www.heraldsun.com.au Open in urlscan Pro
2.18.233.28 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.heraldsun.com.au/
Effective URL:
https://www.heraldsun.com.au/?nk=438545d00038fe8840b1209781ad4d2d-1615180561
Submission: On March 08 via api (March 8th 2021, 5:16:31 am UTC) from US

Summary HTTP 295 Redirects Links 54 Behaviour Indicators

Summary

This website contacted 82 IPs in 8 countries across 63 domains to perform 295 HTTP transactions. The main IP is 2.18.233.28, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.heraldsun.com.au.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 25th 2021. Valid for: a year.

This is the only time www.heraldsun.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 30	2.18.233.28 2.18.233.28	16625 (AKAMAI-AS) (AKAMAI-AS)
1 8	2.18.233.169 2.18.233.169	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.14.217 151.101.14.217	54113 (FASTLY) (FASTLY)
9	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
1	2a04:fa87:fff... 2a04:fa87:fffd::c000:42d0	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2600:9000:20d... 2600:9000:20d7:ca00:1e:c291:240:93a1	16509 (AMAZON-02) (AMAZON-02)
11	104.75.88.206 104.75.88.206	16625 (AKAMAI-AS) (AKAMAI-AS)
2	52.95.128.2 52.95.128.2	16509 (AMAZON-02) (AMAZON-02)
1	52.95.132.207 52.95.132.207	16509 (AMAZON-02) (AMAZON-02)
2	151.101.1.181 151.101.1.181	54113 (FASTLY) (FASTLY)
1 3	104.108.64.33 104.108.64.33	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
1 6	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
10	104.108.60.35 104.108.60.35	16625 (AKAMAI-AS) (AKAMAI-AS)
4	184.24.9.204 184.24.9.204	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.65.195 151.101.65.195	54113 (FASTLY) (FASTLY)
2 5	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20d... 2600:9000:20d7:6000:18:1fcd:34e:d2a1	16509 (AMAZON-02) (AMAZON-02)
17	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1 2	2600:9000:21f... 2600:9000:21f3:f000:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:20d... 2600:9000:20d7:5200:2:42d9:3100:93a1	16509 (AMAZON-02) (AMAZON-02)
1	65.9.187.22 65.9.187.22	16509 (AMAZON-02) (AMAZON-02)
3 3	18.195.240.234 18.195.240.234	16509 (AMAZON-02) (AMAZON-02)
2 8	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
2 5	37.252.173.62 37.252.173.62	29990 (ASN-APPNEX) (ASN-APPNEX)
2 4	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	52.50.156.162 52.50.156.162	16509 (AMAZON-02) (AMAZON-02)
1 2	216.52.2.39 216.52.2.39	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	185.86.137.132 185.86.137.132	201081 (SMARTADSE...) (SMARTADSERVER)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	172.105.235.90 172.105.235.90	63949 (LINODE-AP...) (LINODE-AP Linode)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
3 3	35.157.13.124 35.157.13.124	16509 (AMAZON-02) (AMAZON-02)
1	13.226.159.6 13.226.159.6	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20d... 2600:9000:20d7:7e00:4:77d:a0c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	23.79.147.42 23.79.147.42	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.29.60.203 52.29.60.203	16509 (AMAZON-02) (AMAZON-02)
1 14	52.208.123.229 52.208.123.229	16509 (AMAZON-02) (AMAZON-02)
2	52.4.50.244 52.4.50.244	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	52.208.139.62 52.208.139.62	16509 (AMAZON-02) (AMAZON-02)
2	15.237.76.117 15.237.76.117	16509 (AMAZON-02) (AMAZON-02)
1 1	34.250.153.194 34.250.153.194	16509 (AMAZON-02) (AMAZON-02)
13	99.80.67.138 99.80.67.138	16509 (AMAZON-02) (AMAZON-02)
1	80.252.91.53 80.252.91.53	15830 (EQUINIX-C...) (EQUINIX-CONNECT)
8	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1 1	46.228.164.13 46.228.164.13	56396 (TURN) (TURN)
2	13.226.146.155 13.226.146.155	16509 (AMAZON-02) (AMAZON-02)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
1	2a02:26f0:6c0... 2a02:26f0:6c00:296::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	151.101.13.108 151.101.13.108	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
3	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	35.227.202.26 35.227.202.26	15169 (GOOGLE) (GOOGLE)
3	185.33.221.89 185.33.221.89	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	2620:119:50e3... 2620:119:50e3:101::6cae:b45	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
12	54.220.184.54 54.220.184.54	16509 (AMAZON-02) (AMAZON-02)
2	54.246.196.56 54.246.196.56	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20d... 2600:9000:20d7:3200:1d:667e:2a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
24	104.244.36.20 104.244.36.20	7415 (ADSAFE-1) (ADSAFE-1)
1 1	199.127.207.182 199.127.207.182	26120 (RHYTHMONE) (RHYTHMONE)
2	52.50.124.20 52.50.124.20	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1 1	3.125.70.222 3.125.70.222	16509 (AMAZON-02) (AMAZON-02)
1 1	18.213.190.7 18.213.190.7	14618 (AMAZON-AES) (AMAZON-AES)
1	54.171.91.151 54.171.91.151	16509 (AMAZON-02) (AMAZON-02)
1 1	104.108.41.56 104.108.41.56	16625 (AKAMAI-AS) (AKAMAI-AS)
8 8	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2a03:2880:f14... 2a03:2880:f145:82:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3 3	213.19.147.150 213.19.147.150	3356 (LEVEL3) (LEVEL3)
295	82

30 2.18.233.28 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-28.deploy.static.akamaitechnologies.com

www.heraldsun.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
content.api.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mhr.talk.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.18.233.169 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-169.deploy.static.akamaitechnologies.com

tags.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.speedcurve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffd::c000:42d0 (Ireland)

ASN2635 (AUTOMATTIC, US)

origin.go.heraldsun.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20d7:ca00:1e:c291:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

s1.rui.au.reastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.75.88.206 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-206.deploy.static.akamaitechnologies.com

resourcesssl.newscdn.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.128.2 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-southeast-2.amazonaws.com

news-networkeditorial.s3-ap-southeast-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.95.132.207 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-2.amazonaws.com

s3-ap-southeast-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.181 (United States)

ASN54113 (FASTLY, US)

widget.perfectmarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.108.64.33 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-64-33.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.35 (United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.13.44 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.108.60.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-60-35.deploy.static.akamaitechnologies.com

login.newscorpaustralia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.24.9.204 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-9-204.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.195 (United States)

ASN54113 (FASTLY, US)

ts2020-indies-client.web.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.166 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
8228261.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20d7:6000:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:f000:1e:a43d:b640:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:20d7:5200:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
seccdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.187.22 (United States)

ASN16509 (AMAZON-02, US)

au.tags.newscgp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.195.240.234 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 141.226.228.48 (Netherlands) 2 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.148.27.139 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.173.62 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.23.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.50.156.162 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.39 (United States) 1 redirects

ASN29791 (VOXEL-DOT-NET, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.132 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.105.235.90 (Tokyo, Japan) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)

s.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.157.13.124 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-6.dus51.r.cloudfront.net

cdn.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20d7:7e00:4:77d:a0c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.vidora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.79.147.42 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.60.203 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

uconnect.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 52.208.123.229 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.4.50.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.139.62 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

newscorpau.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.237.76.117 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-76-117.eu-west-3.compute.amazonaws.com

metrics.heraldsun.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.153.194 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 99.80.67.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.252.91.53 (Amsterdam, Netherlands)

ASN15830 (EQUINIX-CONNECT, GB)

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

98556657706bc6f7d2f73bcf07ab4e7f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.13 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.146.155 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-146-155.dus51.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:296::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.202.26 (Kansas City, United States)

ASN15169 (GOOGLE, US)

au-gmtdmp.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.89 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e3:101::6cae:b45 (United States) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 54.220.184.54 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.246.196.56 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

secure-dcr.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20d7:3200:1d:667e:2a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

pnoalycbxgwqwvvpo0nekqvy45e6k1615180565.nuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

image5.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 104.244.36.20 (United States)

ASN7415 (ADSAFE-1, US)
PTR: nyidt.adsafeprotected.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.127.207.182 (United States) 1 redirects

ASN26120 (RHYTHMONE, US)

dt.scanscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.50.124.20 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-124-20.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.125.70.222 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.213.190.7 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.91.151 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.41.56 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.14.49 (Frankfurt am Main, Germany) 8 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (United States) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f145:82:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.150 (United Kingdom) 3 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	adsafeprotected.com cdn.adsafeprotected.com pixel.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	568 KB
28	doubleclick.net 4 redirects ad.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net 8228261.fls.doubleclick.net googleads.g.doubleclick.net	149 KB
26	googlesyndication.com pagead2.googlesyndication.com 98556657706bc6f7d2f73bcf07ab4e7f.safeframe.googlesyndication.com tpc.googlesyndication.com	85 KB
24	taboola.com 3 redirects cdn.taboola.com trc.taboola.com sync.taboola.com match.taboola.com sync-t1.taboola.com cds.taboola.com trc-events.taboola.com	164 KB
17	heraldsun.com.au 3 redirects www.heraldsun.com.au origin.go.heraldsun.com.au metrics.heraldsun.com.au	626 KB
15	demdex.net 1 redirects dpm.demdex.net newscorpau.demdex.net	19 KB
15	api.news content.api.news	363 KB
11	imrworldwide.com 1 redirects secure-gl.imrworldwide.com cdn-gl.imrworldwide.com seccdn-gl.imrworldwide.com secure-dcr.imrworldwide.com pnoalycbxgwqwvvpo0nekqvy45e6k1615180565.nuid.imrworldwide.com	76 KB
11	newscdn.com.au resourcesssl.newscdn.com.au	74 KB
10	newscorpaustralia.com login.newscorpaustralia.com	12 KB
9	google.com adservice.google.com www.google.com	1 KB
9	everesttech.net 9 redirects cm.everesttech.net sync-tm.everesttech.net	2 KB
9	adnxs.com 2 redirects ib.adnxs.com acdn.adnxs.com secure.adnxs.com	10 KB
9	news.com.au 1 redirects tags.news.com.au mhr.talk.news.com.au	213 KB
7	googletagservices.com www.googletagservices.com	229 KB
7	adsrvr.org 3 redirects match.adsrvr.org js.adsrvr.org insight.adsrvr.org	6 KB
4	google.de adservice.google.de www.google.de	915 B
4	tiqcdn.com tags.tiqcdn.com	21 KB
3	casalemedia.com 2 redirects ssum.casalemedia.com dsum-sec.casalemedia.com	2 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	googleadservices.com www.googleadservices.com	41 KB
3	serving-sys.com secure-ds.serving-sys.com bs.serving-sys.com	21 KB
3	bidswitch.net 3 redirects x.bidswitch.net	1 KB
3	pubmatic.com simage2.pubmatic.com image5.pubmatic.com image2.pubmatic.com	2 KB
3	rubiconproject.com pixel.rubiconproject.com token.rubiconproject.com	692 B
3	mfadsrvr.com 3 redirects rtb.mfadsrvr.com	2 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	amazonaws.com news-networkeditorial.s3-ap-southeast-2.amazonaws.com s3-ap-southeast-2.amazonaws.com	38 KB
2	1rx.io 2 redirects sync.1rx.io	1 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	openx.net 1 redirects us-u.openx.net	470 B
2	krxd.net 1 redirects usermatch.krxd.net beacon.krxd.net	528 B
2	googletagmanager.com www.googletagmanager.com	78 KB
2	chartbeat.net ping.chartbeat.net	337 B
2	lijit.com 1 redirects ce.lijit.com	1018 B
2	contextweb.com 1 redirects bh.contextweb.com	826 B
2	perfectmarket.com widget.perfectmarket.com	32 KB
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	591 B
1	facebook.com www.facebook.com	246 B
1	bluekai.com 1 redirects tags.bluekai.com	834 B
1	eyeota.net 1 redirects ps.eyeota.net	418 B
1	twitter.com analytics.twitter.com	651 B
1	scanscout.com 1 redirects dt.scanscout.com	692 B
1	t.co t.co	448 B
1	mookie1.com au-gmtdmp.mookie1.com	609 B
1	licdn.com snap.licdn.com	2 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	turn.com 1 redirects d.turn.com	402 B
1	tealiumiq.com uconnect.tealiumiq.com	454 B
1	vidora.com assets.vidora.com	4 KB
1	bttrack.com bttrack.com	380 B
1	appier.net 1 redirects s.c.appier.net	361 B
1	criteo.com 1 redirects dis.criteo.com	483 B
1	emxdgt.com e1.emxdgt.com	59 B
1	adkernel.com dsp.adkernel.com	233 B
1	smartadserver.com rtb-csync.smartadserver.com	697 B
1	newscgp.com au.tags.newscgp.com	48 KB
1	chartbeat.com static.chartbeat.com	23 KB
1	web.app ts2020-indies-client.web.app	3 KB
1	fontawesome.com use.fontawesome.com	13 KB
1	reastatic.net s1.rui.au.reastatic.net	9 KB
1	speedcurve.com cdn.speedcurve.com	7 KB
0	exelator.com Failed loadus.exelator.com Failed
295	63

