxhu-bVWEUNHUKkBthiOok5g&sai=AMfl-YT9Ka7gXzvBumBMhIX-DPn7lU_Ku_dbbtVInxlFb_VUYEUaKtou7vUTJ1bsK0RO3iL7J_Lnj1ZEF92B&sig=Cg0ArKJSzAo8h7L_sjV9EAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 21 Apr 2021 11:16:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
ibs:dpid=771&dpuuid=CAESED_w7xulO93o-VvUoa7HP-I&google_cver=1
dpm.demdex.net/ Frame 3FBA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MzM5NDIxODM3ODA3Mjk2Nzc1NjMxMTE5OTU5ODUwMTU4OTgyNTE=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESED_w7xulO93o-VvUoa7HP-I&google_cver=1?gdpr=0&gdpr_consent=
42 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESED_w7xulO93o-VvUoa7HP-I&google_cver=1?gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.115.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-115-248.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v091-090f38f7d.edge-irl1.demdex.com 5.80.8.20210419103046 0ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
Z9FO5lxSTtY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESED_w7xulO93o-VvUoa7HP-I&google_cver=1?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.gr.19.8.193.js
static.adsafeprotected.com/ Frame FDDD 		182 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.193.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234025551&pubOrder=305536031&cb=1083997873&custom=story&custom3=168400391&adsafe_par&impId=fdda9eba-a292-11eb-8497-0a6fa201f3de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.195.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
0909bafa804131db2f7e58c3f810a9df87603b094dc90f7d36421f52d0b8f185

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:18 GMT
content-encoding
gzip
last-modified
Tue, 20 Apr 2021 16:21:52 GMT
server
nginx/1.16.1
etag
W/"3bc122544b299af3472a4ba27ce7978f"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
main.gr.19.8.193.js
static.adsafeprotected.com/ Frame D6E1 		182 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.193.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234025560&pubOrder=305536031&cb=1648490816&custom=story&custom3=168400391&adsafe_par&impId=fdda9ebb-a292-11eb-8497-0a6fa201f3de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.195.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
0909bafa804131db2f7e58c3f810a9df87603b094dc90f7d36421f52d0b8f185

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:18 GMT
content-encoding
gzip
last-modified
Tue, 20 Apr 2021 16:21:52 GMT
server
nginx/1.16.1
etag
W/"3bc122544b299af3472a4ba27ce7978f"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
main.gr.19.8.193.js
static.adsafeprotected.com/ Frame 9F43 		182 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.193.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234082439&pubOrder=305536031&cb=1485295675&custom=story&custom3=168400391&adsafe_par&impId=fdda9ebe-a292-11eb-8497-0a6fa201f3de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.195.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
0909bafa804131db2f7e58c3f810a9df87603b094dc90f7d36421f52d0b8f185

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:18 GMT
content-encoding
gzip
last-modified
Tue, 20 Apr 2021 16:21:52 GMT
server
nginx/1.16.1
etag
W/"3bc122544b299af3472a4ba27ce7978f"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
main.gr.19.8.193.js
static.adsafeprotected.com/ Frame 718E 		182 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.193.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234092456&pubOrder=305536031&cb=1964600842&custom=story&custom3=168400391&adsafe_par&impId=fdda9ebd-a292-11eb-8497-0a6fa201f3de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.195.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
0909bafa804131db2f7e58c3f810a9df87603b094dc90f7d36421f52d0b8f185

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:18 GMT
content-encoding
gzip
last-modified
Tue, 20 Apr 2021 16:21:52 GMT
server
nginx/1.16.1
etag
W/"3bc122544b299af3472a4ba27ce7978f"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
main.gr.19.8.193.js
static.adsafeprotected.com/ Frame 6522 		182 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.193.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x90|1&pubId=36557831&chanId=21941980990&placementId=4795254195&pubCreative=138345071646&pubOrder=2161406623&cb=1014513803&custom=story&custom3=168400391&adsafe_par&impId=fdda9ebf-a292-11eb-8497-0a6fa201f3de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.195.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
0909bafa804131db2f7e58c3f810a9df87603b094dc90f7d36421f52d0b8f185

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:18 GMT
content-encoding
gzip
last-modified
Tue, 20 Apr 2021 16:21:52 GMT
server
nginx/1.16.1
etag
W/"3bc122544b299af3472a4ba27ce7978f"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
main.gr.19.8.193.js
static.adsafeprotected.com/ Frame 25EC 		182 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.193.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234025548&pubOrder=305536031&cb=1809257187&custom=story&custom3=168400391&adsafe_par&impId=fdda9ebc-a292-11eb-8497-0a6fa201f3de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.195.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
0909bafa804131db2f7e58c3f810a9df87603b094dc90f7d36421f52d0b8f185

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:18 GMT
content-encoding
gzip
last-modified
Tue, 20 Apr 2021 16:21:52 GMT
server
nginx/1.16.1
etag
W/"3bc122544b299af3472a4ba27ce7978f"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/ Frame 2D28 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/?random=1619003778655&fst=1619003778655&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2Fnews-story%2Fa6014d78ca474fc98429ca45bcc005cc%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee8afc1f66b6fd301631ac9d670ffc94d3f6b50a628d3eae5738af919820e423
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1204
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
px4.ads.linkedin.com/ Frame E17C
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1619003778676&url=https%3A%2F%2Fwww.heraldsun.com.au%2F
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26time%3D1619003778676%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1619003778676&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1619003778676&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&liSync=true&e_ipv6=AQIJwzFdvUlTxgAAAXj0JSxAd-_p-PcEb1voPgCvWJw8cOxdwyZdzARev...
0
156 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1619003778676&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&liSync=true&e_ipv6=AQIJwzFdvUlTxgAAAXj0JSxAd-_p-PcEb1voPgCvWJw8cOxdwyZdzARev7SwGdoNWitD1coV
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
108-174-10-14.fwd.linkedin.com
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:20 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-ltx1
x-li-proto
http/2
x-li-pop
prod-edc2
content-type
application/javascript
content-length
0
x-li-uuid
rr5ZVFzbdxbwWyZJhisAAA==

Redirect headers

date
Wed, 21 Apr 2021 11:16:20 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1619003778676&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&liSync=true&e_ipv6=AQIJwzFdvUlTxgAAAXj0JSxAd-_p-PcEb1voPgCvWJw8cOxdwyZdzARev7SwGdoNWitD1coV
x-li-proto
http/2
x-li-pop
prod-esv5
content-length
0
x-li-uuid
pp2FM1zbdxZQLIJ69yoAAA==
/
adservice.google.com/ddm/fls/i/dc_pre=CL2O64ibj_ACFRDHuwgdvFoODw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8273617966547.326;~oref=htt... Frame 577D 		506 B
624 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CL2O64ibj_ACFRDHuwgdvFoODw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8273617966547.326;~oref=https://www.heraldsun.com.au/
Requested by
Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CL2O64ibj_ACFRDHuwgdvFoODw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8273617966547.326?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d84683bdebf7614e528f8d065fb5843e43de8fb3236db08f9a38dcb3923f233b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
adservice.google.com
:scheme
https
:path
/ddm/fls/i/dc_pre=CL2O64ibj_ACFRDHuwgdvFoODw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8273617966547.326;~oref=https://www.heraldsun.com.au/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://8228261.fls.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://8228261.fls.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Wed, 21 Apr 2021 11:16:18 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
391
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
conversion_async.js
www.googleadservices.com/pagead/ Frame 1CCB 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
1a8bc2ff14c32714cbf0dae8a0d4913eda0305acbe7019242cac29ba1e25dfa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13836
x-xss-protection
0
server
cafe
etag
11500755331297449547
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 21 Apr 2021 11:16:18 GMT
ibs:dpid=903&dpuuid=d3b873c5-c50d-4a75-bb4e-a49c4562463d
dpm.demdex.net/ Frame 3FBA
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=d3b873c5-c50d-4a75-bb4e-a49c4562463d
42 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=903&dpuuid=d3b873c5-c50d-4a75-bb4e-a49c4562463d
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.115.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-115-248.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v091-0a8ad4074.edge-irl1.demdex.com 5.80.8.20210419103046 0ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
/DHj+UqES/g=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:18 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dpm.demdex.net/ibs:dpid=903&dpuuid=d3b873c5-c50d-4a75-bb4e-a49c4562463d
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
189
adsct
t.co/i/ Frame 2C55 		43 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o3flk&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2Fnews-story%2Fa6014d78ca474fc98429ca45bcc005cc%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_devel /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
pragma
no-cache
last-modified
Wed, 21 Apr 2021 11:16:19 GMT
server
tsa_devel
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
3c5441eeb8a770002b878befd8e8f063872257ea54a0395c5d2d0acd6bb5cf6b
x-transaction
571b9ddd00da3994
expires
Tue, 31 Mar 1981 05:00:00 GMT
pixie
ib.adnxs.com/ Frame E2D2 		42 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/pixie?e=PageView&pi=4332873b-84ca-4d4d-a575-ee974bcdf99a&it=1619003778748&v=0.0.15&u=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2Fnews-story%2Fa6014d78ca474fc98429ca45bcc005cc%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac&r=https%3A%2F%2Fwww.heraldsun.com.au%2F&st=1619003778748&et=1619003778749&if=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 11:16:19 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx/1.17.9
Connection
keep-alive
X-Proxy-Origin
185.246.208.94; 185.246.208.94; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 10.13.70.77:80
Content-Length
42
Content-Type
image/gif
/
adservice.google.de/ddm/fls/i/dc_pre=CL2O64ibj_ACFRDHuwgdvFoODw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8273617966547.326;~oref=http... Frame 50F7 		194 B
877 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CL2O64ibj_ACFRDHuwgdvFoODw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8273617966547.326;~oref=https://www.heraldsun.com.au/
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CL2O64ibj_ACFRDHuwgdvFoODw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8273617966547.326;~oref=https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
adservice.google.de
:scheme
https
:path
/ddm/fls/i/dc_pre=CL2O64ibj_ACFRDHuwgdvFoODw;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8273617966547.326;~oref=https://www.heraldsun.com.au/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adservice.google.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adservice.google.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Wed, 21 Apr 2021 11:16:18 GMT
expires
Wed, 21 Apr 2021 11:16:18 GMT
cache-control
private, max-age=0
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
177
x-xss-protection
0
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
usersync.html
image5.pubmatic.com/AdServer/usersync/ Frame 3FBA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/ Frame 1CCB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/?random=1619003778845&cv=9&fst=1619003778845&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa472&sendb=1&ig=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2Fnews-story%2Fa6014d78ca474fc98429ca45bcc005cc%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
da4a1d4ba12a076c74c945f31251f810261b63fdb150a945ee3c831a83bf4e81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/859754747/ Frame 2D28 		42 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/859754747/?random=1619003778655&fst=1619002800000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2Fnews-story%2Fa6014d78ca474fc98429ca45bcc005cc%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=4096663967&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/859754747/ Frame 2D28 		42 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/859754747/?random=1619003778655&fst=1619002800000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2Fnews-story%2Fa6014d78ca474fc98429ca45bcc005cc%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=4096663967&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=23728&dpuuid=YIAJgxVXGVNG35gkaqYKcAAA%261219
dpm.demdex.net/ Frame 3FBA
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&C=1
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YIAJgxVXGVNG35gkaqYKcAAA%261219
42 B
975 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YIAJgxVXGVNG35gkaqYKcAAA%261219
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.115.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-115-248.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v004-0f2b5a641.edge-irl1.demdex.com 6.2.1.20210416163652-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
qJbGnuEVTE4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 11:16:19 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YIAJgxVXGVNG35gkaqYKcAAA%261219
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
264
Expires
Wed, 21 Apr 2021 11:16:19 GMT
sca.17.5.1.js
static.adsafeprotected.com/ Frame CC1A 		82 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.1.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.195.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:19 GMT
content-encoding
gzip
last-modified
Thu, 04 Mar 2021 17:39:07 GMT
server
nginx/1.16.1
age
3373742
etag
W/"793767aa29c23c195c863f01f1e83e06"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
mon
pixel.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|1&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234025551&pubOrder=305536031&cb=1083997873&custom=story&custom3=168400391&adsafe_par&impId=fdda9eba-a292-11eb-8497-0a6fa201f3de&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2Fnews-story%2Fa6014d78ca474fc98429ca45bcc005cc%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:2768e81e-647f-dc59-b34a-48449a692b86,c:aqbbxS,sl:outOfView,em:true,fr:true,mn:app22ie,pt:1-5-15,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:svdkRsX+11%7C12%7C13%7C14*.10507%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h111%7C1i%7C1j%7C1k%7C1l,idMap:14*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:450,oid:fe674e3a-a292-11eb-88b9-06da572054ee,v:19.8.193,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.19.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:19 GMT
x-server-name
app02.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
ibs:dpid=30432&dpuuid=CI-dc51d08ac9754595478125befb2f22d7
dpm.demdex.net/ Frame 3FBA
Redirect Chain
  • https://dt.scanscout.com/ssframework/uid?UIAA=33942183780729677563111995985015898251&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D
  • https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-dc51d08ac9754595478125befb2f22d7
42 B
975 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-dc51d08ac9754595478125befb2f22d7
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.115.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-115-248.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v004-07163b308.edge-irl1.demdex.com 6.2.1.20210416163652-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
BctIW3QERyk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-dc51d08ac9754595478125befb2f22d7
Date
Wed, 21 Apr 2021 11:16:19 GMT
useSecure
true
Server
nginx/1.10.3
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=2768e81e-647f-dc59-b34a-48449a692b86&tv=%7Bc:aqbbAm,pingTime:-2,time:603,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:570,beZ:574,mfA:974,cmA:978,inA:980,inZ:989,prA:989,prZ:1005,si:1020,poA:1021,poZ:1051,cmZ:1051,mfZ:1051,loA:1130,loZ:1137,ltA:1170,ltZ:1170%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:449%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:604,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:448,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B189~0%5D,as:%5B189~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:svdkRsX+11%7C12%7C13%7C14*.10507%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h111%7C1i%7C1j%7C1k%7C1l,idMap:14*,rmeas:1,rend:0,renddet:IMG.us,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/news/breakingnews_0,google_ads_iframe_/5129/ndm.hwt/news/breakingnews_0__container__,ad-block-728x90-1%5D,sinceFw:150,readyFired:true%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:19 GMT
x-server-name
dt37.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
/
www.google.com/pagead/1p-user-list/707564276/ Frame 1CCB 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/707564276/?random=1619003778845&cv=9&fst=1619002800000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa472&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2Fnews-story%2Fa6014d78ca474fc98429ca45bcc005cc%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=80329035&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/707564276/ Frame 1CCB 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/707564276/?random=1619003778845&cv=9&fst=1619002800000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa472&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2Fnews-story%2Fa6014d78ca474fc98429ca45bcc005cc%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=80329035&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sca.17.5.1.js
static.adsafeprotected.com/ Frame C104 		82 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.1.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.195.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:19 GMT
content-encoding
gzip
last-modified
Thu, 04 Mar 2021 17:39:07 GMT
server
nginx/1.16.1
age
3373742
etag
W/"793767aa29c23c195c863f01f1e83e06"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=300x90|1&pubId=36557831&chanId=21941980990&placementId=4795254195&pubCreative=138345071646&pubOrder=2161406623&cb=1014513803&custom=story&custom3=168400391&adsafe_par&impId=fdda9ebf-a292-11eb-8497-0a6fa201f3de&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2Fnews-story%2Fa6014d78ca474fc98429ca45bcc005cc%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:ef96bca1-210a-9386-947b-b3361c5851f5,c:aqbbAX,sl:inView,em:true,fr:true,mn:app32ie,pt:1-5-15,wc:0.0.1600.1200,ac:1124.612.300.90,am:i,cc:1124.612.300.90,piv:100,obst:0,th:0,reas:,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:svdkRth+11%7C12%7C13%7C141%7C142%7C151%7C161%7C171%7C181%7C19*.10507%7C191%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h111%7C1i%7C1j%7C1k%7C1l,idMap:19*,pl:,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:620,oid:fe84c181-a292-11eb-8ac0-06cf570a4b4b,v:19.8.193,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.19.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:19 GMT
x-server-name
app29.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sca.17.5.1.js
static.adsafeprotected.com/ Frame 3323 		82 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.1.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.195.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:19 GMT
content-encoding
gzip
last-modified
Thu, 04 Mar 2021 17:39:07 GMT
server
nginx/1.16.1
age
3374670
etag
W/"793767aa29c23c195c863f01f1e83e06"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|2&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234025560&pubOrder=305536031&cb=1648490816&custom=story&custom3=168400391&adsafe_par&impId=fdda9ebb-a292-11eb-8497-0a6fa201f3de&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2Fnews-story%2Fa6014d78ca474fc98429ca45bcc005cc%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:20a3a674-e8fa-f76b-2a3c-bb7fa49d3512,c:aqbbBL,sl:outOfView,em:true,fr:true,mn:app28ie,pt:1-5-15,wc:0.0.1600.1200,ac:800.2640.1.1,am:i,cc:800.2640.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:svdkRt4+11%7C12%7C13%7C141%7C142%7C15*.10507%7C151%7C161%7C171%7C181%7C191%7C192%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h111%7C1i%7C1j%7C1k%7C1l,idMap:15*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:683,oid:fe674e60-a292-11eb-be70-06bbbb59c0e2,v:19.8.193,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.19.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:19 GMT
x-server-name
app37.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sca.17.5.1.js
static.adsafeprotected.com/ Frame FAD4 		82 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.1.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.195.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:19 GMT
content-encoding
gzip
last-modified
Thu, 04 Mar 2021 17:39:07 GMT
server
nginx/1.16.1
age
3374670
etag
W/"793767aa29c23c195c863f01f1e83e06"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=10x10|1&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234082439&pubOrder=305536031&cb=1485295675&custom=story&custom3=168400391&adsafe_par&impId=fdda9ebe-a292-11eb-8497-0a6fa201f3de&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2Fnews-story%2Fa6014d78ca474fc98429ca45bcc005cc%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:f9c707fc-127c-4a14-9279-505dd7c0e088,c:aqbbCl,sl:outOfView,em:true,fr:true,mn:app29ie,pt:1-5-15,wc:0.0.1600.1200,ac:795.2681.10.10,am:i,cc:795.2681.10.10,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:svdkRt7+11%7C12%7C13%7C141%7C142%7C151%7C152%7C161%7C171%7C18*.10507%7C181%7C191%7C192%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h111%7C1i%7C1j%7C1k%7C1l,idMap:18*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:717,oid:fe73d169-a292-11eb-96b0-0ae27972a930,v:19.8.193,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.19.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:19 GMT
x-server-name
app36.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sca.17.5.1.js
static.adsafeprotected.com/ Frame D35F 		82 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.1.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.195.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:19 GMT
content-encoding
gzip
last-modified
Thu, 04 Mar 2021 17:39:07 GMT
server
nginx/1.16.1
age
3373298
etag
W/"793767aa29c23c195c863f01f1e83e06"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|2&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234092456&pubOrder=305536031&cb=1964600842&custom=story&custom3=168400391&adsafe_par&impId=fdda9ebd-a292-11eb-8497-0a6fa201f3de&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2Fnews-story%2Fa6014d78ca474fc98429ca45bcc005cc%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:5bf1a456-de27-45da-e886-b262380c206e,c:aqbbCT,sl:outOfView,em:true,fr:true,mn:app34ie,pt:1-5-15,wc:0.0.1600.1200,ac:1273.1687.1.1,am:i,cc:1273.1687.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:svdkRta+11%7C12%7C13%7C141%7C142%7C151%7C152%7C161%7C17*.10507%7C171%7C181%7C182%7C191%7C192%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h111%7C1i%7C1j%7C1k%7C1l,idMap:17*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:748,oid:fe7be773-a292-11eb-b37c-02b1f7e14db1,v:19.8.193,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.19.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:19 GMT
x-server-name
app32.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sca.17.5.1.js
static.adsafeprotected.com/ Frame EBAE 		82 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.1.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.195.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:19 GMT
content-encoding
gzip
last-modified
Thu, 04 Mar 2021 17:39:07 GMT
server
nginx/1.16.1
age
3373742
etag
W/"793767aa29c23c195c863f01f1e83e06"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|1&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234025548&pubOrder=305536031&cb=1809257187&custom=story&custom3=168400391&adsafe_par&impId=fdda9ebc-a292-11eb-8497-0a6fa201f3de&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2Fnews-story%2Fa6014d78ca474fc98429ca45bcc005cc%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:5d00300b-693c-c702-768d-2e5ed29c2cb3,c:aqbbDr,sl:inView,em:true,fr:true,mn:app29ie,pt:1-5-15,wc:0.0.1600.1200,ac:1273.777.1.1,am:i,cc:1273.777.1.1,piv:100,obst:0,th:0,reas:,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:svdkRtI+11%7C12%7C13%7C141%7C142%7C151%7C152%7C16*.10507%7C161%7C171%7C172%7C181%7C182%7C191%7C192%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h111%7C1i%7C1j%7C1k%7C1l,idMap:16*,pl:,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:748,oid:fe9cb676-a292-11eb-96b0-0ae27972a930,v:19.8.193,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.19.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:19 GMT
x-server-name
app17.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ef96bca1-210a-9386-947b-b3361c5851f5&tv=%7Bc:aqbbDO,pingTime:0,time:797,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:620%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:797,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:620,wc:0.0.1600.1200,ac:1124.612.300.90,am:i,cc:1124.612.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B195~100%5D,as:%5B195~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:svdkRth+11%7C12%7C13%7C141%7C142%7C151%7C161%7C171%7C181%7C19*.10507%7C191%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h111%7C1i%7C1j%7C1k%7C1l,idMap:19*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:19 GMT
x-server-name
dt35.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame 3FBA
Redirect Chain
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=33942183780729677563111995985015898251&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
42 B
933 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.115.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-115-248.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v091-0fd0658a6.edge-irl1.demdex.com 5.80.8.20210419103046 0ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Error
303,104
X-TID
IKchZ8n7RyQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date
Wed, 21 Apr 2021 11:16:19 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
up
insight.adsrvr.org/track/ Frame 77E3 		0
181 B 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2Fnews-story%2Fa6014d78ca474fc98429ca45bcc005cc%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac&upid=trk7f24&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.53.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-53-122.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
insight.adsrvr.org
:scheme
https
:path
/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2Fnews-story%2Fa6014d78ca474fc98429ca45bcc005cc%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac&upid=trk7f24&upv=1.1.0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
TDID=d3b873c5-c50d-4a75-bb4e-a49c4562463d; TDCPM=CAESEgoDYWFtEgsIkI22s52wwjkQBRgBIAEoAjILCJCFueCzsMI5EAU4AVoDYWFtYAI.
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