	Domain	Requested by
24	dt.adsafeprotected.com	www.heraldsun.com.au
21	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
15	securepubads.g.doubleclick.net	tags.tiqcdn.com securepubads.g.doubleclick.net www.heraldsun.com.au www.googletagservices.com
15	content.api.news	www.heraldsun.com.au
14	dpm.demdex.net	1 redirects www.heraldsun.com.au tags.news.com.au
14	www.heraldsun.com.au	3 redirects www.heraldsun.com.au
13	pixel.adsafeprotected.com	cdn.adsafeprotected.com www.heraldsun.com.au
12	static.adsafeprotected.com	pixel.adsafeprotected.com www.heraldsun.com.au
11	resourcesssl.newscdn.com.au	www.heraldsun.com.au ts2020-indies-client.web.app
10	login.newscorpaustralia.com	www.heraldsun.com.au login.newscorpaustralia.com
8	sync-tm.everesttech.net	8 redirects
8	cdn.taboola.com	www.heraldsun.com.au cdn.taboola.com
8	tags.news.com.au	1 redirects tags.tiqcdn.com au.tags.newscgp.com
7	www.googletagservices.com	securepubads.g.doubleclick.net
6	www.google.com	securepubads.g.doubleclick.net www.heraldsun.com.au
6	trc.taboola.com	1 redirects cdn.taboola.com www.heraldsun.com.au
5	ib.adnxs.com	2 redirects www.heraldsun.com.au
5	cdn-gl.imrworldwide.com	www.heraldsun.com.au seccdn-gl.imrworldwide.com secure-gl.imrworldwide.com cdn-gl.imrworldwide.com
4	8228261.fls.doubleclick.net	2 redirects www.heraldsun.com.au
4	pagead2.googlesyndication.com	ad.doubleclick.net securepubads.g.doubleclick.net tpc.googlesyndication.com
4	cm.g.doubleclick.net	2 redirects www.heraldsun.com.au
4	sync.taboola.com	2 redirects www.heraldsun.com.au
4	tags.tiqcdn.com	www.heraldsun.com.au tags.tiqcdn.com
3	www.google.de	www.heraldsun.com.au
3	googleads.g.doubleclick.net	www.googleadservices.com
3	secure.adnxs.com	www.heraldsun.com.au
3	www.googleadservices.com	secure-ds.serving-sys.com www.googletagmanager.com
3	adservice.google.com	securepubads.g.doubleclick.net 8228261.fls.doubleclick.net
3	x.bidswitch.net	3 redirects
3	match.adsrvr.org	3 redirects
3	rtb.mfadsrvr.com	3 redirects
3	sb.scorecardresearch.com	1 redirects cdn.taboola.com www.heraldsun.com.au
2	sync.1rx.io	2 redirects
2	sync.search.spotxchange.com	1 redirects
2	us-u.openx.net	1 redirects
2	insight.adsrvr.org	js.adsrvr.org
2	ssum.casalemedia.com	2 redirects
2	secure-dcr.imrworldwide.com	www.heraldsun.com.au
2	px.ads.linkedin.com	1 redirects www.heraldsun.com.au
2	www.googletagmanager.com	secure-ds.serving-sys.com
2	js.adsrvr.org	secure-ds.serving-sys.com
2	metrics.heraldsun.com.au	tags.news.com.au www.heraldsun.com.au
2	ping.chartbeat.net	www.heraldsun.com.au
2	secure-ds.serving-sys.com	tags.tiqcdn.com secure-ds.serving-sys.com
2	trc-events.taboola.com	www.heraldsun.com.au
2	sync-t1.taboola.com	www.heraldsun.com.au
2	ce.lijit.com	1 redirects www.heraldsun.com.au
2	bh.contextweb.com	1 redirects www.heraldsun.com.au
2	pixel.rubiconproject.com	www.heraldsun.com.au
2	secure-gl.imrworldwide.com	1 redirects www.heraldsun.com.au
2	widget.perfectmarket.com	cdn.taboola.com widget.perfectmarket.com
2	news-networkeditorial.s3-ap-southeast-2.amazonaws.com	www.heraldsun.com.au
1	sync.targeting.unrulymedia.com	1 redirects
1	www.facebook.com
1	image2.pubmatic.com
1	dsum-sec.casalemedia.com
1	tags.bluekai.com	1 redirects
1	beacon.krxd.net
1	usermatch.krxd.net	1 redirects
1	ps.eyeota.net	1 redirects
1	analytics.twitter.com	static.ads-twitter.com
1	dt.scanscout.com	1 redirects
1	image5.pubmatic.com	www.heraldsun.com.au
1	pnoalycbxgwqwvvpo0nekqvy45e6k1615180565.nuid.imrworldwide.com	www.heraldsun.com.au
1	t.co	www.heraldsun.com.au
1	www.linkedin.com	1 redirects
1	token.rubiconproject.com	www.heraldsun.com.au
1	au-gmtdmp.mookie1.com	www.heraldsun.com.au
1	acdn.adnxs.com	www.heraldsun.com.au
1	snap.licdn.com	www.heraldsun.com.au
1	static.ads-twitter.com	www.heraldsun.com.au
1	d.turn.com	1 redirects
1	98556657706bc6f7d2f73bcf07ab4e7f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	bs.serving-sys.com	secure-ds.serving-sys.com
1	cm.everesttech.net	1 redirects
1	newscorpau.demdex.net	tags.news.com.au
1	googleads4.g.doubleclick.net	ad.doubleclick.net
1	uconnect.tealiumiq.com	www.heraldsun.com.au
1	assets.vidora.com	www.heraldsun.com.au
1	seccdn-gl.imrworldwide.com	tags.news.com.au
1	cdn.adsafeprotected.com	tags.news.com.au
1	cds.taboola.com	www.heraldsun.com.au
1	bttrack.com	www.heraldsun.com.au
1	s.c.appier.net	1 redirects
1	dis.criteo.com	1 redirects
1	e1.emxdgt.com	www.heraldsun.com.au
1	dsp.adkernel.com	www.heraldsun.com.au
1	rtb-csync.smartadserver.com	www.heraldsun.com.au
1	simage2.pubmatic.com	www.heraldsun.com.au
1	match.taboola.com	www.heraldsun.com.au
1	au.tags.newscgp.com	tags.tiqcdn.com
1	static.chartbeat.com	tags.tiqcdn.com
1	mhr.talk.news.com.au	www.heraldsun.com.au
1	ad.doubleclick.net	tags.tiqcdn.com
1	ts2020-indies-client.web.app	www.heraldsun.com.au
1	use.fontawesome.com	cdn.taboola.com
1	s3-ap-southeast-2.amazonaws.com	www.heraldsun.com.au
1	s1.rui.au.reastatic.net	www.heraldsun.com.au
1	origin.go.heraldsun.com.au	www.heraldsun.com.au
1	cdn.speedcurve.com	www.heraldsun.com.au
0	loadus.exelator.com Failed	www.heraldsun.com.au
295	102

This site contains links to these domains. Also see Links.

Domain
www.plusrewards.com.au
myaccount.heraldsun.com.au
www.escape.com.au
supercoach.com.au
tips.com.au
supercoach.heraldsun.com.au
www.realestate.com.au
heraldsun.digitaleditions.com.au
www.facebook.com
www.twitter.com
www.instagram.com
heraldsun.com.au
myaccount.news.com.au
www.newsletters.news.com.au
www.mytributes.com.au
www.newscorpaustralia.com
www.newsphotos.com.au
www.newsconcierge.com.au
www.dailytelegraph.com.au
www.couriermail.com.au
www.adelaidenow.com.au
www.news.com.au
www.theaustralian.com.au
www.themercury.com.au
www.geelongadvertiser.com.au
www.cairnspost.com.au
www.goldcoastbulletin.com.au
www.townsvillebulletin.com.au
www.thechronicle.com.au
www.ntnews.com.au
www.weeklytimesnow.com.au
www.buysearchsell.com.au
leader.local.heraldsun.com.au
www.foxsports.com.au
www.foxtel.com.au
hipages.com.au
kayosports.com.au
www.punters.com.au
www.odds.com.au
www.racenet.com.au
apps.apple.com
play.google.com
preferences.news.com.au
vip.wordpress.com

Subject Issuer	Validity	Valid
news.com.au DigiCert SHA2 Secure Server CA	`2021-02-25` - `2022-02-28`	a year	crt.sh
*.speedcurve.com GlobalSign Atlas R3 DV TLS CA 2020	`2020-12-09` - `2022-01-10`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
origin.go.heraldsun.com.au R3	`2021-03-06` - `2021-06-04`	3 months	crt.sh
s1.rui.au.reastatic.net Amazon	`2020-08-19` - `2021-09-18`	a year	crt.sh
*.s3-ap-southeast-2.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-07-30` - `2021-08-04`	a year	crt.sh
p.ssl.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-02-03` - `2022-02-08`	a year	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2020-03-16` - `2021-06-15`	a year	crt.sh
web.app GTS CA 1O1	`2020-04-15` - `2021-04-14`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2020-06-01` - `2021-06-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-28` - `2022-02-01`	a year	crt.sh
au.tags.newscgp.com Amazon	`2021-01-25` - `2022-02-22`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-03` - `2022-02-19`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2020-05-07` - `2022-05-12`	2 years	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.adkernel.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-22` - `2022-01-05`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2020-05-18` - `2021-07-17`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2019-03-19` - `2021-04-13`	2 years	crt.sh
*.adsafeprotected.com Amazon	`2020-08-19` - `2021-09-18`	a year	crt.sh
*.vidora.com Amazon	`2020-04-10` - `2021-05-10`	a year	crt.sh
secure-ds.serving-sys.com DigiCert SHA2 Secure Server CA	`2020-01-03` - `2021-04-03`	a year	crt.sh
*.tealiumiq.com Amazon	`2020-10-23` - `2021-11-22`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
metrics.heraldsun.com.au DigiCert SHA2 High Assurance Server CA	`2020-04-13` - `2021-07-15`	a year	crt.sh
fw.adsafeprotected.com Amazon	`2020-09-09` - `2021-10-09`	a year	crt.sh
bs.serving-sys.com Go Daddy Secure Certificate Authority - G2	`2020-01-07` - `2022-03-08`	2 years	crt.sh
*.google.de GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-29` - `2021-04-14`	5 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-01-06` - `2021-07-05`	6 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-01-06` - `2022-02-04`	a year	crt.sh
*.nuid.imrworldwide.com Amazon	`2020-06-26` - `2021-07-26`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2019-03-20` - `2021-04-21`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh

This page contains 41 frames:

Primary Page: https://www.heraldsun.com.au/?nk=438545d00038fe8840b1209781ad4d2d-1615180561
Frame ID: C8B87C2E86D9EECEC55DA11F58E8B38F
Requests: 142 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=7OQwEBdDRi6XR4XQgR1auZCOirbKpETa&nonce=y-0S8hAA-fTbnXeXBPq7IuNiHcfFib3F&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4zIn0%3D
Frame ID: 5D2F76525A11DAAFFBB7437ECDB90D60
Requests: 3 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=rkaZywvpUsyuBf6KopEtIxt_T81lGXkf&nonce=ZUVvyGGVNeioeAJ31c4rhPYtFQbM9_3H&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4zIn0%3D
Frame ID: 52A9599D4975C51B38467791E9E28D81
Requests: 3 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=ipYpZ.~Uta_VVX2k1kHcyu4GL6Atukd_&nonce=6v5kjDS1S8j6VeGOTogLbV-rgSQbrIR1&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4zIn0%3D
Frame ID: 37F43FDF1BAF75D7665EEA7E2E9DD30D
Requests: 3 HTTP requests in this frame

Frame: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=0b5dd782-125c-476d-8e64-20887b6338a2&tbid=603a0525-4dba-40f3-b313-4fb6296d7a37-tuct73f3894&query=taboola_hm%3D0b5dd782-125c-476d-8e64-20887b6338a2&isDirect=0
Frame ID: AEF71AB2F2B74DADF55580A344F87B28
Requests: 19 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=Ok7U_UOiuKj~o-B018bjksQxeCnHm2NS&nonce=-7MlFUiltTSQzKs7RKc4P_TMaAR_CiGb&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4zIn0%3D
Frame ID: 3C53E6D703CA387A5E2E8577A88F96DB
Requests: 3 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: DD05C7AD75A73891C057B7DF432772A5
Requests: 22 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: F29BA94AE19DF2C292E645CAA244CCB0
Requests: 1 HTTP requests in this frame

Frame: https://static.ads-twitter.com/uwt.js
Frame ID: BD1AB41659A9CB446C0403D103E95DA5
Requests: 3 HTTP requests in this frame

Frame: https://snap.licdn.com/li.lms-analytics/insight.min.js
Frame ID: 8B08E723A77BB959FEE589803D538760
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Frame ID: 76C10947D7D589BF0C1EFC74BF4DA452
Requests: 5 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: E3A0515063E5FA014A2FB829DEB05133
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/up/pixie.js
Frame ID: F870C45202716171180A36F69D5B819C
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CMDc0b74n-8CFQPB1QodxRIAwA;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7931100456042.51
Frame ID: E3F7F1F66F756F4BB75DB0C63D9BEC4E
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CLnv0b74n-8CFdEeBgAd13oB4w;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3409197494605.8354
Frame ID: A851C06243C68C2F67934681B84E205C
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-820018408
Frame ID: 4816CCEAF6992B930753D27A54D97F7A
Requests: 5 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/conversion.js
Frame ID: 84B42119CE2A2AB71C1E9AAC072F3DD8
Requests: 4 HTTP requests in this frame

Frame: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296557&src.rand=[timestamp]
Frame ID: B6E19EF977FBC89770D02B3C2F134706
Requests: 1 HTTP requests in this frame

Frame: https://secure.adnxs.com/px?id=879166&seg=9702347&t=2
Frame ID: 96794FDBEB5B4433DF2E13E1EB59C4C3
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuhsE5uJlnMvzYcx_LGgtw0F0HD5_taVU_TYDEYD1m8CTSInk4LZbxoagkaI1UqOwDuiONZf1lzFfGuDjbhQlurYCQuD8onq8qHaONEIxgmhFBqBBYEalFLs7RgSe6iMLP6Q7oZs1DhFswXZABGMPuU8EwCacNhHx70k58hJSllbDBucfspE0hWsVScXh--U6r52Wzd_hUJU9Ke4f-o1qlO5opTob7G_1Z07z6HrHA58ABErfGtyFAuPNkbnDRKVFrls0du5HVrOQ1yFj5wl-krbjQDV5-gVQSPmjgpqtDKRnLRFw&sai=AMfl-YTgmdH3E2ZI1a0aDTCnpfJLngorETGGUthTmz9455AfbEj9_6m3Rgk322euLhQKpX7g-XTFiSb1p535&sig=Cg0ArKJSzIbEBGVyhyQaEAE&adurl=
Frame ID: BC4C5D6DB7E83CDAFACFDC121D1C4F75
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst04e8XXWMe5xn43C0ZYh-7Hr0pWuWm2iarLlYP9GipMdA-aa7qkMcmZMY1UlRijiK5BFCCdjg4UVfMGmuiALJ-IDDFGYzGwJKqJX6YDjNGpzm_AxcNJbiei1NR6pfGUEXQY9qswW0ewNjwtauyLUN4Ne9Cuxs8xnDRfFBUkoGQ7R0aEVTa6JWVddbC1fP67IQlcKOQOhlxDcySWSKO7vUUq58NDJ5u3clJtYAj3ti2ymMpdTQsF1rWODe1P5urE6iGblyqJUeNHCYoz5NVeBlm4BVvL5KsflE0jHDhQ9aKiL_j0w&sai=AMfl-YSI_QcQ4UNxMT3-ZUxIXPQZF_WYPdLue7xAhKtYbD3aUyreN8TcnyPEH7JJ6JX6Ez2Uz0x6R6AZHwi1&sig=Cg0ArKJSzMsB81H0pzYpEAE&adurl=
Frame ID: 2EB26119C98098941F5A87485CB4358B
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssx5QOlhsuIu15IiGkwOn8Gg2AhcZNJYBI0z4lrOMFRduQCwHoS3QggpPU621p0C7T6qHcgNR8LGQlf8dWJGLZQBKhDCZbdgTwMMYqe1lb9OUvTRMjy5_MRC9boKrIl7CpFRVDtBaVIyDNiKwJEE0EY7BJgC7MBOINPK36BFZ1gKcDEoXuOtDOIe8fxE4e_xIgButkvZmkiUKCgsOFTH7scJiJtG5uHtzFrmuMlaxGOdRRNZJVg18Xem9xwAfuW3FALXJk4z5MHFqqXUd4XYLBdfi_-MGrnCuFloaGbCPErwxXXjg&sai=AMfl-YR2_sYZ0kPrvVlVbQVNQ-jeZQ8BRB-Q6MoUMbt3ZzkQ-mDtv3EuxpknF7HxoP_NaFndHBVs8HAp7A4H&sig=Cg0ArKJSzE3S88brGHl0EAE&adurl=
Frame ID: 69A8D0DEB5BF5143E3A5C54CB3D31E2F
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstH3oLIjRzeMB-gE3nhMxrbOKL46uTiuwRciOugcJpXoQ69QgJyGPzeciSBol2ZwlbcFslu4GXTIci2G1Xn4SGjku-6firkhucoICB87Kr6eDgz8v0jw2XOMSwUuu1F9XuLTXy3OJyFeyi6Lyp5ZT8fqNEkWmqeIM-1u8X1YFMdv3TsoNA1FPr1Vy8tWacARYnUg6hi5VY7N6_WDmOslnxIChiomup90cHbBAj3jRskeYThqAlst71msNGxcfdcWpdKa9u-4Xaz1f9hKcXX5B-qM6tM3yBIa6aNFw3vxr2HIzWEAQ&sai=AMfl-YTFVkR0To06ms0Ip_bJc1OkGj3eKtZYWZi0e3eR4je22SIFrZYawURKaysqLuc2X-Ad7vtwYOtvyvNE&sig=Cg0ArKJSzE_zwiI6R-PlEAE&adurl=
Frame ID: 700FD83E5C2837ED84B8C660CD09782A
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvHhZTZxsJ7Eo9VT-maAjw8s1qc_AF-yb4ti7WJ4ckHdAk9HB2VlWBuQNBCDQChETRwXSLfZyzCuN5__1OGs0p7YQxgLFi9jQth8OHBrGKb4LFQgKxeyknyx9gRqgOE4iucxwoB_3mhCVG1OiatM4322Cgv5QevPFsJCnXK7xCsMQT7byxkxudWroZKqN_9kRhGTGfbN1QziLgLQ446xVOwzwmXGRIRrrWrHlb1YwFmpzoXsYOhOq2JvA4SWlgijXCLgjQLERq7mgSPpCd54eWYZ2WBKmyPUSgx9B9C1M12S0e99Q&sai=AMfl-YSZlM4MxmqSxWy6mubFIZt111wyllTsU1s6Yh6NwZivCvAJ1TD52wafwZMpuYj9j3SLVoOlOydS6CFF&sig=Cg0ArKJSzLiR0Y5p8PgdEAE&adurl=
Frame ID: C9463EA30E4BE08B3574773FCD4E5034
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsukg7IVCYj7TXhKDjDs-_tkVbGZzK6nM3BDjbikT8AUeDarqN6oXwLUqV7yO8EKljabUWCC_-mUN91f1C1q8zBlYlsPlQb7H_DjaILrtmrXqpHNOIYZPH4ZOMQH51Um432EY5PLMIMF5Mxv75KUXvXKN_jTaXD8g5uv4rSrC4-8rAI3nmFAueVABAI0tQPdfMCaaJdqT0XKN1fCCAgBQjWMgKMfxidpcGhlEq0FE2CNEJLTnXaPUp7dvOrQkKs-Gni_JML63YulJirzLTk0iRoKt8a3wWTvs8orH8b1cz5S2bKNbA&sai=AMfl-YTg03NegjcYX71eJQh56D1GVxDlhjH1dN4-4uBjyFnMNDGBbpcFUgyp_ffb2o9EViSbN2SrkFxblYrP&sig=Cg0ArKJSzAzA0he3HwghEAE&adurl=
Frame ID: A6AA895DA65CB23545B39620C3245786
Requests: 8 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: A4898DB4AEAD3E6455A30EE6BDDEC826
Requests: 3 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025560&pubOrder=305536031&cb=1304318945&custom=homepage&custom3=168400391&adsafe_par&impId=61bc5df2-7fcd-11eb-8876-06da572054ee
Frame ID: 9F0408A0E3BE94FEBB21A234800DC98C
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|3&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092474&pubOrder=305536031&cb=175456845&custom=homepage&custom3=168400391&adsafe_par&impId=61bc5df3-7fcd-11eb-8876-06da572054ee
Frame ID: 740ED0D5F720C76A03729B7E2A2E82EA
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234082178&pubOrder=305536031&cb=1402638235&custom=homepage&custom3=168400391&adsafe_par&impId=61bc5df6-7fcd-11eb-8876-06da572054ee
Frame ID: DA1CEB71047B0B0F2B72633E24B7618A
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092471&pubOrder=305536031&cb=408163390&custom=homepage&custom3=168400391&adsafe_par&impId=61bc5df4-7fcd-11eb-8876-06da572054ee
Frame ID: 6117250C9B819B4EA2EA01959535E521
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092456&pubOrder=305536031&cb=939344018&custom=homepage&custom3=168400391&adsafe_par&impId=61bc5df5-7fcd-11eb-8876-06da572054ee
Frame ID: 54B22DDACF28A23E614484E6F65919D7
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025461&pubOrder=305536031&cb=1212839332&custom=homepage&custom3=168400391&adsafe_par&impId=61bc5df7-7fcd-11eb-8876-06da572054ee
Frame ID: B410A69028AFC95B0ADFEED239A06A2C
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: 4BC6C6523A97078D703F60F6E5193343
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: 2770069FC54FA40F21B28572E29FEA2B
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: 4BA2A0553690EF99AFE3FDDE9EA82566
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: 5364B3A9AA11FCA2C97F694CF4531D5B
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: 5F3F0A7896FC190A97B3077AE6963366
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: 55F8652B94D66D5BD98AB48442B8519F
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Frame ID: CEBFF61E8808A9C211CF2EAD1B14C71D
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Frame ID: C09928EA1CAFDCEE007AEBDC3A99E2D6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: D41F6EFAD702E8F5D1DBB1A2E091D6BD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.heraldsun.com.au/ HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2f HTTP 302
https://www.heraldsun.com.au/ HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&161... HTTP 302
https://www.heraldsun.com.au/?nk=438545d00038fe8840b1209781ad4d2d-1615180561 Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /\/prebid\.js/i