date
Wed, 21 Apr 2021 11:16:19 GMT
content-type
text/html
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
adsct
analytics.twitter.com/i/ Frame 2C55 		31 B
651 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o3flk&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2Fnews-story%2Fa6014d78ca474fc98429ca45bcc005cc%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
57
x-xss-protection
0
x-response-time
115
pragma
no-cache
last-modified
Wed, 21 Apr 2021 11:16:19 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
e4f279beab3f52404b940249d8466e33
x-transaction
004b613a00357e9a
expires
Tue, 31 Mar 1981 05:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=5d00300b-693c-c702-768d-2e5ed29c2cb3&tv=%7Bc:aqbbFZ,pingTime:0,time:905,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:1,h:1,t:747%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:905,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:747,wc:0.0.1600.1200,ac:1273.777.1.1,am:i,cc:1273.777.1.1,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B172~100%5D,as:%5B172~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:svdkRt4+11%7C12%7C13%7C141%7C142%7C15.10507%7C151%7C152%7C16*.10507%7C161%7C17.10507%7C171%7C172%7C18.10507%7C181%7C182%7C19.10507%7C191%7C192%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h111%7C1i%7C1j%7C1k%7C1l,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:19 GMT
x-server-name
dt54.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
up
insight.adsrvr.org/track/ Frame 8862 		0
182 B 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2Fnews-story%2Fa6014d78ca474fc98429ca45bcc005cc%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac&upid=ekg5qxt&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.53.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-53-122.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
insight.adsrvr.org
:scheme
https
:path
/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2Fnews-story%2Fa6014d78ca474fc98429ca45bcc005cc%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac&upid=ekg5qxt&upv=1.1.0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
TDID=d3b873c5-c50d-4a75-bb4e-a49c4562463d; TDCPM=CAESEgoDYWFtEgsIkI22s52wwjkQBRgBIAEoAjILCJCFueCzsMI5EAU4AVoDYWFtYAI.
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

date
Wed, 21 Apr 2021 11:16:19 GMT
content-type
text/html
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ef96bca1-210a-9386-947b-b3361c5851f5&tv=%7Bc:aqbbG9,pingTime:-2,time:942,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:273,beZ:276,mfA:873,cmA:874,inA:874,inZ:876,prA:876,prZ:886,si:892,poA:893,poZ:908,cmZ:908,mfZ:909,loA:1071,loZ:1072,ltA:1214,ltZ:1214%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:620%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:943,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:620,wc:0.0.1600.1200,ac:1124.612.300.90,am:i,cc:1124.612.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B341~100%5D,as:%5B341~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:svdkRt4+11%7C12%7C13%7C141%7C142%7C15.10507%7C151%7C16.10507%7C161%7C17.10507%7C171%7C18.10507%7C181%7C19*.10507%7C191%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h111%7C1i%7C1j%7C1k%7C1l,idMap:19*,rmeas:1,rend:1,renddet:IMG.qs,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/news/breakingnews_5,google_ads_iframe_/5129/ndm.hwt/news/breakingnews_5__container__,ad-block-300x90-1,rhc,story%5D,sinceFw:321,readyFired:true%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:19 GMT
x-server-name
dt03.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame 9CF2 		42 B
501 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvf_rubz1IVKAWkCaIJQY3qMTraJDR115KB_O8hSryq0V56EyBhUJhOzEkuUo1cYuD94sXz9OqOe30VoS4jWiL5_Nh7kYr5cOwYMwL5gnQ&sig=Cg0ArKJSzFgBBXs4mo-REAE&id=lidar2&mcvt=1163&p=612,1124,702,1424&mtos=1163,1163,1163,1163,1163&tos=1163,0,0,0,0&v=20210419&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=1679177193&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619003777618&dlt=0&rpt=898&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=20a3a674-e8fa-f76b-2a3c-bb7fa49d3512&tv=%7Bc:aqbbH6,pingTime:-2,time:1014,type:a,im:%7BpBlk:697,sf:0,pom:1,prf:%7BbeA:513,beZ:515,mfA:1180,cmA:1181,inA:1181,inZ:1183,prA:1183,prZ:1192,si:1197,poA:1197,bl:1211,poZ:1211,cmZ:1211,mfZ:1211,loA:1399,loZ:1402,ltA:1527,ltZ:1527%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:683%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1014,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:683,wc:0.0.1600.1200,ac:800.2640.1.1,am:i,cc:800.2640.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B346~0%5D,as:%5B346~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:svdkRt4+11%7C12%7C13%7C141%7C142%7C15*.10507%7C151%7C16.10507%7C161%7C17.10507%7C171%7C18.10507%7C181%7C19.10507%7C191%7C192%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h111%7C1i%7C1j%7C1k%7C1l,idMap:15*,rmeas:1,rend:0,renddet:IMG.us,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/news/breakingnews_1,google_ads_iframe_/5129/ndm.hwt/news/breakingnews_1__container__,ad-block-728x90-2%5D,sinceFw:330,readyFired:true%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:19 GMT
x-server-name
dt19.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=f9c707fc-127c-4a14-9279-505dd7c0e088&tv=%7Bc:aqbbH9,pingTime:-2,time:1014,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:370,beZ:371,mfA:1066,cmA:1066,inA:1066,inZ:1068,prA:1068,prZ:1080,si:1087,poA:1087,poZ:1097,cmZ:1097,mfZ:1097,loA:1267,loZ:1268,ltA:1383,ltZ:1383%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:10,h:10,t:716%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1014,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:716,wc:0.0.1600.1200,ac:795.2681.10.10,am:i,cc:795.2681.10.10,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B317~0%5D,as:%5B317~10.10%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:svdkRt4+11%7C12%7C13%7C141%7C142%7C15.10507%7C151%7C152%7C16.10507%7C161%7C17.10507%7C171%7C18*.10507%7C181%7C19.10507%7C191%7C192%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h111%7C1i%7C1j%7C1k%7C1l,idMap:18*,rmeas:1,rend:0,renddet:IMG.us,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/news/breakingnews_4,google_ads_iframe_/5129/ndm.hwt/news/breakingnews_4__container__,ad-block-1000x50-1%5D,sinceFw:296,readyFired:true%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:19 GMT
x-server-name
dt16.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=5bf1a456-de27-45da-e886-b262380c206e&tv=%7Bc:aqbbHb,pingTime:-2,time:1013,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:326,beZ:327,mfA:1051,cmA:1052,inA:1052,inZ:1054,prA:1054,prZ:1069,si:1074,poA:1074,poZ:1086,cmZ:1086,mfZ:1086,loA:1225,loZ:1228,ltA:1339,ltZ:1339%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:747%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1013,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:747,wc:0.0.1600.1200,ac:1273.1687.1.1,am:i,cc:1273.1687.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B287~0%5D,as:%5B287~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:svdkRt4+11%7C12%7C13%7C141%7C142%7C15.10507%7C151%7C152%7C16.10507%7C161%7C17*.10507%7C171%7C18.10507%7C181%7C182%7C19.10507%7C191%7C192%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h111%7C1i%7C1j%7C1k%7C1l,idMap:17*,rmeas:1,rend:0,renddet:IMG.us,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/news/breakingnews_3,google_ads_iframe_/5129/ndm.hwt/news/breakingnews_3__container__,ad-block-300x250-2,rhc,story%5D,sinceFw:265,readyFired:true%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:19 GMT
x-server-name
dt18.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=5d00300b-693c-c702-768d-2e5ed29c2cb3&tv=%7Bc:aqbbHn,pingTime:-2,time:991,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:492,beZ:494,mfA:1224,cmA:1224,inA:1224,inZ:1228,prA:1228,prZ:1235,si:1240,poA:1240,poZ:1247,cmZ:1247,mfZ:1247,loA:1399,loZ:1401,ltA:1482,ltZ:1482%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:1,h:1,t:747%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:991,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:747,wc:0.0.1600.1200,ac:1273.777.1.1,am:i,cc:1273.777.1.1,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B258~100%5D,as:%5B258~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:svdkRt4+11%7C12%7C13%7C141%7C142%7C15.10507%7C151%7C152%7C16*.10507%7C161%7C17.10507%7C171%7C172%7C18.10507%7C181%7C182%7C19.10507%7C191%7C192%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h111%7C1i%7C1j%7C1k%7C1l,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/news/breakingnews_2,google_ads_iframe_/5129/ndm.hwt/news/breakingnews_2__container__,ad-block-300x250-1,rhc,story%5D,sinceFw:242,readyFired:true%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:19 GMT
x-server-name
dt22.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
usermatch.gif
beacon.krxd.net/ Frame 3FBA
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=33942183780729677563111995985015898251
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=33942183780729677563111995985015898251
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=33942183780729677563111995985015898251
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.85.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-85-82.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:20 GMT
cache-control
private, no-cache, no-store
x-request-time
D=111 t=1619003780
x-served-by
beacon-n013-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=33942183780729677563111995985015898251
date
Wed, 21 Apr 2021 11:16:19 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a011-ash-prod.krxd.net
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=2768e81e-647f-dc59-b34a-48449a692b86&tv=%7Bc:aqbbIR,time:1130,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1130,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:448,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B715~0%5D,as:%5B715~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:480,fm:svdkRsX+11%7C12%7C13%7C14*.10507%7C141%7C15.10507%7C151%7C16.10507%7C161%7C17.10507%7C171%7C18.10507%7C181%7C19.10507%7C191%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h111%7C1i%7C1j%7C1k%7C1l,idMap:14*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:19 GMT
x-server-name
dt67.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
ibs:dpid=134096&dpuuid=YClFJy9999OJGGOQ
dpm.demdex.net/ Frame 3FBA
Redirect Chain
  • https://tags.bluekai.com/site/43981?id=33942183780729677563111995985015898251&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=YClFJy9999OJGGOQ
42 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=YClFJy9999OJGGOQ
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.115.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-115-248.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v091-08d05c23f.edge-irl1.demdex.com 5.80.8.20210419103046 0ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
tfTq4XA+QOw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=YClFJy9999OJGGOQ
Date
Wed, 21 Apr 2021 11:16:20 GMT
Connection
keep-alive
Content-Length
0
BK-Server
d8e2
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ef96bca1-210a-9386-947b-b3361c5851f5&tv=%7Bc:aqbbKp,time:1206,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1206,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:620,wc:0.0.1600.1200,ac:1124.612.300.90,am:i,cc:1124.612.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B604~100%5D,as:%5B604~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:155,fm:svdkRt4+11%7C12%7C13%7C141%7C142%7C15.10507%7C151%7C16.10507%7C161%7C17.10507%7C171%7C18.10507%7C181%7C19*.10507%7C191%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h111%7C1i%7C1j%7C1k%7C1l,idMap:19*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:19 GMT
x-server-name
dt55.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=20a3a674-e8fa-f76b-2a3c-bb7fa49d3512&tv=%7Bc:aqbbKr,time:1221,type:e,im:%7BpWait:24%7D,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1221,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:683,wc:0.0.1600.1200,ac:800.2640.1.1,am:i,cc:800.2640.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B553~0%5D,as:%5B553~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:svdkRt4+11%7C12%7C13%7C141%7C142%7C15*.10507%7C151%7C16.10507%7C161%7C17.10507%7C171%7C18.10507%7C181%7C19.10507%7C191%7C192%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h111%7C1i%7C1j%7C1k%7C1l,idMap:15*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:19 GMT
x-server-name
dt54.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=f9c707fc-127c-4a14-9279-505dd7c0e088&tv=%7Bc:aqbbKs,time:1219,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1220,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:716,wc:0.0.1600.1200,ac:795.2681.10.10,am:i,cc:795.2681.10.10,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B523~0%5D,as:%5B523~10.10%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:svdkRt4+11%7C12%7C13%7C141%7C142%7C15.10507%7C151%7C152%7C16.10507%7C161%7C17.10507%7C171%7C18*.10507%7C181%7C19.10507%7C191%7C192%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h111%7C1i%7C1j%7C1k%7C1l,idMap:18*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:19 GMT
x-server-name
dt53.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=5bf1a456-de27-45da-e886-b262380c206e&tv=%7Bc:aqbbKG,time:1230,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1230,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:747,wc:0.0.1600.1200,ac:1273.1687.1.1,am:i,cc:1273.1687.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B503~0%5D,as:%5B503~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:214,fm:svdkRt4+11%7C12%7C13%7C141%7C142%7C15.10507%7C151%7C152%7C16.10507%7C161%7C17*.10507%7C171%7C18.10507%7C181%7C182%7C19.10507%7C191%7C192%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h111%7C1i%7C1j%7C1k%7C1l,idMap:17*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:19 GMT
x-server-name
dt03.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=5d00300b-693c-c702-768d-2e5ed29c2cb3&tv=%7Bc:aqbbKI,time:1198,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1198,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:747,wc:0.0.1600.1200,ac:1273.777.1.1,am:i,cc:1273.777.1.1,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B465~100%5D,as:%5B465~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:156,fm:svdkRt4+11%7C12%7C13%7C141%7C142%7C15.10507%7C151%7C152%7C16*.10507%7C161%7C17.10507%7C171%7C172%7C18.10507%7C181%7C182%7C19.10507%7C191%7C192%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h111%7C1i%7C1j%7C1k%7C1l,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:19 GMT
x-server-name
dt06.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=2768e81e-647f-dc59-b34a-48449a692b86&tv=%7Bc:aqbbMX,pingTime:-10,time:1384,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.1v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS4xdjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS4xdk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1619003779981%7C%7C6db1a876f8974c6ecdb9d94923cef00d%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C1cf7a56bd452d5294aa5132bdf187755%7C%7Cbf78188399b1506c80a3e66f9ba24db3%7C%7C87580f419a0207dc67f8a86e6af74b88%7C%7C0ba56ff04d7b900365d55cdf569f865d%7C%7Cd1b6cc02081779e7e3596c272df0bf6c%7C%7C1614879537,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:20 GMT
x-server-name
dt26.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
pixel
cm.g.doubleclick.net/ Frame 3FBA
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://sync-tm.everesttech.net/ct/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64E...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUlBSmhBQUFXQlR5QmdBNA==&_test=YIAJhAAAWBTyBgA4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUlBSmhBQUFXQlR5QmdBNA==&_test=YIAJhAAAWBTyBgA4
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:20 GMT
via
1.1 varnish
server
Varnish
x-timer
S1619003780.370528,VS0,VE0
x-served-by
cache-hhn4037-HHN
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUlBSmhBQUFXQlR5QmdBNA==&_test=YIAJhAAAWBTyBgA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=5bf1a456-de27-45da-e886-b262380c206e&tv=%7Bc:aqbbOC,pingTime:-10,time:1474,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.1v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS4xdjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS4xdk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1619003779981%7C%7C6db1a876f8974c6ecdb9d94923cef00d%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C1cf7a56bd452d5294aa5132bdf187755%7C%7Cbf78188399b1506c80a3e66f9ba24db3%7C%7C87580f419a0207dc67f8a86e6af74b88%7C%7C0ba56ff04d7b900365d55cdf569f865d%7C%7Cd1b6cc02081779e7e3596c272df0bf6c%7C%7C1614879537,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-,sca:%7Bspg:2768e81e-647f-dc59-b34a-48449a692b86%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:20 GMT
x-server-name
dt39.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=20a3a674-e8fa-f76b-2a3c-bb7fa49d3512&tv=%7Bc:aqbbQ0,pingTime:-10,time:1566,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.1v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS4xdjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS4xdk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1619003779981%7C%7C6db1a876f8974c6ecdb9d94923cef00d%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C1cf7a56bd452d5294aa5132bdf187755%7C%7Cbf78188399b1506c80a3e66f9ba24db3%7C%7C87580f419a0207dc67f8a86e6af74b88%7C%7C0ba56ff04d7b900365d55cdf569f865d%7C%7Cd1b6cc02081779e7e3596c272df0bf6c%7C%7C1614879537,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-,sca:%7Bspg:2768e81e-647f-dc59-b34a-48449a692b86%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:20 GMT
x-server-name
dt43.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
tap.php
pixel.rubiconproject.com/ Frame 3FBA
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90&_test=YIAJhAAAWGryQQA4
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YIAJhAAAWGryQQA4&expires=90&_test=YIAJhAAAWGryQQA4
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YIAJhAAAWGryQQA4&expires=90&_test=YIAJhAAAWGryQQA4
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:20 GMT
via
1.1 varnish
server
Varnish
x-timer
S1619003780.378963,VS0,VE0
x-served-by
cache-hhn4037-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YIAJhAAAWGryQQA4&expires=90&_test=YIAJhAAAWGryQQA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ef96bca1-210a-9386-947b-b3361c5851f5&tv=%7Bc:aqbbR3,pingTime:-10,time:1618,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.1v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS4xdjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS4xdk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1619003779981%7C%7C6db1a876f8974c6ecdb9d94923cef00d%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C1cf7a56bd452d5294aa5132bdf187755%7C%7Cbf78188399b1506c80a3e66f9ba24db3%7C%7C87580f419a0207dc67f8a86e6af74b88%7C%7C0ba56ff04d7b900365d55cdf569f865d%7C%7Cd1b6cc02081779e7e3596c272df0bf6c%7C%7C1614879537,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-,sca:%7Bspg:2768e81e-647f-dc59-b34a-48449a692b86%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:20 GMT
x-server-name
dt48.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
gn
secure-dcr.imrworldwide.com/cgi-bin/ 		44 B
529 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_b04_all_S&asn=all&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&devmodel=&manuf=&sysname=&sysversion=&sessionId=rxhzybjbkyyvqnttfgu5o6femnfph1619003777&prv=1&c6=vc,b04&ca=NA&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&c32=segA,breaking-news&c33=segB,NA&c34=segC,DSK-OTT-WinPhn-OtherBrowser&c15=apn,heraldsun&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,999&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16190037772956822&c30=bldv,6.0.0.587&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&devtypid=&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1619003777021&c3=st,c&c64=starttm,1619003779&adid=1619003777021&c58=isLive,false&c59=sesid,&c61=createtm,1619003780&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2Fnews-story%2Fa6014d78ca474fc98429ca45bcc005cc%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac&c66=mediaurl,&c62=sendTime,1619003780&rnd=54358
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.217.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-217-185.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:20 GMT
server
nginx
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
content-type
image/gif
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 3FBA
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=YIAJhAAAVGX1fgAC
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YIAJhAAAVGX1fgAC&_test=YIAJhAAAVGX1fgAC
43 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YIAJhAAAVGX1fgAC&_test=YIAJhAAAVGX1fgAC
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 11:16:20 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 21 Apr 2021 11:16:20 GMT