Sizmek (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /serving-sys\.com\//i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

295
Requests

97 %
HTTPS

25 %
IPv6

63
Domains

102
Subdomains

82
IPs

8
Countries

2940 kB
Transfer

8008 kB
Size

28
Cookies

54 Outgoing links

These are links going to different origins than the main page.

URL: https://www.plusrewards.com.au/heraldsun/offers
Title: Rewards

Search URL Search Domain Scan URL

URL: https://myaccount.heraldsun.com.au/s
Title: My account

Search URL Search Domain Scan URL

URL: https://www.escape.com.au/
Title: Travel

Search URL Search Domain Scan URL

URL: https://supercoach.com.au/
Title: SuperCoach

Search URL Search Domain Scan URL

URL: http://tips.com.au/afl/?source_code=HSWEB_TIP1271
Title: tips.com.au

Search URL Search Domain Scan URL

URL: https://supercoach.heraldsun.com.au/racing
Title: SuperCoach

Search URL Search Domain Scan URL

URL: https://supercoach.heraldsun.com.au/nrl
Title: SuperCoach

Search URL Search Domain Scan URL

URL: https://tips.com.au/nrl/
Title: tips.com.au

Search URL Search Domain Scan URL

URL: https://www.realestate.com.au/

Search URL Search Domain Scan URL

URL: https://www.escape.com.au/destinations/australia/14-aussie-road-rules-nobody-told-you-about/image-gallery/80cc61f9ee44f7bb920ebafb630033e4?galleryimage=14

Search URL Search Domain Scan URL

URL: https://www.escape.com.au/destinations/australia/these-are-the-best-toasties-in-australia/news-story/8458b2ae5a374a35f0792663de711c07
Title: I found the best toasties in Australia

Search URL Search Domain Scan URL

URL: https://www.escape.com.au/destinations/australia/queensland/three-days-a-car-and-a-world-of-discovery-on-a-road-trip-from-townsville-to-cairns/news-story/cc9156b6c782d5e6780804e41c9ace63
Title: Road trip few Aussies know about stuns

Search URL Search Domain Scan URL

URL: https://heraldsun.digitaleditions.com.au/index.php
Title: Front pageRead today's paper as it was printed.

Search URL Search Domain Scan URL

URL: https://www.facebook.com/heraldsun

Search URL Search Domain Scan URL

URL: https://www.twitter.com/theheraldsun

Search URL Search Domain Scan URL

URL: https://www.instagram.com/heraldsunphoto

Search URL Search Domain Scan URL

URL: http://heraldsun.com.au/help-rss

Search URL Search Domain Scan URL

URL: https://myaccount.news.com.au/heraldsun/help/subscriptionTerms?pkgDef=HS_GCRACA_W52&hideRegistrationTnC=true
Title: Group/Corporate subscriptions

Search URL Search Domain Scan URL

URL: https://www.newsletters.news.com.au/heraldsun
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://www.mytributes.com.au/
Title: My Tributes

Search URL Search Domain Scan URL

URL: http://www.newscorpaustralia.com/careers
Title: Job Opportunities

Search URL Search Domain Scan URL

URL: https://myaccount.news.com.au/heraldsun/help/subscriptionTerms?pkgDef=HS_SDO_SDO5A_M01
Title: Subscription terms

Search URL Search Domain Scan URL

URL: https://myaccount.news.com.au/heraldsun/help/subscriptionTerms?pkgDef=HS_LAPP_17A_W04#subscribe
Title: App only subscription terms

Search URL Search Domain Scan URL

URL: http://www.newsphotos.com.au/C.aspx?VP3=CMS3&VF=Home
Title: Photo Sales

Search URL Search Domain Scan URL

URL: https://www.newsconcierge.com.au/
Title: Advertise with us

Search URL Search Domain Scan URL

URL: https://www.dailytelegraph.com.au/
Title: The Daily Telegraph

Search URL Search Domain Scan URL

URL: https://www.couriermail.com.au/
Title: Courier Mail

Search URL Search Domain Scan URL

URL: http://www.adelaidenow.com.au/
Title: The Advertiser

Search URL Search Domain Scan URL

URL: https://www.news.com.au/
Title: news.com.au

Search URL Search Domain Scan URL

URL: https://www.theaustralian.com.au/
Title: The Australian

Search URL Search Domain Scan URL

URL: https://www.themercury.com.au/
Title: The Mercury

Search URL Search Domain Scan URL

URL: https://www.geelongadvertiser.com.au/
Title: Geelong Advertiser

Search URL Search Domain Scan URL

URL: https://www.cairnspost.com.au/
Title: The Cairns Post

Search URL Search Domain Scan URL

URL: https://www.goldcoastbulletin.com.au/
Title: Gold Coast Bulletin

Search URL Search Domain Scan URL

URL: https://www.townsvillebulletin.com.au/
Title: Townsville Bulletin

Search URL Search Domain Scan URL

URL: https://www.thechronicle.com.au/
Title: The Chronicle

Search URL Search Domain Scan URL

URL: https://www.ntnews.com.au/
Title: NT News

Search URL Search Domain Scan URL

URL: https://www.weeklytimesnow.com.au/
Title: The Weekly Times

Search URL Search Domain Scan URL

URL: https://www.buysearchsell.com.au/
Title: Buy Search Sell

Search URL Search Domain Scan URL

URL: http://leader.local.heraldsun.com.au/
Title: Find Your Local

Search URL Search Domain Scan URL

URL: http://www.foxsports.com.au/
Title: Foxsports

Search URL Search Domain Scan URL

URL: https://www.foxtel.com.au/index.html
Title: Foxtel

Search URL Search Domain Scan URL

URL: https://hipages.com.au/
Title: Hipages

Search URL Search Domain Scan URL

URL: https://kayosports.com.au/
Title: Kayo

Search URL Search Domain Scan URL

URL: https://www.punters.com.au/
Title: Punters

Search URL Search Domain Scan URL

URL: https://www.odds.com.au/
Title: odds.com.au

Search URL Search Domain Scan URL

URL: https://www.racenet.com.au/
Title: racenet.com.au

Search URL Search Domain Scan URL

URL: https://apps.apple.com/au/app/herald-sun/id392582225

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.newscorp.heraldsun

Search URL Search Domain Scan URL

URL: https://preferences.news.com.au/##collect
Title: Find out more about our policy and your choices, including how to opt-out.

Search URL Search Domain Scan URL

URL: https://preferences.news.com.au/
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://preferences.news.com.au/##optout
Title: Relevant ads opt-out

Search URL Search Domain Scan URL

URL: https://preferences.news.com.au/cookies
Title: Cookie policy

Search URL Search Domain Scan URL

URL: https://vip.wordpress.com/
Title: WordPress.com VIP

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.heraldsun.com.au/ HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2f HTTP 302
https://www.heraldsun.com.au/ HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&16151805611167638323 HTTP 302
https://www.heraldsun.com.au/?nk=438545d00038fe8840b1209781ad4d2d-1615180561 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1615180563988&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1615180563988&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9=&cs_ak_ss=1

Request Chain 54

https://secure-gl.imrworldwide.com/v60.js HTTP 301
https://cdn-gl.imrworldwide.com/v60.js

Request Chain 66

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=0b5dd782-125c-476d-8e64-20887b6338a2 HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=0b5dd782-125c-476d-8e64-20887b6338a2&tbid=603a0525-4dba-40f3-b313-4fb6296d7a37-tuct73f3894&query=taboola_hm%3D0b5dd782-125c-476d-8e64-20887b6338a2&isDirect=0

Request Chain 68

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=YR3FGri3r0CQ&ev=1&orig=trc&pid=562107

Request Chain 70

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEGaE8qU5mPVPZmVxqTUydT8&google_cver=1

Request Chain 72

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=603a0525-4dba-40f3-b313-4fb6296d7a37-tuct73f3894

Request Chain 73

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=5697664b-3c46-476e-ba6b-6507bb7241bf

Request Chain 74

https://ce.lijit.com/merge?pid=42&3pid=603a0525-4dba-40f3-b313-4fb6296d7a37-tuct73f3894&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=42&3pid=603a0525-4dba-40f3-b313-4fb6296d7a37-tuct73f3894&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

Request Chain 79

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=f7a0abed-c4ec-49d3-8b44-ed715b30959f

Request Chain 80

https://id5-sync.com/s/464/9.gif?puid=603a0525-4dba-40f3-b313-4fb6296d7a37-tuct73f3894&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/464/464/7/1.gif?puid=603a0525-4dba-40f3-b313-4fb6296d7a37-tuct73f3894&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO_GJdKTeyhg5UDN6X0Hr9ldmJjS4PKezm2wwmzQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO_GJdKTeyhg5UDN6X0Hr9ldmJjS4PKezm2wwmzQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/464/124/6/2.gif?puid=b53d8006-56e7-4770-a213-5b02b02e138b&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F5%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/441/5/3.gif?puid=e_b59730c4-4c81-41ae-90b0-b8d0c341370f&gdpr=1&gdpr_consent= HTTP 302
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEOSJ--DDgHX3NHlbG_Nb4QI&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEOSJ--DDgHX3NHlbG_Nb4QI&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=1307891828321342721&opid=apx&ops=&utidl=tech:goo:CAESEOSJ--DDgHX3NHlbG_Nb4QI&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
https://id5-sync.com/qp/18.gif?puid=vec%3A11638806111&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/19/3/5.gif?puid=7ea568630ea8366d7453c837325f3a49&gdpr=1&gdpr_consent= HTTP 302
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/464/101/2/6.gif?puid=d77ca7b8-825c-40d6-90da-bb7fcc2f301e&gdpr=1&gdpr_consent= HTTP 302
https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F103%2F1%2F7.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D

Request Chain 81

https://s.c.appier.net/taboola HTTP 302
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=sTFgGP62BpScQ0TPFbNFYA

Request Chain 84

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=81a584b6-6548-4ec9-8ad6-d09a861befa3 HTTP 302
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=0b5dd782-125c-476d-8e64-20887b6338a2&ssp=taboola HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=81a584b6-6548-4ec9-8ad6-d09a861befa3

Request Chain 93

https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1615180564422 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1615180564422

Request Chain 104

https://cm.everesttech.net/cm/dd?d_uuid=54537386079071306343636709354180226755 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YEWzFQAAADwPxghv

Request Chain 117

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
https://dpm.demdex.net/ibs:dpid=358&dpuuid=1307891828321342721

Request Chain 128

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=470&dpuuid=3578741287086522757

Request Chain 135

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7931100456042.51 HTTP 302
https://8228261.fls.doubleclick.net/activityi;dc_pre=CMDc0b74n-8CFQPB1QodxRIAwA;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7931100456042.51

Request Chain 136

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3409197494605.8354 HTTP 302
https://8228261.fls.doubleclick.net/activityi;dc_pre=CLnv0b74n-8CFdEeBgAd13oB4w;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3409197494605.8354

Request Chain 178

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1615180565235&url=https%3A%2F%2Fwww.heraldsun.com.au%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26time%3D1615180565235%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1615180565235&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&liSync=true

Request Chain 196

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NTQ1MzczODYwNzkwNzEzMDYzNDM2MzY3MDkzNTQxODAyMjY3NTU= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEKb1nFtRtvrzcdA4Ds5iOtc&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 212

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=5697664b-3c46-476e-ba6b-6507bb7241bf

Request Chain 229

https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__ HTTP 302
https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&C=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YEWzFfO5SvDiPgwooCCK9AAA%261192

Request Chain 241

https://dt.scanscout.com/ssframework/uid?UIAA=54537386079071306343636709354180226755&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D HTTP 302
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-ad5ab97f051e8e586b5afd54788aa285