Redirect headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:20 GMT
via
1.1 varnish
server
Varnish
x-timer
S1619003780.491613,VS0,VE0
x-served-by
cache-hhn4037-HHN
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YIAJhAAAVGX1fgAC&_test=YIAJhAAAVGX1fgAC
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=5d00300b-693c-c702-768d-2e5ed29c2cb3&tv=%7Bc:aqbbTr,pingTime:-10,time:1739,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.1v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS4xdjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS4xdk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1619003779981%7C%7C6db1a876f8974c6ecdb9d94923cef00d%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C1cf7a56bd452d5294aa5132bdf187755%7C%7Cbf78188399b1506c80a3e66f9ba24db3%7C%7C87580f419a0207dc67f8a86e6af74b88%7C%7C0ba56ff04d7b900365d55cdf569f865d%7C%7Cd1b6cc02081779e7e3596c272df0bf6c%7C%7C1614879537,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-,sca:%7Bspg:2768e81e-647f-dc59-b34a-48449a692b86%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:20 GMT
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ef96bca1-210a-9386-947b-b3361c5851f5&tv=%7Bc:aqbbTY,pingTime:1,time:1799,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:620%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1799,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:620,wc:0.0.1600.1200,ac:1124.612.300.90,am:i,cc:1124.612.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1197~100%5D,as:%5B1197~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:140,fm:svdkRt4+11%7C12%7C13%7C141%7C142%7C15.10507%7C151%7C16.10507%7C161%7C17.10507%7C171%7C18.10507%7C181%7C19*.10507%7C191%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h111%7C1i%7C1j%7C1k%7C1l,idMap:19*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:20 GMT
x-server-name
dt60.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ef96bca1-210a-9386-947b-b3361c5851f5&tv=%7Bc:aqbbTZ,pingTime:1,time:1800,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:620%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1800,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:620,wc:0.0.1600.1200,ac:1124.612.300.90,am:i,cc:1124.612.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1198~100%5D,as:%5B1198~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:140,fm:svdkRt4+11%7C12%7C13%7C141%7C142%7C15.10507%7C151%7C16.10507%7C161%7C17.10507%7C171%7C18.10507%7C181%7C19*.10507%7C191%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h111%7C1i%7C1j%7C1k%7C1l,idMap:19*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:20 GMT
x-server-name
dt57.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ef96bca1-210a-9386-947b-b3361c5851f5&tv=%7Bc:aqbbTZ,pingTime:1,time:1800,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:620%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1800,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:620,wc:0.0.1600.1200,ac:1124.612.300.90,am:i,cc:1124.612.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1198~100%5D,as:%5B1198~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:140,fm:svdkRt4+11%7C12%7C13%7C141%7C142%7C15.10507%7C151%7C16.10507%7C161%7C17.10507%7C171%7C18.10507%7C181%7C19*.10507%7C191%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h111%7C1i%7C1j%7C1k%7C1l,idMap:19*,rmeas:1,rend:1,renddet:IMG.qs,metricId:publ1,cmr:t%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:20 GMT
x-server-name
dt58.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ef96bca1-210a-9386-947b-b3361c5851f5&tv=%7Bc:aqbbU0,pingTime:1,time:1801,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:620%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1801,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:620,wc:0.0.1600.1200,ac:1124.612.300.90,am:i,cc:1124.612.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1199~100%5D,as:%5B1199~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:140,fm:svdkRt4+11%7C12%7C13%7C141%7C142%7C15.10507%7C151%7C16.10507%7C161%7C17.10507%7C171%7C18.10507%7C181%7C19*.10507%7C191%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h111%7C1i%7C1j%7C1k%7C1l,idMap:19*,rmeas:1,rend:1,renddet:IMG.qs,metricId:grpm1,cmr:t%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:20 GMT
x-server-name
dt56.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
setuid
ib.adnxs.com/ Frame 3FBA
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://ib.adnxs.com/setuid?entity=158&code=YIAJhAAAWGryQQA4
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=158&code=YIAJhAAAWGryQQA4
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 11:16:20 GMT
X-Proxy-Origin
185.246.208.94; 185.246.208.94; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.100:80
AN-X-Request-Uuid
375a2aa0-2fb3-4a97-8bcb-1b34d72a8157
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:20 GMT
via
1.1 varnish
server
Varnish
x-timer
S1619003780.451502,VS0,VE0
x-served-by
cache-hhn4037-HHN
x-cache
HIT
location
https://ib.adnxs.com/setuid?entity=158&code=YIAJhAAAWGryQQA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=2768e81e-647f-dc59-b34a-48449a692b86&tv=%7Bc:aqbbVb,time:1894,type:e,env:%7Bnr_p:1,nr_publ1:1,nr_grpm1:1%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1894,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:448,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1479~0%5D,as:%5B1479~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:166,fm:svdkRsX+11%7C12%7C13%7C14*.10507%7C141%7C15.10507%7C151%7C16.10507%7C161%7C17.10507%7C171%7C18.10507%7C181%7C19.10507%7C191%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h111%7C1i%7C1j%7C1k%7C1l,idMap:14*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:20 GMT
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sd
us-u.openx.net/w/1.0/ Frame 3FBA
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YIAJhAAAVGX1fgAC
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YIAJhAAAVGX1fgAC
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YIAJhAAAVGX1fgAC
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:20 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YIAJhAAAVGX1fgAC
date
Wed, 21 Apr 2021 11:16:20 GMT
via
1.1 google
server
OXGW/16.205.4
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=5d00300b-693c-c702-768d-2e5ed29c2cb3&tv=%7Bc:aqbbWm,pingTime:1,time:1920,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:1,h:1,t:747%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1920,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:747,wc:0.0.1600.1200,ac:1273.777.1.1,am:i,cc:1273.777.1.1,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1188~100%5D,as:%5B1188~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:215,fm:svdkRt4+11%7C12%7C13%7C141%7C142%7C15.10507%7C151%7C152%7C16*.10507%7C161%7C17.10507%7C171%7C172%7C18.10507%7C181%7C182%7C19.10507%7C191%7C192%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h111%7C1i%7C1j%7C1k%7C1l,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:20 GMT
x-server-name
dt26.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=5d00300b-693c-c702-768d-2e5ed29c2cb3&tv=%7Bc:aqbbWn,pingTime:1,time:1921,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:1,h:1,t:747%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1921,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:747,wc:0.0.1600.1200,ac:1273.777.1.1,am:i,cc:1273.777.1.1,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1189~100%5D,as:%5B1189~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:215,fm:svdkRt4+11%7C12%7C13%7C141%7C142%7C15.10507%7C151%7C152%7C16*.10507%7C161%7C17.10507%7C171%7C172%7C18.10507%7C181%7C182%7C19.10507%7C191%7C192%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h111%7C1i%7C1j%7C1k%7C1l,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:20 GMT
x-server-name
dt24.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=5d00300b-693c-c702-768d-2e5ed29c2cb3&tv=%7Bc:aqbbWo,pingTime:1,time:1922,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:1,h:1,t:747%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1922,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:747,wc:0.0.1600.1200,ac:1273.777.1.1,am:i,cc:1273.777.1.1,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1189~100%5D,as:%5B1189~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:215,fm:svdkRt4+11%7C12%7C13%7C141%7C142%7C15.10507%7C151%7C152%7C16*.10507%7C161%7C17.10507%7C171%7C172%7C18.10507%7C181%7C182%7C19.10507%7C191%7C192%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h111%7C1i%7C1j%7C1k%7C1l,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs,metricId:publ1,cmr:t%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:20 GMT
x-server-name
dt28.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=5d00300b-693c-c702-768d-2e5ed29c2cb3&tv=%7Bc:aqbbWp,pingTime:1,time:1923,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:1,h:1,t:747%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1923,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:747,wc:0.0.1600.1200,ac:1273.777.1.1,am:i,cc:1273.777.1.1,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1190~100%5D,as:%5B1190~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:215,fm:svdkRt4+11%7C12%7C13%7C141%7C142%7C15.10507%7C151%7C152%7C16*.10507%7C161%7C17.10507%7C171%7C172%7C18.10507%7C181%7C182%7C19.10507%7C191%7C192%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h111%7C1i%7C1j%7C1k%7C1l,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs,metricId:grpm1,cmr:t%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:20 GMT
x-server-name
dt29.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame 3FBA
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YIAJhAAAVGX1fgAC
1 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YIAJhAAAVGX1fgAC
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 11:16:21 GMT
X-lat
lhrpug003:0:698
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:20 GMT
via
1.1 varnish
server
Varnish
x-timer
S1619003781.691659,VS0,VE0
x-served-by
cache-hhn4037-HHN
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YIAJhAAAVGX1fgAC
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
partner
sync.search.spotxchange.com/ Frame 3FBA
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YIAJhAAAVGX1fgAC&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YIAJhAAAVGX1fgAC&img=1&__user_check__=1&sync_id=0011686d-a293-11eb-8666-16ae82d31d06
43 B
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YIAJhAAAVGX1fgAC&img=1&__user_check__=1&sync_id=0011686d-a293-11eb-8666-16ae82d31d06
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.126 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 11:16:21 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
7
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Wed, 21 Apr 2021 11:16:20 GMT
Server
nginx
Location
/partner?adv_id=6409&uid=YIAJhAAAVGX1fgAC&img=1&__user_check__=1&sync_id=0011686d-a293-11eb-8666-16ae82d31d06
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
77
Connection
keep-alive
Content-Length
0
b.php
www.facebook.com/fr/ Frame 3FBA
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=YIAJhAAAVGX1fgAC&t=2592000&o=0
43 B
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YIAJhAAAVGX1fgAC&t=2592000&o=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f113:81:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 04:16:21 PDT
content-encoding
br
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
39uucyb9PLHw8+Ew4KiYgu0S+VVBMP3XSKYlpvS03DVXVQ2Kkq4lQIm9PRGP0CuFVxTdMAOO4f4ckTg3dg7yeQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
strict-transport-security
max-age=15552000; preload
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
image/gif
vary
Accept-Encoding
cache-control
public, max-age=0
priority
u=3,i
expires
Wed, 21 Apr 2021 04:16:21 PDT

Redirect headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:20 GMT
via
1.1 varnish
server
Varnish
x-timer
S1619003781.997325,VS0,VE0
x-served-by
cache-hhn4037-HHN
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YIAJhAAAVGX1fgAC&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=f9c707fc-127c-4a14-9279-505dd7c0e088&tv=%7Bc:aqbc2c,pingTime:-10,time:2319,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.1v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS4xdjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS4xdk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1619003779981%7C%7C6db1a876f8974c6ecdb9d94923cef00d%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C1cf7a56bd452d5294aa5132bdf187755%7C%7Cbf78188399b1506c80a3e66f9ba24db3%7C%7C87580f419a0207dc67f8a86e6af74b88%7C%7C0ba56ff04d7b900365d55cdf569f865d%7C%7Cd1b6cc02081779e7e3596c272df0bf6c%7C%7C1614879537,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-,sca:%7Bspg:2768e81e-647f-dc59-b34a-48449a692b86%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:21 GMT
x-server-name
dt68.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
ibs:dpid=147592
dpm.demdex.net/ Frame 3FBA
Redirect Chain
  • https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=147592?dpuuid=a7f532a6-96b0-4ef1-b06f-85410476d58a-tuct7798f02
42 B
975 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=147592?dpuuid=a7f532a6-96b0-4ef1-b06f-85410476d58a-tuct7798f02
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/german-court-throws-out-challenge-against-eu-virus-recovery-fund/news-story/a6014d78ca474fc98429ca45bcc005cc?_hsmi=88974744&_hsenc=p2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.115.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-115-248.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v004-0c3092c0e.edge-irl1.demdex.com 6.2.1.20210416163652-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
ivZm0oajTSk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

x-vcl-time-ms
67
date
Wed, 21 Apr 2021 11:16:21 GMT
via
1.1 varnish
server
nginx
x-timer
S1619003781.042887,VS0,VE67
x-cache
MISS
location
https://dpm.demdex.net/ibs:dpid=147592?dpuuid=a7f532a6-96b0-4ef1-b06f-85410476d58a-tuct7798f02
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn11536-HHN
ibs:dpid=461447&dpuuid=RX-4dc5d2ac-0abb-4d96-81a6-0295f11c7a60-003
dpm.demdex.net/ Frame 3FBA
Redirect Chain
  • https://sync.1rx.io/usersync/adobe/0?dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync/adobe/0?zcc=1&dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D&cb=1619003781263
  • https://sync.targeting.unrulymedia.com/csync/RX-4dc5d2ac-0abb-4d96-81a6-0295f11c7a60-003?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3DRX-4dc5d2ac-0abb-4d96-81a6-0295f11c7a60-003
  • https://dpm.demdex.net/ibs:dpid=461447&dpuuid=RX-4dc5d2ac-0abb-4d96-81a6-0295f11c7a60-003
42 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=461447&dpuuid=RX-4dc5d2ac-0abb-4d96-81a6-0295f11c7a60-003
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.115.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-115-248.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v091-0c828e001.edge-irl1.demdex.com 5.80.8.20210419103046 0ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
8N7bkjc6Rzo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=461447&dpuuid=RX-4dc5d2ac-0abb-4d96-81a6-0295f11c7a60-003
date
Wed, 21 Apr 2021 11:16:21 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX4dc5d2ac0abb4d9681a60295f11c7a60003
content-type
text/html
/
zn7wdmojjixvhyobn-news.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		60 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zn7wdmojjixvhyobn-news.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_7WDMojjIXvhyOBn&Q_LOC=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2Fnews-story%2Fa6014d78ca474fc98429ca45bcc005cc%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.903.js?utv=ut4.46.202009280518
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a95bde68eb8372fc2b99802424611a23aedadcf9d75f83f1bccdd731a57bbd28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
377262
cf-polished
origSize=62663
edge-control
max-age=604800
x-envoy-upstream-service-time
10
vary
Accept-Encoding
cf-request-id
0995be49a000005018d4088000000001
cf-bgj
minify
server
cloudflare
x-powered-by
Express
etag
W/"f4c7-q+Q+3yh1KdC6sxz2Nc95B0en1ik"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=604800
cf-ray
6436332299065018-WAW
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021041501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7e8ab6092047d32b09b13b7ce93544c773ec4ae1d4dacc8d3ea798dff59602f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 21 Apr 2021 11:16:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6544
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 11:16:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Wed, 21 Apr 2021 11:16:21 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 49D3 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Wed, 21 Apr 2021 10:37:32 GMT
expires
Thu, 21 Apr 2022 10:37:32 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2329
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js
pagead2.googlesyndication.com/bg/ Frame 49D3 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 07:09:22 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
14819
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5687
x-xss-protection
0
expires
Thu, 21 Apr 2022 07:09:22 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021041501&jk=3984433780929436&bg=!ra6lrurNAAZUuIlwVLg7ACkAdvg8WtU0aSchdMr-TLQh02UsgnVSYj8l-LZmJfcvfucVzSpXSGJmtwIAAADNUgAAABdoAQcKAUZT0orlzjNcu78ng391_imqT5oqgo-KRjp5jPXCJclXwbzXsz9jfFTncueEnEXFCCiKIJqCjDdsoieaGN3-tixTkDdXuOXSvp-9NhtPVxt-13WoXk3AW7-8-Je0XFzPvFFcedhiA_VLv8YlElvtEH9QWwanBcvT0r8Fuu9RMf7c4iaPCVm69CNSbg1LqT7kKtxxeG4wWG4VxblE_bdkbCq96_fjWQyzNT8ELO8rBGAkKzv4N80kcQZZUBHvXi3wk06E9ABPF9ILB7N9qOD9v0NEFAR3WP5c86arzTEfDcIbH5inWhpHPL2MyWmXXoZvU9srPf5LKtVnYpsIdj8FmMrH6fVIcsdLjMbKMlFgOfhdhEuS_uB9Iry4_IOPkRpziuo-jSZkWKk3zb7va1xNT12y2JsnQJb9Tyg1bZromxM6T7mR6dQTGZkB5BhdFMVGmlZCBdyUWHW_LRxAWD3t18KXLf5YONZUvHg_RUEeNPXcKRDshc1zvdS_MkR6wYdn5BuqDiVjfCQYRS5nxDn3PboG7cii90SrVeA5U-d74E67Xw0q5j85MFgahmGrDYO2wv5SRLC1-0qpzToQTvirKhplfxRD1gmUhpZtFd8dyLsQnaBjOLLtEXXzAAn43_FL2XtLc2e-rfbjOvuz_DOkm1CdEgt8WyZr3aTjCjXa60y7lSR_kfo8auSCrEFuUGyq7nR7kIHbslG2U9DZZBdoc6WUgCMiqsmehC36IBqW20P1etdHACcyHgzRvRZNgnYmlDoYE12aaWulbClF72y_5H7RXGZThBnFZ_JwQriDADmAiXrIzv_6NCCfLCUwnEnWm3TgqJXDHLTFEBgk0uMZ-2d6y9MbxMNLOHC7j01cbu4j5PVf5I1dh-WxOS0sPxaS54NCOG6dl7xEZ5S1Qbvz8E7xw5uEXkNexr_7YBKjr95JNTnOuyEXAVekQYyfqw9oSY5s_OGiF2IiLYSdBYOASdNee-7q7om5xyqobfZdNuyek8Xcwbubgl3YEVDlQ6ePnR0ELe-weLH7f_YFueF46lWXvE5-tM_zisY-VDtj7gVwIlua0learw6C2aMfuXA
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ef96bca1-210a-9386-947b-b3361c5851f5&tv=%7Bc:aqbcWu,pingTime:5,time:5799,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:620%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5799,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:620,wc:0.0.1600.1200,ac:1124.612.300.90,am:i,cc:1124.612.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5197~100%5D,as:%5B5197~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:171,fm:svdkRt4+11%7C12%7C13%7C141%7C142%7C15.10507%7C151%7C16.10507%7C161%7C17.10507%7C171%7C18.10507%7C181%7C19*.10507%7C191%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h111%7C1i%7C1j%7C1k%7C1l,idMap:19*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:24 GMT
x-server-name
dt49.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ef96bca1-210a-9386-947b-b3361c5851f5&tv=%7Bc:aqbcWv,pingTime:5,time:5800,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:620%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5800,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:620,wc:0.0.1600.1200,ac:1124.612.300.90,am:i,cc:1124.612.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5198~100%5D,as:%5B5198~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:171,fm:svdkRt4+11%7C12%7C13%7C141%7C142%7C15.10507%7C151%7C16.10507%7C161%7C17.10507%7C171%7C18.10507%7C181%7C19*.10507%7C191%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h111%7C1i%7C1j%7C1k%7C1l,idMap:19*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:24 GMT
x-server-name
dt48.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=2768e81e-647f-dc59-b34a-48449a692b86&tv=%7Bc:aqbcXx,time:5884,type:e,env:%7Bnr_p:5%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:5884,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:448,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B5469~0%5D,as:%5B5469~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:198,fm:svdkRsX+11%7C12%7C13%7C14*.10507%7C141%7C15.10507%7C151%7C16.10507%7C161%7C17.10507%7C171%7C18.10507%7C181%7C19.10507%7C191%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h111%7C1i%7C1j%7C1k%7C1l,idMap:14*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:24 GMT
x-server-name
dt32.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=5d00300b-693c-c702-768d-2e5ed29c2cb3&tv=%7Bc:aqbcYE,pingTime:5,time:5906,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:1,h:1,t:747%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5906,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:747,wc:0.0.1600.1200,ac:1273.777.1.1,am:i,cc:1273.777.1.1,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5174~100%5D,as:%5B5174~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:173,fm:svdkRt4+11%7C12%7C13%7C141%7C142%7C15.10507%7C151%7C152%7C16*.10507%7C161%7C17.10507%7C171%7C172%7C18.10507%7C181%7C182%7C19.10507%7C191%7C192%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h111%7C1i%7C1j%7C1k%7C1l,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:24 GMT
x-server-name
dt52.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=5d00300b-693c-c702-768d-2e5ed29c2cb3&tv=%7Bc:aqbcYF,pingTime:5,time:5907,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:1,h:1,t:747%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5907,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:747,wc:0.0.1600.1200,ac:1273.777.1.1,am:i,cc:1273.777.1.1,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5174~100%5D,as:%5B5174~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:173,fm:svdkRt4+11%7C12%7C13%7C141%7C142%7C15.10507%7C151%7C152%7C16*.10507%7C161%7C17.10507%7C171%7C172%7C18.10507%7C181%7C182%7C19.10507%7C191%7C192%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h111%7C1i%7C1j%7C1k%7C1l,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:24 GMT
x-server-name
dt51.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
ping
ping.chartbeat.net/ 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2Fnews%2Fbreaking-news%2Fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2Fnews-story%2Fa6014d78ca474fc98429ca45bcc005cc&u=CvEsS44ZQzADlVryE&d=heraldsun.com.au&g=36976&g0=news%2Cbreaking-news%2Cstory%2Cno_video%2Cpc.ct.free&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=3373&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=7218&t=DS5tYeD2it2ADdYtEJC08YrxD_AWkx&V=126&tz=-120&_acct=anon&sn=2&sv=D0E982DTPhaeB_m0kHkAg1dBTH8L4&sd=1&im=06530c52&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.2.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-2-75.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 11:16:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/akam/11/29a7127
Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/staticweb/64c4f9debe4ti17991ecfa342459f501b
Domain
id5-sync.com
URL
https://id5-sync.com/c/464/108/2/6.gif?puid=002e5220-a293-11eb-a1bf-ca0a6b936eb6&gdpr=1&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

290 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| newscorpau object| LongTaskObserver object| LUX object| LUX_ae object| LUX_al object| _taboola object| utag_data object| bruce_rtget object| ads_api number| topicIndex number| LUX_t_start number| LUX_t_end function| loadjs object| TRC object| _tblConsole string| pm_pgtp undefined| msg object| _comscore function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id object| lazySizes function| udm_ object| ns_p object| COMSCORE function| Rampart function| webpackHotUpdateRampart object| __core-js_shared__ boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd string| _tb_vpx function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter function| TBClickToPlayVideo function| TBClickToPlayVideoElem function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| oi object| _pm_mcg function| parcelRequire object| placementData object| vidora function| vidoraTrackExtraElements string| nam object| app object| utag_err boolean| utag_condload object| domains object| parts string| p object| versaTag undefined| isAsync undefined| httpGetAsync undefined| parseResponse object| utag number| _sf_startpt object| _sf_async_config object| _cbq function| Nielsen_Event object| trac function| _tealium_old_error boolean| __tealium_twc_switch object| newskey object| nb function| Krux object| auth object| _tfa object| sectionData number| _sf_endpt object| unruly number| gptPluginLoaded object| vidora_ns object| cmTag object| m boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_DATA_URL object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv object| nn object| ads_core object| ads_extra object| googletag string| nk function| ad_tl_cb number| PREBID_CONV_RATE number| PREBID_TIMEOUT object| __iasPET object| kw_ignore string| CE_USER_COMMON_SCRIPT_URL string| ZN_7WDMojjIXvhyOBn_ed string| ZN_7WDMojjIXvhyOBn_sampleRate string| ZN_7WDMojjIXvhyOBn_url function| clsn object| dicnf function| btrp function| pdib3 function| vv function| stcc object| metrics object| mready object| mconfig function| AppMeasurement function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_Media object| adobe function| Visitor object| s_c_il number| s_c_in object| s number| sp object| domainArray object| visitor number| s_objectID number| s_giq function| DIL number| width number| height function| pbjsChunk object| pbjs object| _pbjsGlobals function| AppNexusPrebidAnalytics object| ggeac object| google_js_reporting_queue object| ncg_data object| GlobalSnowplowNamespace function| _ncg_snowplow object| Snowplow string| matchId object| NOLCMB function| NolTracker function| nol_t function| logger undefined| _rsCC undefined| _rsCG undefined| _rsDN undefined| v52v53_pvar undefined| v52v53_trac undefined| _rsEvent undefined| _rsLinkTrack undefined| _rsClick object| V60 object| NOLBUNDLE object| CE2BH function| omrhp object| diagPixSentCodes object| __iasAdRefreshConfig object| versaTagObj object| EBG object| EBGVT object| EBGUIP string| EBservingMode object| gEBMainWindow object| providersData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| ads_ready number| google_srt function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_companion_error string| ptclString function| _typeof object| ns object| paramsPassed object| stateObject string| BUILDVERSION object| stateEvents object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| gaGlobal object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired string| s_tnt string| f0 object| s_i_newscorpau-hsweb_newscorpau-global undefined| oneTagObj function| ebDecode object| bsResponseObj function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| __IntegralASExec object| GoogleGcLKhOms object| tbopt object| QSI object| WAFQualtricsWebpackJsonP-cloud-1.48.0 object| google_image_requests