Request Chain 258

https://ps.eyeota.net/match?bid=6j5b2cv&uid=54537386079071306343636709354180226755&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Request Chain 259

https://usermatch.krxd.net/um/v2?partner=adobe&id=54537386079071306343636709354180226755 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=54537386079071306343636709354180226755

Request Chain 261

https://tags.bluekai.com/site/43981?id=54537386079071306343636709354180226755&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID HTTP 302
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=ewLQJx9999eqsWPQ

Request Chain 262

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUVXekZRQUFBRHdQeGdodg==

Request Chain 271

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YEWzFQAAADwPxghv&expires=90

Request Chain 273

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YEWzFQAAADwPxghv

Request Chain 276

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=YEWzFQAAADwPxghv

Request Chain 277

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YEWzFQAAADwPxghv HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YEWzFQAAADwPxghv

Request Chain 278

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YEWzFQAAADwPxghv

Request Chain 281

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YEWzFQAAADwPxghv&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YEWzFQAAADwPxghv&img=1&__user_check__=1&sync_id=630c61da-7fcd-11eb-b9b9-182a6e994506

Request Chain 282

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YEWzFQAAADwPxghv&t=2592000&o=0

Request Chain 286

https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=147592?dpuuid=603a0525-4dba-40f3-b313-4fb6296d7a37-tuct73f3894

Request Chain 287

https://sync.1rx.io/usersync/adobe/0?dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync/adobe/0?zcc=1&dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D&cb=1615180567440 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-97f1d345-ca9e-4657-8741-3aa23e3f9320-003?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3DRX-97f1d345-ca9e-4657-8741-3aa23e3f9320-003 HTTP 302
https://dpm.demdex.net/ibs:dpid=461447&dpuuid=RX-97f1d345-ca9e-4657-8741-3aa23e3f9320-003

295 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.heraldsun.com.au/
Redirect Chain

https://www.heraldsun.com.au/
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2f
https://www.heraldsun.com.au/
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&16151805611167638323
https://www.heraldsun.com.au/?nk=438545d00038fe8840b1209781ad4d2d-1615180561

408 KB
73 KB

1863ms
1862ms

Document
text/html

2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/?nk=438545d00038fe8840b1209781ad4d2d-1615180561

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

581682c3450c29ef4e8d493d1cb2986eb093f9f5250bebf1f80d0b9ceac4defe

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

:method: GET
:authority: www.heraldsun.com.au
:scheme: https
:path: /?nk=438545d00038fe8840b1209781ad4d2d-1615180561
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: n_regis=123456789
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
content-type: text/html; charset=UTF-8
set-cookie: AWSALB=YykET4Fr6d415uHe5x/BUPtwELuiq8h2jZFrPEjzX7LlpNW0iP7vgVDx0+KsIxYiXjHLWPGnU49Rovb4J3Ne1Cw+R4Ihym1w1TtfK1ItAJSqjVBy20YW2E26LMTO; Expires=Mon, 15 Mar 2021 05:16:02 GMT; Path=/ nk=438545d00038fe8840b1209781ad4d2d; expires=Thu, 07 Mar 2024 05:16:03 GMT; path=/; domain=heraldsun.com.au; SameSite=None; Secure; AWSALBCORS=YykET4Fr6d415uHe5x/BUPtwELuiq8h2jZFrPEjzX7LlpNW0iP7vgVDx0+KsIxYiXjHLWPGnU49Rovb4J3Ne1Cw+R4Ihym1w1TtfK1ItAJSqjVBy20YW2E26LMTO; Expires=Mon, 15 Mar 2021 05:16:02 GMT; Path=/; SameSite=None; Secure
x-powered-by: WordPress VIP <https://wpvip.com>
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
vary: User-Agent Accept-Encoding
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2f%3fnk%3d438545d00038fe8840b1209781ad4d2d-1615180561&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=&session=438545d00038fe8840b1209781ad4d2d
x-arrrg5: BlaizeHappened
x-rq: ewr4 119 71 3100
x-xss-protection: 1
x-content-type-options: nosniff
host-header: a9130478a60e5f9135f765b23f26593b
content-encoding: gzip
cache-control: max-age=4
expires: Mon, 08 Mar 2021 05:16:07 GMT
date: Mon, 08 Mar 2021 05:16:03 GMT

Redirect headers

server: AkamaiGHost
content-length: 154
content-type: text/html
location: https://www.heraldsun.com.au/?nk=438545d00038fe8840b1209781ad4d2d-1615180561
set-cookie: nk=438545d00038fe8840b1209781ad4d2d; expires=Thu, 07 Mar 2024 05:16:01 GMT; path=/; domain=news.com.au; SameSite=None; Secure;
mime-version: 1.0
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
vary: Accept-Encoding
etag: "05563c72b22b39afb384f19701c03047:1600838589.100191"
expires: Mon, 08 Mar 2021 05:16:01 GMT
cache-control: max-age=0, no-cache
pragma: no-cache
date: Mon, 08 Mar 2021 05:16:01 GMT

GET
H2 200 css-metro-desktop-lazy.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 1 B
593 B 116ms
116ms Stylesheet
text/css 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=438545d00038fe8840b1209781ad4d2d-1615180561

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-rq: ewr4 115 233 3111
last-modified: Fri, 06 Nov 2020 23:23:28 GMT
server: nginx
etag: "5fa5daf0-1"
vary: User-Agent
content-type: text/css
expires: Mon, 08 Mar 2021 05:16:04 GMT
cache-control: max-age=1
date: Mon, 08 Mar 2021 05:16:03 GMT
is-https: true
content-length: 1
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 lux.js Show response
cdn.speedcurve.com/js/ 21 KB
7 KB 27ms
5ms Script
application/javascript 151.101.14.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.speedcurve.com/js/lux.js?id=338391603
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=438545d00038fe8840b1209781ad4d2d-1615180561
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 8e0cf75c2cfcb35edbce8e01875f1690dc3ffbfbb3eff4f3e02f69da5a5d6846

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:03 GMT
via: 1.1 vegur, 1.1 varnish
age: 2033
x-cache: HIT
x-cache-hits: 4
content-encoding: gzip
content-length: 6820
x-served-by: cache-fra19132-FRA
last-modified: Mon, 08 Mar 2021 04:42:11 GMT
server: Apache
x-timer: S1615180564.737462,VS0,VE0
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Mar 2021 04:42:11 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/ 253 KB
35 KB 21ms
6ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=438545d00038fe8840b1209781ad4d2d-1615180561
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6d78f4e1764e299379823a553d120f41eee82f176d1207028d7a81bc275544a8

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: QlbYgJWvDohByFvBTnhRpomHCDBCVNaK
content-encoding: gzip
etag: "65f1feb43733d4ba898cc3a03de5cd39"
age: 107
x-cache: HIT
content-length: 35137
x-amz-id-2: EAEJ5R3zheTxLsVQuhfyKb2p6r4Pv5XKbPhKnI3opUOaoxyjWmywA/RJd7XmPI81XvamGPJzJ20=
x-served-by: cache-hhn11563-HHN
last-modified: Thu, 04 Mar 2021 13:40:22 GMT
server: AmazonS3
x-timer: S1615180564.740907,VS0,VE1
date: Mon, 08 Mar 2021 05:16:03 GMT
vary: Accept-Encoding
x-amz-request-id: NTA3Q8C2NG3S6K74
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 71
x-cache-hits: 1

GET
H2 200 heraldsun.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 8 KB
4 KB 13ms
12ms Image
image/svg+xml 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

5e7b471a7b5dcd0107a7a7d6e057c7a6377f258a3bf28087ce83711e0ae4826a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:03 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 3055
x-rq: ewr4 114 88 3146
last-modified: Fri, 06 Nov 2020 23:19:04 GMT
server: nginx
etag: W/"5fa5d9e8-1f69"
vary: User-Agent
content-type: image/svg+xml
cache-control: max-age=2584709
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Wed, 07 Apr 2021 03:14:32 GMT

GET
H2 200 64ae8232b4e0335d8b4ce91c8d59e4da
content.api.news/v3/images/bin/ 75 KB
75 KB 41ms
38ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/64ae8232b4e0335d8b4ce91c8d59e4da?width=1024
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 840d612af2b90c44ae52d2fd60e4610f5ce644cf5bc50da70324022b49eee37d

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag: 64ae8232b4e0335d8b4ce91c8d59e4da
date: Mon, 08 Mar 2021 05:16:03 GMT
last-modified: Sun, 07 Mar 2021 22:05:25 GMT
server: Akamai Image Manager
etag: dc979236e4a85f1e4566cb05d7c37fe8-64ae8232b4e0335d8b4ce91c8d59e4da-1024
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5158035
access-control-allow-headers: x-newsapi-api-key
content-length: 76531
expires: Thu, 06 May 2021 22:03:18 GMT

GET
H2 200 a9be2e7a33fa14763a9846d4f393df89
content.api.news/v3/images/bin/ 47 KB
48 KB 23ms
20ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/a9be2e7a33fa14763a9846d4f393df89?width=650
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 01b15de5e56b59d568f4dee2178389cbc08d959f665f8d8860f21fd844001201

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag: a9be2e7a33fa14763a9846d4f393df89
date: Mon, 08 Mar 2021 05:16:03 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 28319d6b330051fcb9ccc7f9f3ae9b01-a9be2e7a33fa14763a9846d4f393df89-650
x-serial: 733
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5180688
last-modified: Mon, 08 Mar 2021 04:21:15 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 48444
expires: Fri, 07 May 2021 04:20:51 GMT

GET
H2 200 e93f0c963e59a0b3103848e0047b2b1b
content.api.news/v3/images/bin/ 4 KB
4 KB 65ms
62ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/e93f0c963e59a0b3103848e0047b2b1b?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 49a5cf4c91647235c1046326e5d81fba4ae0bef20070afb895a014e2967659da

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag: e93f0c963e59a0b3103848e0047b2b1b
date: Mon, 08 Mar 2021 05:16:03 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 9fa1373b30c87cd8d7f38f3c1e39e73f-e93f0c963e59a0b3103848e0047b2b1b-150
x-serial: 573
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5176383
last-modified: Mon, 08 Mar 2021 03:07:59 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 3807
expires: Fri, 07 May 2021 03:09:06 GMT

GET
H2 200 f5601612742a4706bd302b488591391a
content.api.news/v3/images/bin/ 3 KB
3 KB 34ms
31ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/f5601612742a4706bd302b488591391a?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: a063f0bf7f2d94f3a0512ce6d3119d2c18510243dee5631cdda531be5d38217f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag: f5601612742a4706bd302b488591391a
date: Mon, 08 Mar 2021 05:16:03 GMT
last-modified: Mon, 08 Mar 2021 04:45:03 GMT
server: Akamai Image Manager
etag: 1dd426f1d6d3829173fa5f5a44a47fb4-f5601612742a4706bd302b488591391a-150
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5182074
access-control-allow-headers: x-newsapi-api-key
content-length: 3038
expires: Fri, 07 May 2021 04:43:57 GMT

GET
H2 200 abf33fbea87d19634881a5b1a5f89b8d
content.api.news/v3/images/bin/ 5 KB
6 KB 34ms
31ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/abf33fbea87d19634881a5b1a5f89b8d?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 23751878df63b572596a780f83ae1d2b03655928e07fb8d380c166d05293a88e

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag: abf33fbea87d19634881a5b1a5f89b8d
date: Mon, 08 Mar 2021 05:16:03 GMT
last-modified: Mon, 08 Mar 2021 02:32:48 GMT
server: Akamai Image Manager
etag: 780f2da992b888cedf87ff99ec3ffbad-abf33fbea87d19634881a5b1a5f89b8d-150
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5174171
access-control-allow-headers: x-newsapi-api-key
content-length: 5370
expires: Fri, 07 May 2021 02:32:14 GMT

GET
H2 200 957cc4ce9dc84784dd42081c4bae73b5
content.api.news/v3/images/bin/ 6 KB
7 KB 64ms
62ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/957cc4ce9dc84784dd42081c4bae73b5?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: d3a8e2711ae9df0bf20b735925c9dc075ca885ffe01509ed0f5c21de324a68b6

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag: 957cc4ce9dc84784dd42081c4bae73b5
date: Mon, 08 Mar 2021 05:16:03 GMT
last-modified: Sun, 07 Mar 2021 21:41:24 GMT
server: Akamai Image Manager
etag: 7ce82c4ce2880aeb19f539e5c651f2dd-957cc4ce9dc84784dd42081c4bae73b5-150
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5156665
access-control-allow-headers: x-newsapi-api-key
content-length: 6537
expires: Thu, 06 May 2021 21:40:28 GMT

GET
H2 200 17f72e5fdeeb22c5316b3f486b98f8f6
content.api.news/v3/images/bin/ 66 KB
67 KB 46ms
46ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/17f72e5fdeeb22c5316b3f486b98f8f6?width=650
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 5514d947731975e9596cb43f290f30e75286925c8505d5f00ed32552eb776ccd

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag: 17f72e5fdeeb22c5316b3f486b98f8f6
date: Mon, 08 Mar 2021 05:16:03 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: d413c5e4b4224ab1e12a8acca755f895-17f72e5fdeeb22c5316b3f486b98f8f6-650
x-serial: 1014
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5177721
last-modified: Mon, 08 Mar 2021 03:31:51 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 67687
expires: Fri, 07 May 2021 03:31:24 GMT

GET
H2 200 b63354fc7ca8056bab6e4c3abcbf9b37
content.api.news/v3/images/bin/ 58 KB
59 KB 58ms
58ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/b63354fc7ca8056bab6e4c3abcbf9b37?width=650
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 7dd66009439299c670cb42a2091585ebc407935a3ba1a033bada2e87eb3d8176

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag: b63354fc7ca8056bab6e4c3abcbf9b37
date: Mon, 08 Mar 2021 05:16:03 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 4a8dc6632591763a2c00d88d10b3c0fc-b63354fc7ca8056bab6e4c3abcbf9b37-650
x-serial: 1728
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5153229
last-modified: Sun, 07 Mar 2021 20:44:18 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 59903
expires: Thu, 06 May 2021 20:43:12 GMT

GET
H2 200 1for28-Jan21-MP-BOB-Image-350x197-1.jpg
origin.go.heraldsun.com.au/wp-content/uploads/2021/02/ 43 KB
44 KB 31ms
10ms Image
image/jpeg 2a04:fa87:fffd::c000:42d0
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://origin.go.heraldsun.com.au/wp-content/uploads/2021/02/1for28-Jan21-MP-BOB-Image-350x197-1.jpg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:42d0 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e9dea41b08c540db79054b5440e3312cc8cb429c40b9f78dd2abbffd277a05f4

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:03 GMT
x-rq: hhn2 109 144 443
last-modified: Wed, 03 Feb 2021 04:23:14 GMT
server: nginx
etag: "058b11c021b931c7"
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 44497
expires: Thu, 03 Feb 2022 04:29:32 GMT

GET
H2 200 rea-logo-v4.png
s1.rui.au.reastatic.net/rui-static/img/ 8 KB
9 KB 84ms
24ms Image
image/png 2600:9000:20d7:ca00:1e:c291:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.rui.au.reastatic.net/rui-static/img/rea-logo-v4.png
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20d7:ca00:1e:c291:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d1bcc188f481bacf1d9ab4df424b1e041f10f45c85183d38bd2c079f0566dbda

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Sep 2020 23:46:33 GMT
via: 1.1 375ffc8f2a15d6fd2fa731e1cdf5a737.cloudfront.net (CloudFront)
last-modified: Fri, 11 Aug 2017 05:25:43 GMT
server: AmazonS3
age: 15830971
etag: "7fb1763135890cdfa60dcb405cd51572"
x-cache: Hit from cloudfront
x-amz-version-id: itrxET0Vrz4We1UVf0nZMlYhOyBF2D8w
cache-control: max-age=20221025
x-amz-replication-status: COMPLETED
x-amz-cf-pop: ZAG50-C1
accept-ranges: bytes
content-type: image/png
content-length: 8533
x-amz-cf-id: 1l3x1gJFmLWVbTzTrjFt0IDKT1u7yxKH57ibvUv2P1rWXKr77dZsAA==

GET
H2 200 charter_bold_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 12 KB
12 KB 57ms
8ms Font
binary/octet-stream 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold_italic.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=438545d00038fe8840b1209781ad4d2d-1615180561
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:03 GMT
last-modified: Fri, 25 Sep 2020 03:04:51 GMT
server: AmazonS3
x-amz-request-id: EE3D21683166F96F
etag: "da48b0752549dabb4675d82412c9cd2d"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=353281
accept-ranges: bytes
content-length: 12440
x-amz-id-2: BGzA4H6MhiNFsVMRHnDid7w0RneCV9f+L69FdEMmbqtC5J6BXqShCVeo7uP6Jum7BVtWfb2VAeI=
expires: Fri, 12 Mar 2021 07:24:04 GMT

GET
H2 200 source-sans-pro-regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 16 KB
16 KB 59ms
9ms Font
binary/octet-stream 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-regular.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=438545d00038fe8840b1209781ad4d2d-1615180561
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:03 GMT
last-modified: Tue, 01 Sep 2020 04:31:33 GMT
server: AmazonS3
x-amz-request-id: 34B4778288C88CAA
etag: "899c8f78ce650d4009d42443897aa723"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=218346
accept-ranges: bytes
content-length: 16112
x-amz-id-2: 0V9i/JC3jV0uO9z1+RHGizGZNe8ea4s0M3lvOab3o97ikLfxhLYoNjWrU3t9GbdAE8O37bCHHcA=
expires: Wed, 10 Mar 2021 17:55:09 GMT

GET
H2 200 source-sans-pro-600.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 16 KB
16 KB 63ms
13ms Font
binary/octet-stream 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-600.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=438545d00038fe8840b1209781ad4d2d-1615180561
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:03 GMT
last-modified: Tue, 22 Sep 2020 06:30:09 GMT
server: AmazonS3
x-amz-request-id: B9F079BFD69B8BC1
etag: "c85615b296302af51e683eecb5e371d4"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=336663
accept-ranges: bytes
content-length: 15948
x-amz-id-2: DPCyCCKT0juTREQMOkBTQL82bK8sJ1cHlMUrULDEc9V9ZluCRM4RuSFSdOhDVMhG9DNYyK1s4MM=
expires: Fri, 12 Mar 2021 02:47:06 GMT

GET
H2 200 charter_bold.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 11 KB
12 KB 63ms
14ms Font
binary/octet-stream 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=438545d00038fe8840b1209781ad4d2d-1615180561
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:03 GMT
last-modified: Fri, 25 Sep 2020 03:04:51 GMT
server: AmazonS3
x-amz-request-id: 03A09A05F9B00284
etag: "c4ced7adf03d84494a6c1da275896d38"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=424292
accept-ranges: bytes
content-length: 11472
x-amz-id-2: 7SgQOtE5DXd+yw+muGSpBKQgUFNdC0N34VLuVoyrpGsNX+GQQMChOOxitD5N1YsghRlU3RgeUFw=
expires: Sat, 13 Mar 2021 03:07:35 GMT

GET
H2 200 title-arrow.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 540 B
859 B 26ms
8ms Image
image/svg+xml 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow.svg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=438545d00038fe8840b1209781ad4d2d-1615180561
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:03 GMT
last-modified: Wed, 16 Sep 2020 23:56:43 GMT
server: AmazonS3
x-amz-request-id: 4R7K4V2MCP8N6R9R
etag: "4d7595f832e4962b83a9428c3723233b"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=176370
accept-ranges: bytes
content-length: 540
x-amz-id-2: yFp+J8podmJKYyKRfQ/R6sCdmNKmc7oSxu2WJJo8l7sTrFyLYOhTILB0ssSzjaQiADalzLa82Ug=
expires: Wed, 10 Mar 2021 06:15:33 GMT

GET
H/1.1 200
OK games.svg
news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/ 4 KB
5 KB 1123ms
294ms Image
image/svg+xml 52.95.128.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/games.svg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.128.2 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: e04775740ec8b9db7622970f707a9bf458ebb5385fc1d6a414312447f8e71ab7

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 08 Mar 2021 05:16:05 GMT
Last-Modified: Thu, 05 Nov 2020 03:40:33 GMT
Server: AmazonS3
x-amz-request-id: B6F81D6432C4D20C
ETag: "2fa79b1c302fa407df95b287a47e01bc"
Content-Type: image/svg+xml
x-amz-version-id: mY_fhaFXa9wAEjGJ51huxNeB77eQfnyv
Accept-Ranges: bytes
Content-Length: 4533
x-amz-id-2: FqNFSusRkg7ZuJKXDXbMd7gE3FPX04BEYGEaulvar2O2KVhhP1ZZdf1j/wI7WoG0iU6wEAlXMsE=

GET
H/1.1 200
OK horoscopes.svg
news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/ 9 KB
9 KB 1180ms
295ms Image
image/svg+xml 52.95.128.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/horoscopes.svg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.128.2 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 627f624619aff030ba3563ff816f50a9183c8875698ef101ae4da41346ea3b18

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 08 Mar 2021 05:16:05 GMT
Last-Modified: Thu, 05 Nov 2020 03:40:33 GMT
Server: AmazonS3
x-amz-request-id: 136C6D5F49917859
ETag: "e9dc4230a2305a0cb7743e2ade763349"
Content-Type: image/svg+xml
x-amz-version-id: NaxMYGcYiBqyljIpDSJQNqEzm8yfC62_
Accept-Ranges: bytes
Content-Length: 9223
x-amz-id-2: +6MG5a8Q4J45bi0PAtyhdyOYoZ4ANGVD0B5Zww3iGsKU6BvQfYRVB254p/88OBwasprTLvinN4s=

GET
H/1.1 200
OK NCHRS_thumb.jpg
s3-ap-southeast-2.amazonaws.com/t3-resources/prod/publications/smedia/NEWSCORPTITLES/ 24 KB
24 KB 1281ms
305ms Image
image/jpeg 52.95.132.207
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-ap-southeast-2.amazonaws.com/t3-resources/prod/publications/smedia/NEWSCORPTITLES/NCHRS_thumb.jpg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.207 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 75c7de0d84c08047b8cccae6b50ba49982047ace5fc728733af709b2d8ddd286

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 08 Mar 2021 05:16:06 GMT
Last-Modified: Sun, 07 Mar 2021 16:16:34 GMT
Server: AmazonS3
x-amz-request-id: 70064844F6C3D0AA
ETag: "f4668c23f3cdd5aadf97346335ca5faa"
x-amz-version-id: fGLLncSjKuYdZoLoqmGN9A1bFB88Y4Id
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 24135
x-amz-id-2: GGxj2QtkczzDEcbF/apaVr11tyvyPExLWzk8d67Vssppzkvaaj5LDTw8OHkzCj8gpaUCJ0WEtdU=
x-amz-meta-s3b-last-modified: 20210307T160516Z

GET
H2 200 heraldsun-white.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 8 KB
3 KB 18ms
17ms Image
image/svg+xml 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun-white.svg

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:03 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 2891
x-rq: ewr4 115 233 3111
last-modified: Fri, 06 Nov 2020 23:23:28 GMT
server: nginx
etag: W/"5fa5daf0-1e5e"
vary: User-Agent
content-type: image/svg+xml
cache-control: max-age=1340880
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Tue, 23 Mar 2021 17:44:03 GMT

GET
H2 200 js-critical-desktop.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 5 KB
2 KB 113ms
112ms Script
application/x-javascript 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

00e643efe7a5f076aeea9a01d1e6629ee3444d309217dc571db49c0325f9bb6c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:03 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 1865
x-rq: ewr4 113 203 3095
last-modified: Tue, 09 Feb 2021 21:37:55 GMT
server: nginx
etag: W/"602300b3-1216"
vary: User-Agent
content-type: application/x-javascript
cache-control: max-age=1
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Mon, 08 Mar 2021 05:16:04 GMT

GET
H2 200 title-arrow-white.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 535 B
856 B 8ms
8ms Image
image/svg+xml 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow-white.svg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=438545d00038fe8840b1209781ad4d2d-1615180561
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:03 GMT
last-modified: Thu, 17 Sep 2020 00:28:25 GMT
server: AmazonS3
x-amz-request-id: BX6X5G9GEK1G9M4M
etag: "b0f5ec7455ded53e84de4fee006a5110"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=573154
accept-ranges: bytes
content-length: 535
x-amz-id-2: DaJA+c3KcMZ/NSCnfYFtodFhl20AOf2rAAm9dMwdtqM4FPtgkxYVKxyt+50eW/YJb1+mPpYz97g=
expires: Sun, 14 Mar 2021 20:28:37 GMT

GET
H2 200 charter_regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 11 KB
11 KB 11ms
11ms Font
binary/octet-stream 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_regular.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=438545d00038fe8840b1209781ad4d2d-1615180561
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:03 GMT
last-modified: Fri, 25 Sep 2020 03:04:51 GMT
server: AmazonS3
x-amz-request-id: 4N2W2Y6HDY8Z3Q2W
etag: "29e85ea235248e0a7761df4fe6643e1a"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=465113
accept-ranges: bytes
content-length: 11372
x-amz-id-2: Z1HhaEEhR+4SW45rFV+SZJ/QiklrgDUhrbvWmFxzzpa1Kifm2MvbbI9Ateo09sYRHNLYlfgsmGM=
expires: Sat, 13 Mar 2021 14:27:56 GMT

GET
H2 200 load.js Show response
widget.perfectmarket.com/newscorpau-aud-heraldsun/ 3 KB
2 KB 45ms
10ms Script
application/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/newscorpau-aud-heraldsun/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c6b30be9e2ecab19294bbf313c1b95df4ef35c8299bbabfd6e4ec67d95a12376

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 7clDTlv1b9nqXkJZmi.ciVRIswky16L3
content-encoding: gzip
etag: "1a868d280f9424f5d82876d6cf0c46b9"
age: 107
x-cache: HIT, HIT
content-length: 1123
x-amz-id-2: eNlZtOICWO6KiOJdC+yZO0IKnmF1UQ4nDWJLggQEmUbac/AVNhqrBcs1iEuWeyEbd+D8TUAoLT0=
x-served-by: cache-sna10748-LGB, cache-fra19136-FRA
last-modified: Tue, 07 Apr 2020 10:39:09 GMT
server: AmazonS3
x-timer: S1615180564.003753,VS0,VE1
date: Mon, 08 Mar 2021 05:16:04 GMT
vary: Accept-Encoding,,
x-amz-request-id: 1B4A80E5B7FD8AB9
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 1

GET
H2 200 impl.20210303-1-RELEASE.js Show response
cdn.taboola.com/libtrc/ 470 KB
108 KB 7ms
6ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210303-1-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 6dd6937c4700ac40617632b7b4ade7cb36ea3dfe32c9c4c2b5b1a29b097ae6d6

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 3S4vQ6fV_cctpkhoZsXUWNQF.zCrpOD_
content-encoding: br
etag: "e6067d1035f2d0bb98ed150056250610"
age: 23055
x-cache: HIT
content-length: 110565
x-amz-id-2: 7fdt/gLkjOYtl+Jv22z9zy6TtLBBX9xdxWk+bagYzRJcyPScVcoz/KTtyWQ1xEnY1HqiYHgqKT8=
x-served-by: cache-hhn11563-HHN
last-modified: Wed, 03 Mar 2021 06:51:22 GMT
server: AmazonS3-br
x-timer: S1615180564.965207,VS0,VE0
date: Mon, 08 Mar 2021 05:16:03 GMT
vary: Accept-Encoding
x-amz-request-id: ZEBBNB6BWAPXHY0D
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 93
x-cache-hits: 19852

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 24ms
7ms Script
application/x-javascript 104.108.64.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.64.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-64-33.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 08 Mar 2021 05:16:03 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Tue, 09 Mar 2021 05:16:03 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1615180563988&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=ht...
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1615180563988&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=h...

0
528 B

17ms
17ms

Image
text/plain

104.108.64.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1615180563988&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9=&cs_ak_ss=1
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.64.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-64-33.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Mar 2021 05:16:04 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1615180563988&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Mon, 08 Mar 2021 05:16:03 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rampart.js Show response
www.heraldsun.com.au/remote/identity/rampart/latest/ 249 KB
77 KB 61ms
61ms Script
application/x-javascript 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

fe7bcc1f592c41746b64164abd5ca1d42487ae98359be863ee955ac955f57305

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: AkamaiNetStorage
etag: "6022e8386a96714b67e64bfeeb38ce90:1613538852.659337"
vary: User-Agent, Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1684
date: Mon, 08 Mar 2021 05:16:04 GMT
is-https: true
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Mon, 08 Mar 2021 05:44:08 GMT

GET
H2 200 js-metro-desktop-lazy.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 45 KB
15 KB 181ms
180ms Script
application/x-javascript 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

b4e7bab4b62bae4aafc76989104f2bf7ca8671638163d5698fbc8654006025e4

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:04 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 14247
x-rq: ewr4 118 150 3081
last-modified: Wed, 24 Feb 2021 03:49:57 GMT
server: nginx
etag: W/"6035cce5-b47e"
vary: User-Agent
content-type: application/x-javascript
cache-control: max-age=1
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Mon, 08 Mar 2021 05:16:05 GMT

GET
H2 200 js-weather.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 6 KB
2 KB 121ms
120ms Script
application/x-javascript 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-weather.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

2e49c0863664e2feca9ee0b1da20a079fd9a2dd3c70d7653463349fa6ea7ac57

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:04 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 1896
x-rq: ewr4 116 88 3241
last-modified: Wed, 24 Feb 2021 03:49:48 GMT
server: nginx
etag: W/"6035ccdc-176e"
vary: User-Agent
content-type: application/x-javascript
cache-control: max-age=16
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Mon, 08 Mar 2021 05:16:20 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.6.3/css/ 52 KB
13 KB 23ms
6ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:04 GMT
content-encoding: gzip
last-modified: Thu, 20 Dec 2018 17:45:13 GMT
server: NetDNA-cache/2.2
etag: W/"dc93d584e41f8417f6b7163320d34329"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 json Show response
trc.taboola.com/newscorpau-aud-heraldsun/trc/3/ 3 KB
2 KB 208ms
192ms XHR
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/newscorpau-aud-heraldsun/trc/3/json?tim=06%3A16%3A04.024&lti=deflated&data=%7B%22id%22%3A896%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1614865193977%2C%22vi%22%3A1615180564022%2C%22cv%22%3A%2220210303-1-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A10650%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-midrail-native%3Aabp%3D0%22%2C%22uip%22%3A%22Desktop%20Mid%20Rail%20Home%20Native%22%2C%22orig_uip%22%3A%22Desktop%20Mid%20Rail%20Home%20Native%22%2C%22cd%22%3A1478.109375%2C%22mw%22%3A194%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210303-1-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 495626cc0acb26bfd87d6f78ec83a176357ff6eb44674d47ad0101b7c25d70bb

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 186
date: Mon, 08 Mar 2021 05:16:04 GMT
content-encoding: gzip
server: nginx
x-timer: S1615180564.044923,VS0,VE186
x-served-by: cache-fra19149-FRA
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.heraldsun.com.au
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 pmk-202003261.4.js Show response
widget.perfectmarket.com/newscorpau-aud-heraldsun/ 111 KB
30 KB 11ms
10ms Script
application/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/newscorpau-aud-heraldsun/pmk-202003261.4.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/newscorpau-aud-heraldsun/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f6f9b28ce46bc46d6dc12b7a3e09437e46b159144cf7ea835cfd4702cad05ad8