13 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUn9YdK1MzV0TRnQK7bP4DBKaszF-IDycOCkQxK4jrbkiXCgXI4AMYSRIX9ij_8
.adsrvr.org/ Name: TDID
Value: d3b873c5-c50d-4a75-bb4e-a49c4562463d
.imrworldwide.com/ Name: IMRID
Value: ffac02c0-a292-11eb-8547-53b756adb8d1
.imrworldwide.com/ Name: SSCVER
Value: v1
www.heraldsun.com.au/ Name: AWSALB
Value: FU+dPchos01FQ9HujiAz8E5QteREgocdSF31p/ccl1zvKFP+nSi4JMA5XMKq6/ODSOda6N2FHS0Y+j93MqFl3BD28dj8X1P18wkgyUzLQHJ9qoYU/9YNst59vB/X
.demdex.net/ Name: dextp
Value: 481-1-1619003778460|771-1-1619003778593|903-1-1619003778721|19566-1-1619003778822|23728-1-1619003778925|30432-1-1619003779170|30064-1-1619003779472|66757-1-1619003779639|134096-1-1619003779773|144230-1-1619003780069|144231-1-1619003780190|144232-1-1619003780316|144233-1-1619003780425|144234-1-1619003780552|144235-1-1619003780662|144236-1-1619003780774|144237-1-1619003780909|147592-1-1619003781017|461447-1-1619003781129
.demdex.net/ Name: demdex
Value: 25608324420206768421732963430337096463
www.heraldsun.com.au/ Name: AWSALBCORS
Value: FU+dPchos01FQ9HujiAz8E5QteREgocdSF31p/ccl1zvKFP+nSi4JMA5XMKq6/ODSOda6N2FHS0Y+j93MqFl3BD28dj8X1P18wkgyUzLQHJ9qoYU/9YNst59vB/X
.heraldsun.com.au/ Name: s_ppv
Value: https%253A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgerman-court-throws-out-challenge-against-eu-virus-recovery-fund%2Fnews-story%2Fa6014d78ca474fc98429ca45bcc005cc%253F_hsmi%253D88974744%2526_hsenc%253Dp2ANqtz--a48GavbMQClbD1Rni3NMG-VN9elfzyJngACoiwdE7b7ULBdI7UB3FS8qz99cGMl7NfDfEZc2SPkSCdLGZirMWXv30Nwd3aPgIwRImSHCHljS3Zac%2C36%2C36%2C1200
.adsrvr.org/ Name: TDCPM
Value: CAESEgoDYWFtEgsIkI22s52wwjkQBRgBIAEoAjILCJCFueCzsMI5EAU4AVoDYWFtYAI.
.heraldsun.com.au/ Name: tp
Value: 3373
.taboola.com/ Name: t_gid
Value: a7f532a6-96b0-4ef1-b06f-85410476d58a-tuct7798f02
.heraldsun.com.au/ Name: nk
Value: f0438412004a727eaba0ac78fb9d77ca

8 Console Messages

Source Level URL
Text
console-api debug URL: https://info.silobreaker.com/e2t/tc/VX5zZg1gp8x2VCFB3550K860W3cF4jk4qG9qBMtGxl94Zc_rV3Zsc37CgT_JW17K2Qq9bPlJYW5R5dL59dVMXjW7z-4jR9b6FJDW4bq-V53tgQKTW8tHLRZ4dVxJjW5X0jSY1MnH23N2Ts1rMG0YF6W5tLSH572LsF8W1rrqm21l2bM6W6l0p7x81P3BfVl-fyg7tH-J6W2twwz68WDTNqW3r3Bvd3wKftsW5mr3fg2nf_gbW2VrGt93gjLQWW5tMRfB44zcX6W5vnz4C3mlJXwW5zdPZ94CZBQqW4KbNLY9jN6pzW22Y5Fy33S5RCLgX7x4K5nLW1lHk3C203SmzW6tWr4W5p1QgyW6kk-wR1gZbJ9W41hz-Y5HRKNnW29W_mF8dZnzDW11CY2f1MJSJ3W5tT3LY43lPrmW3v12rz8QQHpsW26Rn-Y7LSPN4W9jCfzd8Y_JW9W8V1Z8L2hdS2KW6HJRFm8qzlHwW18nlDw68njy634fF1(Line 13)
Message:
toS
console-api log URL: https://cdn.taboola.com/libtrc/impl.20210420-3-RELEASE.js(Line 3)
Message:
Exit TRCRBox.loadScriptCallback(retry=0): no items in response - thumbnails-bc-desktop-article-02-native
console-api log URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js(Line 3)
Message:
vidora-client 1.3.4 4a354580d3cf929b5a8a7d86ed03be7f4218d021
console-api log URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js(Line 1)
Message:
%c Vidora API finished initializing! background: #222; color: #b9da52
console-api log URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js(Line 18)
Message:
UTRACK loaded (from tealium)
console-api log URL: https://tags.news.com.au/prod/tad/tad.js(Line 6)
Message:
AD CORE ERROR: TypeError: Cannot read property 'disc.segments' of null
console-api log URL: https://tags.news.com.au/prod/tad/tad.js(Line 6)
Message:
AD CORE ERROR: 18 function(e,a){var d=e.localStorage;d["disc.segments"]&&(a.ad_audi_segs=d["disc.segments"].split(",")||[])}
console-api debug URL: https://static.adsafeprotected.com/sca.17.5.1.js(Line 32)
Message:
a: 0.002197265625 ms