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: vvUnpxiCp2d1vGKAsSzC893juA9_vk_J
content-encoding: gzip
etag: "b7fcedf037c57085d364b689ca46f32e"
age: 2285276
x-cache: HIT, HIT
content-length: 30954
x-amz-id-2: ycBUWa76q9RmK2ziYk2ZJp2pLI1TKcRGeI0s7k5IX6ajNoyOpNDzxvHBdhuuoY75rkDyyCIPAhk=
x-served-by: cache-sna10744-LGB, cache-fra19136-FRA
last-modified: Tue, 07 Apr 2020 10:39:09 GMT
server: AmazonS3
x-timer: S1615180564.047246,VS0,VE0
date: Mon, 08 Mar 2021 05:16:04 GMT
vary: Accept-Encoding,,
x-amz-request-id: 0678DC504368DB25
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 2

GET
H2 200 authorize Show response
login.newscorpaustralia.com/ Frame 5D2F 2 KB
3 KB 432ms
393ms Document
text/html 104.108.60.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=7OQwEBdDRi6XR4XQgR1auZCOirbKpETa&nonce=y-0S8hAA-fTbnXeXBPq7IuNiHcfFib3F&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4zIn0%3D

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.108.60.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-60-35.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

e831b990e99ee246fa3bcac65989f1c1435cd7850565876421fa46a8696b80d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: login.newscorpaustralia.com
:scheme: https
:path: /authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=7OQwEBdDRi6XR4XQgR1auZCOirbKpETa&nonce=y-0S8hAA-fTbnXeXBPq7IuNiHcfFib3F&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4zIn0%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

content-type: text/html;charset=UTF-8
cf-ray: 62c996de4db30f66-MXP
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
cf-request-id: 08b1dc9ee900000f66f537d000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id: 62c996de4db30f66
ot-tracer-sampled: true
ot-tracer-spanid: 005f47b27bdfafeb
ot-tracer-traceid: 56741c2b71b2a323
x-auth0-requestid: 10a253a6c46de3922ee7
x-content-type-options: nosniff
x-ratelimit-limit: 1000
x-ratelimit-remaining: 998
x-ratelimit-reset: 1615180565
server: cloudflare
content-encoding: gzip
x-akamai-transformed: 9 536 0 pmb=mTOE,3
expires: Mon, 08 Mar 2021 05:16:04 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 08 Mar 2021 05:16:04 GMT
content-length: 843
vary: Accept-Encoding
set-cookie: __cfduid=df12f0981b3b329b2d95819d5696ea80d1615180564; expires=Wed, 07-Apr-21 05:16:04 GMT; path=/; domain=.au.auth0.com; HttpOnly; SameSite=Lax; Secure did=s%3Av0%3A61600cc0-7fcd-11eb-af7b-2515ca5c400e.e8RiFmUA6kqIxpoX5QdmbWTZk3ou29cyBDX2a%2FqSAf4; Max-Age=31557600; Path=/; Expires=Tue, 08 Mar 2022 11:16:04 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A61600cc0-7fcd-11eb-af7b-2515ca5c400e.e8RiFmUA6kqIxpoX5QdmbWTZk3ou29cyBDX2a%2FqSAf4; Max-Age=31557600; Path=/; Expires=Tue, 08 Mar 2022 11:16:04 GMT; HttpOnly; Secure ak_bmsc=4D1BD0CFB2D9AE060DF9B4E3F179903548F7B2D6FA57000014B3456069267A72~plHPuUYbtIp2EZflnpXV8uEeGMOokapmUFmO/0h10b/5VT/yThLC/HN66GRCHqM9Z1cYip4CnRuwdvywquh50W8w94MXqj1X8YWtVS45CwvVM1cLnhTactBYQAK/FkVRROhFC/x3C3Z5ikk0XxTd4HcihL6omut8M2sGmZHqmtwVSwPlKiGHTz4ONj0AyyHc1Ak2rQshXyPm8dtNlhULFGfP3VlY7WTH4cm+XZK8MELGbT+0bApIlvdG+wGLsk1Lm6; expires=Mon, 08 Mar 2021 07:16:04 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=21E629BA817DA8309C535E8C9787A59F~zhuwY+b8I6cryy3XUh11bb6RgTiFvggx4rSa8WXsV6j4I7CNl9dtw+xD4Rs7inAA5JQN86fmwPto88eXBhEthrWJBL7qsPpRy1AG4wFlucpU4RderKEINcvt2RbIw58qkXuyW+a6u0ZiJIM5VpLbxZZ7ITH28LOcE3Ql5rzb1ubBmyZlyu1iuiVIH3Tq9CbvBLfDfR0n5LSyRTej0hWOnaG/EAII1uyfP4FM3XI91+WmoKuatbsyfQtwNeiFhpXg; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=E056379FB16BDCF58E170EFDC4EAFE76~YAAQ1rL3SLkV7g14AQAAVohDEAtVgRlaMm1RD0CPQH8hK8AptEdIa3IwfBAoUYIu+v0xTaoAViNZR7hbAbuomS3pFUzXrTjoFZPdY1CRTQU5wNQW3vMD89SRDiJTRdWd3eMYzyj5tB9+kic/6kHw1Hc7SpbB+D6sgC7u+w7F9A0sOokisKAI35BPKtgLwjWBpA8eB9Zc31slLyM=; Domain=.newscorpaustralia.com; Path=/; Expires=Mon, 08 Mar 2021 09:16:04 GMT; Max-Age=14400; HttpOnly _abck=6229B84278F3D9810AA198C655FB34FB~-1~YAAQ1rL3SLoV7g14AQAAVohDEAXL/eOPSY9FerS8Jii63l3lmLizV9ErInxG7FcXtjMne1GT70f5NHZCuNsemybGgHrWr59LJ849qGKO7wNZLGEH0b+Hasy8WziKYQsPWWuv21hraBnQ1Qc2PB7JeYSSq60dzMA4BbjQ6jvRe2WrU3we04LvZO1MLV62B+aNdVsSKwHO7Eju8pK5+hSexmPKutrPj5sVoU5Hi7MjT7+0RfdasAoNpOUA6xNkhWUR/DxVBlq9B/QrIIPzCaSrxmcVnGpQ8XMbXKsLb+p/AjrhGvPgUP+pQhYZCymmk3VOjLJyplkkgmf/bF79uijH0b2hP7MA79HteGMrYHDyciLivkCyGGdAKpGcHezus6NzlRpgqUUCJA==~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Tue, 08 Mar 2022 05:16:04 GMT; Max-Age=31536000; Secure

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 3 KB
1 KB 33ms
14ms Script
application/x-javascript 184.24.9.204
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.sync.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.9.204 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-9-204.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 34d7e05910aac6f533cb31a9dffc4e37213c93c3b90a545b4f3bcedea3e6d03c

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:04 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 00:59:52 GMT
server: AkamaiNetStorage
etag: "32dbeac6f93a14f6e0b28daba07aa294:1607993992.778839"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 1235
expires: Mon, 08 Mar 2021 05:21:04 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 70 KB
19 KB 36ms
18ms Script
application/x-javascript 184.24.9.204
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.9.204 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-9-204.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 37839f90f9c430af4b063874e26d8986b8ceb01ebcdad7eedb4977c833116693

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:04 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 00:59:52 GMT
server: AkamaiNetStorage
etag: "59bda7243b0fc7e08ca82d70f35e8dbe:1607993992.156774"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 18842
expires: Mon, 08 Mar 2021 05:21:04 GMT

GET
H2 200 indies-loader.js Show response
ts2020-indies-client.web.app/ 7 KB
3 KB 32ms
10ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://ts2020-indies-client.web.app/indies-loader.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1136fd8d6ff6f21847aab9abfab903a5a0e2f26a6f621f34af563def44ceb81c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
last-modified: Thu, 17 Sep 2020 07:41:38 GMT
x-timer: S1615180564.166358,VS0,VE0
etag: "16a0649956d88d08059c392d3f4b3b1b1b6ee7a364d1e3444626bf6439417ed3-br"
x-served-by: cache-fra19145-FRA
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Mon, 08 Mar 2021 05:16:04 GMT
accept-ranges: bytes
content-length: 2338
x-cache-hits: 2

GET
H2 200 js-c3po-bundle.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 139 KB
32 KB 132ms
131ms Script
application/x-javascript 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-c3po-bundle.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

71e04fd0522c91e2a30cbca7835e1c063930abc885e8d1c69fb7bc48ae643934

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:04 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 32171
x-rq: ewr4 113 43 3218
last-modified: Mon, 08 Mar 2021 04:05:10 GMT
server: nginx
etag: W/"6045a276-22aa3"
vary: User-Agent
content-type: application/x-javascript
cache-control: max-age=34
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Mon, 08 Mar 2021 05:16:38 GMT

GET
H2 200 js-vidora-client.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 6 KB
3 KB 140ms
139ms Script
application/x-javascript 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

00344f0a12335ead13e3327151a920767f84543e117a63cebfc6dbdaf6e99de3

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:04 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 2882
x-rq: ewr4 113 203 3271
last-modified: Thu, 28 Jan 2021 04:26:44 GMT
server: nginx
etag: W/"60123d04-19e5"
vary: User-Agent
content-type: application/x-javascript
cache-control: max-age=1
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Mon, 08 Mar 2021 05:16:05 GMT

GET
H2 200 authorize Show response
login.newscorpaustralia.com/ Frame 52A9 2 KB
3 KB 388ms
388ms Document
text/html 104.108.60.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=rkaZywvpUsyuBf6KopEtIxt_T81lGXkf&nonce=ZUVvyGGVNeioeAJ31c4rhPYtFQbM9_3H&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4zIn0%3D

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.108.60.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-60-35.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

f0cd947c8a99251e6733f8e69f8cdee94d49521522d54f19e350b236f2ca94af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: login.newscorpaustralia.com
:scheme: https
:path: /authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=rkaZywvpUsyuBf6KopEtIxt_T81lGXkf&nonce=ZUVvyGGVNeioeAJ31c4rhPYtFQbM9_3H&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4zIn0%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

content-type: text/html;charset=UTF-8
cf-ray: 62c996de5841d61c-MXP
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
cf-request-id: 08b1dc9ef20000d61c2fa2a000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id: 62c996de5841d61c
ot-tracer-sampled: true
ot-tracer-spanid: 59b4eaaf355fc40c
ot-tracer-traceid: 67d6ec25696643c4
x-auth0-requestid: 8928111d1744d72c4ea4
x-content-type-options: nosniff
x-ratelimit-limit: 1000
x-ratelimit-remaining: 998
x-ratelimit-reset: 1615180565
server: cloudflare
content-encoding: gzip
x-akamai-transformed: 9 570 0 pmb=mTOE,3
expires: Mon, 08 Mar 2021 05:16:04 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 08 Mar 2021 05:16:04 GMT
content-length: 844
vary: Accept-Encoding
set-cookie: __cfduid=d8da4ccf46e00ac94854640bb8702a0c81615180564; expires=Wed, 07-Apr-21 05:16:04 GMT; path=/; domain=.au.auth0.com; HttpOnly; SameSite=Lax; Secure did=s%3Av0%3A6161e180-7fcd-11eb-bf7b-75a6c4863794.Oiyw1XWA7QGUOqgihYPp9EMTGeaBCeuCe415F3xNfSA; Max-Age=31557600; Path=/; Expires=Tue, 08 Mar 2022 11:16:04 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A6161e180-7fcd-11eb-bf7b-75a6c4863794.Oiyw1XWA7QGUOqgihYPp9EMTGeaBCeuCe415F3xNfSA; Max-Age=31557600; Path=/; Expires=Tue, 08 Mar 2022 11:16:04 GMT; HttpOnly; Secure ak_bmsc=275AEBBED6A4423C536E1844FECDCE8948F7B2D6FA57000014B3456040FEAF76~plTxz+QueU9dr/q/HSWjlE4tYxGZ/02212/PGr1EJbXXHyr9dQZ/ljXFZERzbNPtzHGDxWlLyb+5O4FA35FKYuvbFjKhAxmi+O7ujcaCDQNJXM4dz4Dj4iXsa8wxU2Tpmr3kgp/fQmLc2haqEIi0WsW+Vm6dUGyDJPE2pU47c2M5GuGMqrLvUygTMXs/1NsF9QKcEnMYRA89eVnGwgF0e5lZ08Mc9p9GZh76FXNwFCuDGIZ3BZJhRpUx+eD99O85uS; expires=Mon, 08 Mar 2021 07:16:04 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=CEC30719866D75588F84A63F3EB8530A~zhuwY+b8I6cryy3XUh11bUeMaz0O0/sfqKkYpXqNEXMHUobSTlAURgEi8RIFagHa0uVRIiLs/5yq0OxuBGmzPO/Cm76O7EtLkTCeVI3KWGJhkL2Gn7guixeTtejR2KyiJgmxZGLaXuKNvnDQBFkDZ3JstjQN1ZSrY4unio31qK5YhXsNNXFYXVyec51ArU4gyGmA8o7XVxrhVq8CabxZ3+oO7o8mEm/wRERiHfmFhVTvhsWHAbnjgbxmcV8T+ND6; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=A1C11AE85F00CA56B8F7F8C4483656E2~YAAQ1rL3SLcV7g14AQAAVohDEAtj08R9DKUs1Xs4/o96K0atfAm1JcldBgPb4rsnHzvMsYO/GLnDoS/giVwkdHoNReoxIbGPcRZa9izPbRRrW1lfr33EpHZ/blmiyd1h8AMAR2lsRfD7N1SlLH3XxXKtiD5nAEUGAiNvDuAKMZqcIn31BN8xsrzjbZ223M87dZJn0nOu9uxBIQ==; Domain=.newscorpaustralia.com; Path=/; Expires=Mon, 08 Mar 2021 09:16:04 GMT; Max-Age=14400; HttpOnly _abck=D3C1687CEB80D37743F4E5E3E7770718~-1~YAAQ1rL3SLgV7g14AQAAVohDEAVxCpI/sALquoV5ZiY1TsqMqtAD2soKh+UxuZY2V5kNxSI69gakSZIzvmuQka2f0otkfZX6uu0JSR31vr5MyjNShcGzxaSLXhbXLcHB39hx1ZDhFMhLKgkzNcGYab1Wf06xv8ptgfaHFHxdQn6QSOS3KCxRjSVRxrfHpebpjwCxSIvUoAN+Rj0OxLMGo9+itiZQThFrwEPOus2PXR+z+eneIw2pusdtY7fx1TI61MimyEoPWtI67ch5wjgQUC9iStwJsWeO216yZTM9DrCBS1ccno7+9lKgnZuIQgSBjddA5fgn1h8yZBSjild+yRk4cYu//Pr7xCHEV855BJLX04n03pveu/s9oiQNDc6yaYEA6RHM1A==~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Tue, 08 Mar 2022 05:16:04 GMT; Max-Age=31536000; Secure

GET
H2 200 authorize Show response
login.newscorpaustralia.com/ Frame 37F4 2 KB
3 KB 380ms
380ms Document
text/html 104.108.60.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=ipYpZ.~Uta_VVX2k1kHcyu4GL6Atukd_&nonce=6v5kjDS1S8j6VeGOTogLbV-rgSQbrIR1&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4zIn0%3D

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.108.60.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-60-35.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

009fb91f4a5075ec0884093d5e45585412822d0247e99ecf233a9f2041cd757e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: login.newscorpaustralia.com
:scheme: https
:path: /authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=ipYpZ.~Uta_VVX2k1kHcyu4GL6Atukd_&nonce=6v5kjDS1S8j6VeGOTogLbV-rgSQbrIR1&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4zIn0%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

content-type: text/html;charset=UTF-8
cf-ray: 62c996de4873d610-MXP
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
cf-request-id: 08b1dc9ef00000d610972f6000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id: 62c996de4873d610
ot-tracer-sampled: true
ot-tracer-spanid: 24b6153850472eaf
ot-tracer-traceid: 64bf5ff123e19663
x-auth0-requestid: 0c187d976e47a065a334
x-content-type-options: nosniff
x-ratelimit-limit: 1000
x-ratelimit-remaining: 999
x-ratelimit-reset: 1615180565
server: cloudflare
content-encoding: gzip
x-akamai-transformed: 9 537 0 pmb=mTOE,3
expires: Mon, 08 Mar 2021 05:16:04 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 08 Mar 2021 05:16:04 GMT
content-length: 845
vary: Accept-Encoding
set-cookie: __cfduid=d06ba3d7b3c56de07ccd0ce0b42f971401615180564; expires=Wed, 07-Apr-21 05:16:04 GMT; path=/; domain=.au.auth0.com; HttpOnly; SameSite=Lax; Secure did=s%3Av0%3A6164c7b0-7fcd-11eb-95be-fd8ce91a1efa.l%2BtIZqiaxs6dtNNblxiCUWwKDW901ztvOIwpw2ikim8; Max-Age=31557600; Path=/; Expires=Tue, 08 Mar 2022 11:16:04 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A6164c7b0-7fcd-11eb-95be-fd8ce91a1efa.l%2BtIZqiaxs6dtNNblxiCUWwKDW901ztvOIwpw2ikim8; Max-Age=31557600; Path=/; Expires=Tue, 08 Mar 2022 11:16:04 GMT; HttpOnly; Secure ak_bmsc=DDE888CE29C679C8E1906CC9E497558248F7B2D6FA57000014B345603AB1596D~plT8x28Xtov2ESZyB0hWrwRTxtyMSEoLqZEbMc528bPZNpfuWtBRdyb4PyorxWzn6iYACvM534VzM81/G8A+qudfAAL9Sg9AhU8A6nOXaL1pnfhT8qmnRbQY1Cj8E9w/OK5ZnxYQCUG0QU5UrFod5RLIisH5vaq0JxjCTStvUrmuTW2VAfrZrDhi0uD3xCtr7JpzsCLVK8ROh+Ivz0LU0qTVmi9wHfbE4fR7L03VD/J3Bv/DIAJ/sjy0lGHWaoIb6Z; expires=Mon, 08 Mar 2021 07:16:04 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=BA510B3B8F9372E6DB6623F9C7228987~zhuwY+b8I6cryy3XUh11bTQW7XW3w4LwtzVtQaSCqLPBCK9MwM3KJuLdJS7s6hlu0Rh7rKEJ5Z9EHN6IWDBR2g6OLOLXT7sUlP+lK9oKVee5S1uEWJwDjd/bC9kOK620alcQoX4Slrfagz9MTd7K2qqOkPKylUuDUxTZow2Z0dP/wmvLcD2n+/9DSAEzCwOuyh9t2PHpF/0xJYD+Ph80/RQh1Bzz8+qajKDHYeJJk/v/ts21XO654HQ+i63GKO2S; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=C36A849644BDB24F49128A49F527869B~YAAQ1rL3SLsV7g14AQAAV4hDEAu90ltMQpXnEZ0DnNm2HdRE9LXuoqA2lSRcn3WxniAWjLgQeKmaFKjObFGm4ykAsKXzyAPNX9qTt2USbbHFKAglUyW3UgCIKuckw+f9KTcLOjcWHM4VeTWriiKsGHfa/ov9o8VDnE5ooGkGXEmW66qnU/TKjPWs3DtqeFqXe15t44mkIE3VLbU=; Domain=.newscorpaustralia.com; Path=/; Expires=Mon, 08 Mar 2021 09:16:04 GMT; Max-Age=14400; HttpOnly _abck=C6CE836AF3DF2D589D4802742D0B4028~-1~YAAQ1rL3SLwV7g14AQAAV4hDEAVKjmOma5mQWbTeVQ14i9qgNV9rJwHtHsid6Riru2mdsrLg1DYThgEDwtC9l+k5JL/NTXB3WQ0ggwDEr3C2hjF5f0DAnwUqqSQivv1BfczTHmE2LEsMpqmUuyl+/b2mGUy9odFcDGEFxzxTygBS3GJiHD9kpu1UJv0/RRsT9tXJLA/bfiLWdKEaJQninv5HNDIp1fl1c50H1wg996gLBOs6gaJUURpZCDvD/nkXjwVbOTPG6zA49idEmVwM9OWUIrFSO2Pv4NK74qJQqB2moLa6o7xh0Wt8sMZ6jm9Dus0Fx6rKeih6zAAoSeKJfbV0QdhBdUqTVvnL5bbz581R+/54FoW2Phd8q/BAzWjrn/NV+0vsfQ==~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Tue, 08 Mar 2022 05:16:04 GMT; Max-Age=31536000; Secure

GET
H2 200 utrack.js Show response
tags.news.com.au/prod/utrack/ 2 KB
1 KB 11ms
11ms Script
application/x-javascript 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/utrack/utrack.js?cb=16151805641940.4350690433622997
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c1dc3cfad3f3b95151a0d26208e45c2119aa8e5440a4f076f7c999f7810fb222

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:04 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "ab4f3fe7c5c43b61d4377ef72d3952fa:1558613430"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=0, no-cache, no-store
content-type: application/x-javascript
content-length: 836
expires: Mon, 08 Mar 2021 05:16:04 GMT

GET
H2 200 mitas.js Show response
tags.news.com.au/prod/mitas/ 666 B
905 B 8ms
8ms Script
application/x-javascript 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/mitas/mitas.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:04 GMT
cache-control: max-age=83463
server: AkamaiNetStorage
content-type: application/x-javascript
etag: "83a2bbd4d3829f1d4278f4ff0988804c:1490850995"
content-length: 666
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"

GET
H2 200 B7670439;dcadv=4149947;sz=1x2;ord=927606849604.2622 Show response
ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/ 17 KB
7 KB 54ms
28ms Script
text/javascript 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=927606849604.2622?

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

595a1e280582bf8f57914d0a9be4e1bbae91f272bebcd6576bc895f7a65c3825

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6036
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 comments-count Show response
mhr.talk.news.com.au/api/v1/ 2 KB
1 KB 30ms
7ms Fetch
application/json 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mhr.talk.news.com.au/api/v1/comments-count?ids=4496313afa5ce0a6738253f656ecc477,3ff3b0c9f2d24f81b97fd70e44818f90,5f6ae4a2eca412c7b26b350f26f4147e,b52787408f471cfd6b9ad697570d2809,b3eb7631bc9dc3b4244c196cf9fd57c6,e969feeb19c0197bf39370af9f5baebe,ae112e4e46c4d10af27164935391887c,c8dd89e916b446648d75bcee95964e16,fe4bd8fa12c0406faed9abb5c8cb6aef,6bbd3e465ef5ee1b0a891f581fb10bc7,91462e6de1736750a435d5120f7dd30f,96e1823f4c94c5ae585bbfbf91d6480a,792037e44d6e00cdff8889762d32396a,6851d02ec3bd5279a6848ab79e247112,df97a2dbcec86185cf9c5e04b6ea61ba,ea3b924207368b836bbd5179ff3b9a71,4bbb1582067f15d9e6ef51c2c5590404,854ecc0f7feeae7c25f2b418a8f07d34,ff3859d5e8fe821658d870a6242bf4f8,4fcc6671fea5264d669dfb28e15625e7,b8fa8e132d7193d0a309cd8ea7a43a23,46d2e6773918bb227140dfcc5e470967,e2241c3038e4ffbe5502cf9b3561cd2f,75b3bdbf841bcafc2cebe4df94629bf7,6e0b066e2b50cf6b7aaf630e9a5329b0,114dcc5437cb24905870e2adfb7ae95d,1af9f4b01709ce9ebd1dc115a6bc643c,7c2a4895189e9924699781a68f35144b,fb75c023bc39bcbd855841c73a55b46d,891c1f8cc920ccbdd65d07c9287db1d8,553c5e6f591eacb4a9e3441b3668b6f4,1652b2f366fca1e2a7ffc9d0327ac9c2,5569c69a7b67d16ab8b8ebb3c442d5fe,92469c9d3002b476508effe5e8b90749,aead9122598a54cc2952cb2d1df35390,28214be388713f1234d56db0606ba7dc,8739f37875149c3190bd273e870ea8e8,adce8075e79be7c12ef43c7e2e0dc6c4,0ab4c0f5da5e7eb1f74466353f5ea183,357b8ca4302b50d1c208d52f1ff7fadc,cb12629424ba86fea136598c8c0d39e4,42b994f5b326826df133e6e81fe518da

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx/1.16.1 /

Resource Hash

624a83e486577c1c436ed5a738d99c8ae222085f5e71b776c72174243f104a85

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.16.1
etag: W/"630-bmMx2BhPSqNJgqPuic21YnghkyE"
x-download-options: noopen
x-dns-prefetch-control: off
content-type: application/json; charset=utf-8
access-control-allow-origin: *
date: Mon, 08 Mar 2021 05:16:04 GMT
x-talk-trace-id: 22251190-7fcd-11eb-bfc3-9ff5cdc8c649
vary: Accept-Encoding
content-length: 895
x-xss-protection: 1; mode=block

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 69 KB
23 KB 86ms
29ms Script
application/x-javascript 2600:9000:20d7:6000:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20d7:6000:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: d5cf5fd859bb5721d9be0446a12f5b3b69386d5bf1c6a4f5a9de89d34f3ddba1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 01:54:18 GMT
content-encoding: gzip
last-modified: Thu, 28 Jan 2021 02:14:19 GMT
server: nginx
age: 12106
etag: W/"60121dfb-11304"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 e7ac510e4ba21d85d8aee7d252b283a9.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: ZAG50-C1
x-amz-cf-id: VJnDoNjDtrP4I_ZvWYm7GKxiq0ipw5B5fatkVVbAecBidQ1_nsH0Pg==
expires: Tue, 09 Mar 2021 01:54:18 GMT

GET
H2 200 metrics.js Show response
tags.news.com.au/prod/metrics/ 177 KB
61 KB 21ms
21ms Script
application/x-javascript 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/metrics/metrics.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e53e984a14ce0011d32ab5a28e9bd9e83d2d16be2dd3467517439fbf815dbe69

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:04 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "8197ed73960eee8dec1cb075d6480256:1614658074.219103"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=30609
content-type: application/x-javascript

GET
H2 200 tad.js Show response
tags.news.com.au/prod/tad/ 99 KB
29 KB 14ms
13ms Script
application/x-javascript 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/tad/tad.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8984385958edc733f9d31c24a0d520f7ec2d30374716921e57beca558224d867

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:04 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "d1ba8651bb5f944fe02b0d66287c3499:1613428883.883793"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=46032
content-type: application/x-javascript
content-length: 29434

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 57 KB
20 KB 44ms
13ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

e94f4426e2a0165d50a9b25f375357ef06922ad522ca096a5ed3f83efd5b4e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "805 / 289 of 1000 / last-modified: 1614985848"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19735
x-xss-protection: 0
expires: Mon, 08 Mar 2021 05:16:04 GMT

GET
H2 200 prebid.js Show response
tags.news.com.au/prod/prebid/ 369 KB
110 KB 28ms
28ms Script
application/x-javascript 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/prebid/prebid.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 41268fc4402bc88b16329c06e5dd352b4f29f25041d397f9f4481d6d73ac52a0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:04 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "d967f928ea0c1649109e6681867d917d:1614652656.838437"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=25104
content-type: application/x-javascript

GET
H2 200 nielsen.js Show response
tags.news.com.au/prod/nielsen/ 21 KB
9 KB 11ms
9ms Script
application/x-javascript 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ebaf330ad588600b4b748410b4f77f3cd9c4abc18e3a240156bc6ac9814cf896

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:04 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "25edec9c399349e0480c59ebca3d0a23:1607918432.510353"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=78028
content-type: application/x-javascript
content-length: 8648

GET
H2

200

v60.js Show response
cdn-gl.imrworldwide.com/
Redirect Chain

https://secure-gl.imrworldwide.com/v60.js
https://cdn-gl.imrworldwide.com/v60.js

21 KB
7 KB

97ms
33ms

Script
application/javascript

2600:9000:20d7:5200:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/v60.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20d7:5200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 75481bc06d1b02e50fd1cc921a7838e3af6caa9b8c0745b50182ebf29f195e20

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: .KrDWJ6YcsmnfI6j8sx8eWw9CjCealBE
content-encoding: gzip
etag: W/"cc7339d315e5ab16597dd66d153a0e7e"
last-modified: Mon, 12 Oct 2020 13:35:53 GMT
server: AmazonS3
age: 82806
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 76991fdca074ecae847653e013587ff8.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Sun, 07 Mar 2021 06:15:58 GMT
x-amz-cf-pop: ZAG50-C1
x-amz-cf-id: aD-MFg7xLrW6L9Vam7gQZ9xB6hqABvVk3LZFYeDSVwLfYGq17_xUSA==

Redirect headers

date: Mon, 08 Mar 2021 05:16:04 GMT
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
server: awselb/2.0
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
content-type: text/html
location: https://cdn-gl.imrworldwide.com:443/v60.js
content-length: 134
x-amz-cf-id: 459lgwuRdbFrgTwOPjN_0FHD7J6Ecv20Vt49hfAFuvfncpR1VtvmjA==

GET
H/1.1 200
OK ncg.js Show response
au.tags.newscgp.com/prod/ncg/ 155 KB
48 KB 112ms
32ms Script
text/javascript 65.9.187.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.187.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 89868194e8809928df37974211d2477ad0723d6aee71386fb438b3e939eb5bce

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 08 Mar 2021 04:42:51 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 16 Dec 2020 00:19:19 GMT
Server: AmazonS3
Age: 2104
ETag: W/"a0ed145148d17426a72696cecfa585ae"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 6e67f1ea42d4e5ff9c87cf2624025a28.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
Transfer-Encoding: chunked
X-Amz-Cf-Pop: ZAG50-C1
X-Amz-Cf-Id: KbolNRGZv1_Ye1P0Fa24BIpwxAlUQfsrK-XT10EAMSXS4SpXKPF48w==

GET
H2 200 utag.985.js Show response
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 2 KB
1 KB 8ms
8ms Script
application/x-javascript 184.24.9.204
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.985.js?utv=ut4.46.201911200449
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.9.204 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-9-204.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d5ba954163b526260314b95b75779981e8bc6645c4b3a7bd40cede3ba2799c80

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:04 GMT
content-encoding: gzip
last-modified: Wed, 20 Nov 2019 04:49:47 GMT
server: AkamaiNetStorage
etag: "a2af0d00bb0e150c0e6e47d44b9436d7:1574225387.905732"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 900
expires: Tue, 23 Mar 2021 05:16:04 GMT

GET
H2 200 cc872dfc54b0d7a6c22b440857bbcb96
content.api.news/v3/images/bin/ 4 KB
5 KB 19ms
19ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/cc872dfc54b0d7a6c22b440857bbcb96?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: d368324b83fc24ffbd2d8c8fbde402f5636178f9725b400dcfd2e40eac0585c2

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag: cc872dfc54b0d7a6c22b440857bbcb96
date: Mon, 08 Mar 2021 05:16:04 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 715ec4e11b4688fc4d1dae94ed901e0d-cc872dfc54b0d7a6c22b440857bbcb96-150
x-serial: 91
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5173539
last-modified: Mon, 08 Mar 2021 02:22:14 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 4477
expires: Fri, 07 May 2021 02:21:43 GMT

GET
H2 200 c8ef32faacdd5e338f900f383b21780d
content.api.news/v3/images/bin/ 9 KB
10 KB 29ms
29ms Image
image/webp 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/c8ef32faacdd5e338f900f383b21780d?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: e82c5192eb8fcbd23a6aeda613780e56d460913f57548f987edb49e70aa350dd

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag: c8ef32faacdd5e338f900f383b21780d
date: Mon, 08 Mar 2021 05:16:04 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 4c2ef30b309e40bf1592d06dcc77ecb3-c8ef32faacdd5e338f900f383b21780d-150
x-serial: 1343
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5173582
last-modified: Mon, 08 Mar 2021 02:21:48 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 9410
expires: Fri, 07 May 2021 02:22:26 GMT