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0316522e3603390df187489bd7e0b6e5.safeframe.googlesyndication.com
15.taboola.com
8228261.fls.doubleclick.net
acdn.adnxs.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
adservice.google.pl
am-vid-events.taboola.com
analytics.twitter.com
assets.vidora.com
au-gmtdmp.mookie1.com
au.tags.newscgp.com
beacon.krxd.net
bh.contextweb.com
bs.serving-sys.com
bttrack.com
cdn-gl.imrworldwide.com
cdn.adsafeprotected.com
cdn.speedcurve.com
cdn.taboola.com
ce.lijit.com
cm.everesttech.net
cm.g.doubleclick.net
content.api.news
d.turn.com
dis.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
dt.scanscout.com
e1.emxdgt.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image5.pubmatic.com
images.taboola.com
imprammp.taboola.com
info.silobreaker.com
insight.adsrvr.org
js.adsrvr.org
login.newscorpaustralia.com
match.adsrvr.org
metrics.heraldsun.com.au
mhr.talk.news.com.au
newscorpau.demdex.net
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.adsafeprotected.com
pixel.advertising.com
pixel.rubiconproject.com
ps.eyeota.net
px.ads.linkedin.com
px4.ads.linkedin.com
resourcesssl.newscdn.com.au
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
rxhzybjbkyyvqnttfgu5o6femnfph1619003777.nuid.imrworldwide.com
s.c.appier.net
sb.scorecardresearch.com
script.crazyegg.com
seccdn-gl.imrworldwide.com
secure-dcr.imrworldwide.com
secure-ds.serving-sys.com
secure-gl.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
snap.licdn.com
ssum.casalemedia.com
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.search.spotxchange.com
sync.taboola.com
sync.targeting.unrulymedia.com
t.co
taboola-supply-partners.tremorhub.com
tags.bluekai.com
tags.news.com.au
tags.tiqcdn.com
token.rubiconproject.com
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
ts2020-indies-client.web.app
u.openx.net
us-u.openx.net
use.fontawesome.com
usermatch.krxd.net
vidstat.taboola.com
widget.perfectmarket.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.heraldsun.com.au
www.linkedin.com
x.bidswitch.net
zn7wdmojjixvhyobn-news.siteintercept.qualtrics.com
id5-sync.com
login.newscorpaustralia.com
104.109.77.38
104.111.230.77
104.111.247.190
104.17.208.240
104.244.42.133
104.244.42.3
108.174.10.14
13.224.100.124
13.224.102.14
13.224.102.69
141.226.228.48
142.250.185.98
142.250.186.34
142.250.74.194
15.237.76.117
151.101.1.195
151.101.113.108
151.101.114.217
151.101.114.49
151.101.13.181
172.105.213.147
172.217.18.98
172.217.23.102
178.250.2.151
18.159.8.206
18.184.153.186
18.195.155.181
18.210.140.68
184.30.20.111
184.30.20.190
184.30.20.198
184.30.20.241
184.30.24.190
185.64.190.80
185.86.137.110
185.94.180.126
192.132.33.46
198.148.27.139
199.127.207.180
199.232.136.157
199.232.137.44
199.60.103.254
2001:678:cb4:bbbb::13
213.19.147.45
23.111.9.35
23.20.2.75
23.45.110.176
2600:1f18:612b:4264:7c39:f94b:b1fb:416c
2600:9000:206f:3c00:18:1fcd:34e:d2a1
2600:9000:211e:3400:4:77d:a0c0:93a1
2600:9000:211e:8c00:1d:667e:2a40:93a1
2600:9000:2190:1000:1e:a43d:b640:93a1
2600:9000:2190:2600:2:42d9:3100:93a1
2606:4700::6813:9408
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2a00:1450:4001:802::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2008
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:827::2002
2a00:1450:4001:82b::2004
2a02:26f0:7100:1bd::25ea
2a03:2880:f113:81:face:b00c:0:25de
34.246.53.122
34.252.115.248
34.254.85.82
35.156.245.144
35.227.202.26
35.244.159.8
37.252.173.22
52.50.19.208
52.57.150.20
54.171.87.152
54.174.17.129
54.194.191.134
54.246.217.185
54.72.19.162
54.76.195.29
69.173.144.165
72.251.249.14
82.199.68.72
99.86.2.49
00124834b3ad87802397a877f139fdff636e38728829f712e8bd78cff99e648d
03cce1892cbfca0c35fe3b1f64307db1269f452bc8eb983a654d68166bfb57c0
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f
0574e172e3545369b75a00ab474444ad0b84bc2c6dd4f93c302d19d5c555fecc
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c
086433d5d4f7633cf877ffde268196f5fd9e15e0a9098f51468124fe96f5a659
0909bafa804131db2f7e58c3f810a9df87603b094dc90f7d36421f52d0b8f185
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ccdbb11576c58a93fd6a0ab6c65ceb939b164163050bfbdd8684a84dabb51e2
0ed547e40ec78fbc5f46555843234e6f794734ded7ef732dc00cac6437f5612d
0f961c62a5d3faf422bafd5ce3c490a54b95c68a1bb5aaca37b66a8257fe02ea
10378baeb5aa20759b13d322c2b79b5f447a05d35ab83bd641ea3f3a0cc5785f
1064ddcbdb0bd8fe55ca8f9a8615eeeb0660e990eb28aa424bb786c6569ba084
1136fd8d6ff6f21847aab9abfab903a5a0e2f26a6f621f34af563def44ceb81c
1173ff74d3bff944e1165a5bc72d7a122b3e80a12a67d9c7e21ee724a589c252
12a174500222f25e802175d5cf739d6ed5aeb7ad9812cbfe18b97992d6692a89
134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f
174b9a58c7e4e80c420d329af6a87671f2a602c1878580298a832034adfe155a
1a8bc2ff14c32714cbf0dae8a0d4913eda0305acbe7019242cac29ba1e25dfa5
1fa06bea7bb296b456d46727e9b3a4a62cbfb2901247b9f93434c4cb3b7fbd18
20a92e0b26344a7f59c3f8ef449e73001feb8198ecd48081bcc38d7f6d48c2c5
21684099693050fe6fecb937bb35c94dac2dc990158ed38a53d44ae28fd9c6e8
2403afc06bd8c89600aa4b84e4bf42f573dcf852ecf6057a864ee33b354f0918
28efd6fe192789ec933ddd5421da0d4d86ebeb1caf0a1cefeb1556e2a7f8b119
2a87453753b5611e7806718ec99a837dc8068d9eb20b4b6b3bb0d38ee2bd84d4
32fc280ccf71211c5f1e27bb7c9d61277c5dcf187fa34d14de3bcaa630911b8f
32feae1eaa46d369fe0a42d46b7e90a05cce2cdb8dc87c4dde67315e0d2a26f0
387196e3e7af3f2ccfe870f225d8c411c26f2a6cb8b46b6a7059dae09489db07
3883ff2a5b46193da5464f5ae5fb94169d1361cfecedbd187439d459dc669f31
38eda9e0855906ad4437951acbb23ef4eb4834f37bc083dd0e7f65e548f9d9bb
392921766f874a7d395e64acfd9a328aff6de0b1aa63ceea0e06d5c8f9f4be68
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3a73ab7703a12dfbfc3cdd4c15e8f0deddcb105e07315987570a4be043bc8076
3dbc8989d735635bcfcdcda0c5026cce3b4a9bbad66dffd90348b6713ae9b687
411ceefb13751f41ab6e23d2ef2dcf697ca653146ab0ac8df277245cc8b73498
4379b5695f319d7ad15e6c86346e9117f0b4f4a8d4bcbab18aa840fd9e6d900a
46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33
4754c1f1fb712883286295c92774dddebef215996cfdfab9fd972d265473f025
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c24602f4466734b682caa9745add76e5e77dc3d3ae0c86b8f9311547f6d66dc
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f196089707771e3b680d40beaae3c670013268197a1441522f2a90c16ccc583
54138d578ed166d5381db70b3dd14a16830233553b6e4213402bae2fdb0564b4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
560ff2564fbf2bef305cf0e9533c4db2671c96297d978fd31ac0310727fe455f
5612fb7531e5a53d1cc83d3cc588cbb7bfab4eace29c0cd8cb11b7c19bdf9ec5
584ebca28b361c3381c686b75b71c2cb4cdc074bc0ba6e44980c9db33c5cdf1c
597e90496a257576c42b322d81a9f3c5f8907289b68729bf1c672155bd8668db
59bf4920a322377c761eec2dba5b7de57b64267e82b0d3a7e9fafcfd4a954e34
5be25b59bb21ab37e81a59a9f9787bb67beca15cf5905be8620721268dedf7d2
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
6068303ea296ff2d659dba397063c4a146aab9bdc82451f431af904a9eafb692
66f7324ad1295c82b8f851cb3d1924fb93b74be1bbc9efb7d71567fb43806d92
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
69db8b2a48ae184507608101447b27c415dadec9f5c7265aec3c2633da5c6128
6a8603621417c74537a3b74847c48ebd98f0f4a5457ddeecc0ef194a73a4405f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d90199995b493e006d03ef62d624e59120a272ed586ff1496bd7a5c38ccb3fe
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
75481bc06d1b02e50fd1cc921a7838e3af6caa9b8c0745b50182ebf29f195e20
7a535ddfce332ddb2cb976b65cb423a3ed725c90d37779bbd5c49a88387da047
7ad835c4747bb13fd0aba70ccdf79f30275af189e93d6e0b3c3bd7e53237c1a3
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7d3b3438836ac6bb19ba30225b2cc9738f6f9330e64f30fd95b7c9608c60f7cb
7fd1737f4343dbfc7a9b915eaf41e30b6f114d254d7043d13b4faa370a36589c
81305ef42d3694d3216f5e4f1c03688c9973df425452298c4f5a63525f85d18f
82149dfc1580c3dccc7dee99c246b62ea13ded27b89c0b79a803fd824c5f9226
82ef85db9124f8188c2c8c03a4ad9a0918591f752994d8ec228331c715ecac86
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
843b6a1b611f1736a75913ef5f29a81cfd6e12677de275ce9a4c666b604856dc
884e7a71e6fef3883866981a05a4aa1f19291212581b722377c7359753ea725b
89868194e8809928df37974211d2477ad0723d6aee71386fb438b3e939eb5bce
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a664c52ed0812e52cf11821b63f49f98a06808dbb69bb97c1a4bf432f53ffb8
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e0cf75c2cfcb35edbce8e01875f1690dc3ffbfbb3eff4f3e02f69da5a5d6846
919a09d45286a3828a624e7dae7c7ee6b964ba70339274d8e333c5aaaf9c9ec9
9635d0c2ad301f4b79011b25ef35cc869b3dc344a04beabfd886d7f1fb02ed4a
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
984af48e7efc952d96c92943d3dc213bfc599182fac15dfb9409eaa655b38f34
9a32bed4e81651c9c81c8d7a215a2f5cfbdec52ea96a40e2866a6864842e6ee6
9a800184984f1b83249bc6652a9b8eb9e31af36324a446fd22e7ff92eba75ce3
a059ea9f3f1dda839dbd3677cc33e78beac320e48daab29b1d89ff0a4e90cc42
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a463642be10b44d2068da2b7c31e2452ffbf3304a5c3034d92cf136268e2b633
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a95bde68eb8372fc2b99802424611a23aedadcf9d75f83f1bccdd731a57bbd28
a97178289ab863f2a651270e3ab1e833c4eee79e09b494e70be273047956a67e
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3
acfb1f0de15111045cdd0e765b51a974602fed8d35459a3fad5e1b02d09b7dba
ad3f914f571d99c1e4c56e1deb974e6605ce3c912908ab8d0cc98579d1dc1cdd
aeff34d9a1c253a230b7436d1f8798f9d4d096c0dd88ac2983997dce9ef88508
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2e3e0af1df28c35b102bbb29ccb3f878cb77bd09b87273e3e8a654427abe5bd
b30a55ce288da3b4cb2e3b7f032d7c9ae7d8e680b9e5a26403be805414ed3009
b57ea42d6f189deb85463d41a421c1b3cc4d16f30348f68bcd206d9f398fb86a
b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86
b86d21583dd3952914d7ba83e83871fae6d2b3f7d99e6bfaca3f19b8d961f8b2
b968a934b6b338adf51db6dc1387e7743122f577cf54df476590016f23ace614
bddd4b9194c4d1cd2b410bfb005acbf1b5bdcca672b1e0dd4f0aee62c83a5cbb
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c58db10d9c36b130397bf9392498e01dd89291e18ee6b1acd6d345fb828eac04
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6b30be9e2ecab19294bbf313c1b95df4ef35c8299bbabfd6e4ec67d95a12376
c7a8d4e8c6cad88c36def71504911446af10622eddf2c23004e9cb586fcd7db6
c8a537f5a46497159b1de673a5f5a3b0b94c905f3fd530dfe7f13f877ea2543e
c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9
cf1dee5a271962ec5c25e0576bd29107e5a47bc38ce5caa0dad95d81481307fd
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0bfefba0e699b77fc665e11e791631d5773acbfd215098e31fa6b72d3a6cafc
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d5ba954163b526260314b95b75779981e8bc6645c4b3a7bd40cede3ba2799c80
d84683bdebf7614e528f8d065fb5843e43de8fb3236db08f9a38dcb3923f233b
d99dce007ef306d7378dfcd9358d66c31082f58269098ea17a759e07a19b8e4c
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0
da4a1d4ba12a076c74c945f31251f810261b63fdb150a945ee3c831a83bf4e81
db7312edae68f0ca75799fdd032ecaebed3971a3f733fd025718ed9b1e96f950
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
df577ca20f9ec2e560a642708a5a4321affbfa8370863010a17a858fb73f9a41
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6517ffa937a32d182f149b96693cd7c73af6c3db38018caf99c09d05ac3a723
e67ef7de5bd2fa2db0f156a72f62b8120f29c69ac85be83c5ac2ad0d2ede9a3b
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596
e6bde6c40cf42f781d4447abb8a45409f436534b9a50f7cdc031aa30832d675c
e7e8ab6092047d32b09b13b7ce93544c773ec4ae1d4dacc8d3ea798dff59602f
ecc18d5c60efc39097843e3f258303635aef5e6c15df6f8c577e2736eed82556
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ee8afc1f66b6fd301631ac9d670ffc94d3f6b50a628d3eae5738af919820e423
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
efcd038fff3becbe148fefb893ed26081fd0d8e7293fcd49d470c13fcd522e02
efefe003b31aafa99c1b642f5a976b1aae13940e44bc837df4607708c9d2cdd8
f08fd9ca9e8c01cc6ca0da3239d2c649d1983d0fe3caa52a53900bd62d706659
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
f311b902fe391f051be176003e0c74f38898a540afbdd262c60498052ba3a806
f3ee7f733586379df35b59416987e636427861079c0780e08be2feff3c2af0a1
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903
f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d
f6f9b28ce46bc46d6dc12b7a3e09437e46b159144cf7ea835cfd4702cad05ad8
fee8a5ad9046ca5e00c3fb2711a288126336c3bf2850ecdeff348e74b7343ade