GET
H2 200 1651f36997516a773e2749e37369d69b
content.api.news/v3/images/bin/ 6 KB
7 KB 19ms
18ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/1651f36997516a773e2749e37369d69b?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 7d1aacd4a9b86c4f956219e1f4943eee38fde67b0077bb01f98255f28031d6d8

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag: 1651f36997516a773e2749e37369d69b
date: Mon, 08 Mar 2021 05:16:04 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 13446ca7837083423fa027d19793df2e-1651f36997516a773e2749e37369d69b-150
x-serial: 1654
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5173615
last-modified: Mon, 08 Mar 2021 02:21:50 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 6515
expires: Fri, 07 May 2021 02:22:59 GMT

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ 13 KB
4 KB 9ms
6ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210303-1-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5df44de896d25576e570ac24051479b357cde2e4786c72fb7dad521ad2f531f4

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: N1vqc1ua2vRcwDPanmfC_5JX.Is4VuJf
content-encoding: gzip
etag: "a0644a48c475235e8cee44daad7d08f7"
age: 27571
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4320
x-amz-id-2: 2KXZXhkbGLoKVjkJldpIPXsY5We7cnreAyydvR4JYDuSVaoeXUT2W6+525TRZ025JIgdFaqjeg4=
x-served-by: cache-hhn11563-HHN
last-modified: Mon, 01 Mar 2021 13:36:16 GMT
server: AmazonS3
x-timer: S1615180564.285153,VS0,VE0
date: Mon, 08 Mar 2021 05:16:04 GMT
vary: Accept-Encoding
x-amz-request-id: B59EC2C6A082C5B6
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 18
x-cache-hits: 153058

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 3 KB
1 KB 8ms
6ms Stylesheet
text/css 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210303-1-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b57eca495e606d6a5b71d039f54b48f95b24ecfab0e885f0834df9647988211f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: wesQ.pLLtqiqMPOAo87CHMJBm6LJzidh
content-encoding: gzip
etag: "a13f67361cd19b638bb3083cf688d732"
age: 18681
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 748
x-amz-id-2: d9sTKfwYmrIxTcoVpriY4wrlu6eOUvKWrrpl65qsiLwWDWQW/Ptp5bNyeLbPGhGTsnPN36Iy2cM=
x-served-by: cache-hhn11563-HHN
last-modified: Tue, 09 Feb 2021 16:04:13 GMT
server: AmazonS3
x-timer: S1615180564.284889,VS0,VE0
date: Mon, 08 Mar 2021 05:16:04 GMT
vary: Accept-Encoding
x-amz-request-id: 953558099170AD83
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 18
x-cache-hits: 75793

GET
H2 200 tfa-eid.20210303-1-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 13 KB
5 KB 6ms
6ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tfa-eid.20210303-1-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: de71a807d7bbb443f740c3efc8e6017443b311443fe01607e0a15f55120e0454

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: TzY8MDRSoTwgbreCjtt109RbXxrzahQ0
content-encoding: gzip
etag: "42522c52e0dee61385703ca3d59db3b1"
age: 11
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 4855
x-amz-id-2: LAWFGUr4tsNsSh5EgXfmVBwHy9JsYcmFPsJn+7bfOBZAXNCHRhj/nLGd5mSAOGA0Cea3iMezpIM=
x-served-by: cache-hhn11563-HHN
last-modified: Thu, 04 Mar 2021 13:32:29 GMT
server: AmazonS3
x-timer: S1615180564.301153,VS0,VE0
date: Mon, 08 Mar 2021 05:16:04 GMT
vary: Accept-Encoding
x-amz-request-id: 4SAQ1KM2Y25TCH60
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 18
x-cache-hits: 37

GET
H2 200 sha256.20210303-1-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 6 KB
3 KB 7ms
6ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/sha256.20210303-1-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 745cb1f03ce925e9dae7454a87e38299d8f661f8f556e1f484ac1bf2b8ea33c9

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: A8hOL3U3YawHShMqTUS7CYwcF3wAoJzf
content-encoding: gzip
etag: "cb3be4ee6dbe31f68cfe2e76e6919143"
age: 86
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2594
x-amz-id-2: Wr2l9InLGIQsVwQ2yh5K4ZszhwwpSxsGgpETSmJyafJNMXCnJJhx+xkv44RsvNzCw5YcCa2FZGs=
x-served-by: cache-hhn11563-HHN
last-modified: Thu, 04 Mar 2021 13:32:38 GMT
server: AmazonS3
x-timer: S1615180564.301288,VS0,VE0
date: Mon, 08 Mar 2021 05:16:04 GMT
vary: Accept-Encoding
x-amz-request-id: WX0WRDA1DTBG1HES
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 18
x-cache-hits: 382

GET
H2 200 distance-from-article.20210303-1-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 7ms
7ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20210303-1-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3c9003d318abcaf3594c0cc2d2e7eb8ef869f6be7fcb4c95d4b6d01d4d2e9b7a

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: sDbFcfiMRmVI990Hiym9Tpz2BYiFt8dA
content-encoding: gzip
etag: "7ea34fd7cb6f776bf4bac17fc525895a"
age: 72
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 963
x-amz-id-2: QETpyi2fE0kxb9c7vs3bFcmYndzdC0RnH2PX+o1BMQx9Yfm4SZm2EiF8cEVAgR0YMXSGVC0AlE4=
x-served-by: cache-hhn11563-HHN
last-modified: Thu, 04 Mar 2021 13:33:03 GMT
server: AmazonS3
x-timer: S1615180564.306113,VS0,VE0
date: Mon, 08 Mar 2021 05:16:04 GMT
vary: Accept-Encoding
x-amz-request-id: K7BP4WABR1H0G7SM
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 18
x-cache-hits: 17

GET
H2 200 article-detection.20210303-1-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 7ms
7ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20210303-1-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c8c85d9d65df950ee2f1167a03456479f2eba326c5506cf00b4eb9140bd0f0cc

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: CUM7x.FTdSKbcvjKXukSnEVzKzVtudYG
content-encoding: gzip
etag: "e187dfcafc58ba73a04328052679da5e"
age: 1
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 862
x-amz-id-2: m919rEKBnq06mgIVhX5rkvZoNIFzSw3vNqQhCBNxPEhl9Bc+NS5LsDW7Gcot9/uf1XOe5XKk4OI=
x-served-by: cache-hhn11563-HHN
last-modified: Thu, 04 Mar 2021 13:33:11 GMT
server: AmazonS3
x-timer: S1615180564.306104,VS0,VE1
date: Mon, 08 Mar 2021 05:16:04 GMT
vary: Accept-Encoding
x-amz-request-id: 0ZFS93K81AVB84TJ
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 18
x-cache-hits: 1

GET
H2

200

rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame AEF7
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=0b5dd782-125c-476d-8e64-20887b6338a2
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=0b5dd782-125c-476d-8e64-20887b6338a2&tbid=603a0525-4dba-40f3-b313-4fb6296d7a37-tuct73f3894&query=taboola_hm%3D0b5dd782-125c-...

0
67 B

15ms
14ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=0b5dd782-125c-476d-8e64-20887b6338a2&tbid=603a0525-4dba-40f3-b313-4fb6296d7a37-tuct73f3894&query=taboola_hm%3D0b5dd782-125c-476d-8e64-20887b6338a2&isDirect=0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:04 GMT
via: 1.1 varnish
server: nginx
x-timer: S1615180565.582512,VS0,VE8
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11563-HHN

Redirect headers

location: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=0b5dd782-125c-476d-8e64-20887b6338a2&tbid=603a0525-4dba-40f3-b313-4fb6296d7a37-tuct73f3894&query=taboola_hm%3D0b5dd782-125c-476d-8e64-20887b6338a2&isDirect=0
tbl-x-upstream: 10.40.0.199:10213
date: Mon, 08 Mar 2021 05:16:04 GMT
server: nginx
x-fastly-to-nlb-rtt: 11736

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame AEF7 0
239 B 10ms
8ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

GET
H2

204

/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame AEF7
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=YR3FGri3r0CQ&ev=1&orig=trc&pid=562107

0
219 B

14ms
13ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=YR3FGri3r0CQ&ev=1&orig=trc&pid=562107
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.34.201:10213
date: Mon, 08 Mar 2021 05:16:04 GMT
server: nginx
x-fastly-to-nlb-rtt: 11790

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=YR3FGri3r0CQ&ev=1&orig=trc&pid=562107
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-568ff9c7d-5d796
expires: -1

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame AEF7 43 B
690 B 24ms
6ms Image
image/gif 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Mar 2021 05:16:04 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 535.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.43:80
AN-X-Request-Uuid: 1e83242f-2e4e-42a0-9e1c-158d1b6a0ea3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame AEF7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEGaE8qU5mPVPZmVxqTUydT8&google_cver=1

0
58 B

16ms
15ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEGaE8qU5mPVPZmVxqTUydT8&google_cver=1
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Mon, 08 Mar 2021 05:16:04 GMT
via: 1.1 varnish
server: nginx
x-timer: S1615180564.375207,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19149-FRA

Redirect headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEGaE8qU5mPVPZmVxqTUydT8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Pug
simage2.pubmatic.com/AdServer/ Frame AEF7 42 B
805 B 50ms
12ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=603a0525-4dba-40f3-b313-4fb6296d7a37-tuct73f3894:$UID
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 08 Mar 2021 05:01:48 GMT
X-lat: amspug014:0:377
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame AEF7
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=603a0525-4dba-40f3-b313-4fb6296d7a37-tuct73f3894

170 B
484 B

43ms
27ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=603a0525-4dba-40f3-b313-4fb6296d7a37-tuct73f3894

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=603a0525-4dba-40f3-b313-4fb6296d7a37-tuct73f3894
tbl-x-upstream: 10.41.22.84:10213
date: Mon, 08 Mar 2021 05:16:04 GMT
server: nginx
x-fastly-to-nlb-rtt: 11648

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame AEF7
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=5697664b-3c46-476e-ba6b-6507bb7241bf

0
55 B

29ms
28ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=5697664b-3c46-476e-ba6b-6507bb7241bf
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Mon, 08 Mar 2021 05:16:04 GMT
via: 1.1 varnish
server: nginx
x-timer: S1615180565.637269,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19149-FRA

Redirect headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:04 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=5697664b-3c46-476e-ba6b-6507bb7241bf
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame AEF7
Redirect Chain

https://ce.lijit.com/merge?pid=42&3pid=603a0525-4dba-40f3-b313-4fb6296d7a37-tuct73f3894&us_privacy=&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=42&3pid=603a0525-4dba-40f3-b313-4fb6296d7a37-tuct73f3894&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

0
433 B

29ms
25ms

Image
text/plain

216.52.2.39
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=42&3pid=603a0525-4dba-40f3-b313-4fb6296d7a37-tuct73f3894&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Mar 2021 05:16:04 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap7ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 08 Mar 2021 05:16:04 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=42&3pid=603a0525-4dba-40f3-b313-4fb6296d7a37-tuct73f3894&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap7ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame AEF7 49 B
405 B 164ms
87ms Image
image/gif 198.148.27.139
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=603a0525-4dba-40f3-b313-4fb6296d7a37-tuct73f3894

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-568ff9c7d-t5k7g
expires: -1

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame AEF7 43 B
697 B 53ms
18ms Image
image/gif 185.86.137.132
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=603a0525-4dba-40f3-b313-4fb6296d7a37-tuct73f3894&gdpr=0&gdpr_consent=
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:04 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame AEF7 42 B
233 B 264ms
89ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=281&r=%2F%2Fsync.taboola.com%2Fsg%2Fadkernelrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%7BUID%7D
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Mar 2021 05:16:04 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2 204 put
e1.emxdgt.com/ Frame AEF7 0
59 B 61ms
24ms Image
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d41&uid=603a0525-4dba-40f3-b313-4fb6296d7a37-tuct73f3894
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:03 GMT
content-length: 0
content-type: text/html

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame AEF7
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=f7a0abed-c4ec-49d3-8b44-ed715b30959f

0
227 B

40ms
38ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=f7a0abed-c4ec-49d3-8b44-ed715b30959f
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.22.84:10213
date: Mon, 08 Mar 2021 05:16:04 GMT
server: nginx
x-fastly-to-nlb-rtt: 17027

Redirect headers

pragma: no-cache
x-errorlevel: 0
date: Mon, 08 Mar 2021 05:16:03 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=f7a0abed-c4ec-49d3-8b44-ed715b30959f
cache-control: no-cache
server-processing-duration-in-ticks: 1621
content-type: text/html; charset=utf-8
content-length: 222
expires: Mon, 08 Mar 2021 00:00:00 GMT

GET

/
loadus.exelator.com/load/ Frame AEF7
Redirect Chain

https://id5-sync.com/s/464/9.gif?puid=603a0525-4dba-40f3-b313-4fb6296d7a37-tuct73f3894&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
https://id5-sync.com/c/464/464/7/1.gif?puid=603a0525-4dba-40f3-b313-4fb6296d7a37-tuct73f3894&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO_GJdKTeyhg5UDN6X0Hr9ldmJjS4PKezm2wwmzQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO_GJdKTeyhg5UDN6X0Hr9ldmJjS4PKezm2wwmzQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp...
https://id5-sync.com/cq/464/124/6/2.gif?puid=b53d8006-56e7-4770-a213-5b02b02e138b&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F5%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
https://id5-sync.com/c/464/441/5/3.gif?puid=e_b59730c4-4c81-41ae-90b0-b8d0c341370f&gdpr=1&gdpr_consent=
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEOSJ--DDgHX3NHlbG_Nb4QI&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0Rv...
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=1307891828321342721&opid=apx&ops=&utidl=tech:goo:CAESEOSJ--DDgHX3NHlbG_Nb4QI&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0a...
https://id5-sync.com/qp/18.gif?puid=vec%3A11638806111&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://id5-sync.com/c/464/19/3/5.gif?puid=7ea568630ea8366d7453c837325f3a49&gdpr=1&gdpr_consent=
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/464/101/2/6.gif?puid=d77ca7b8-825c-40d6-90da-bb7fcc2f301e&gdpr=1&gdpr_consent=
https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F103%2F1%2F7.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D

0
0

GET
H2

204

rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame AEF7
Redirect Chain

https://s.c.appier.net/taboola
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=sTFgGP62BpScQ0TPFbNFYA

0
219 B

13ms
12ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=sTFgGP62BpScQ0TPFbNFYA
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.34.222:10213
date: Mon, 08 Mar 2021 05:16:05 GMT
server: nginx
x-fastly-to-nlb-rtt: 22855

Redirect headers

location: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=sTFgGP62BpScQ0TPFbNFYA
date: Mon, 08 Mar 2021 05:16:05 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 110
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame AEF7 35 B
380 B 382ms
91ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName: Track004-dc3
Pragma: no-cache
Date: Mon, 08 Mar 2021 05:15:51 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H/1.1 204
No Content /
cds.taboola.com/ Frame AEF7 0
155 B 288ms
86ms Image
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cds.taboola.com/?uid=603a0525-4dba-40f3-b313-4fb6296d7a37-tuct73f3894&_r=7386332
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 08 Mar 2021 05:16:04 GMT
Cache-Control: no-store
Server: nginx
Connection: close

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame AEF7
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=81a584b6-6548-4ec9-8ad6-d09a861befa3
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=0b5dd782-125c-476d-8e64-20887b6338a2&ssp=taboola
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=81a584b6-6548-4ec9-8ad6-d09a861befa3

0
227 B

35ms
35ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=81a584b6-6548-4ec9-8ad6-d09a861befa3
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.34.64:10213
date: Mon, 08 Mar 2021 05:16:04 GMT
server: nginx
x-fastly-to-nlb-rtt: 18450

Redirect headers

location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=81a584b6-6548-4ec9-8ad6-d09a861befa3
date: Mon, 08 Mar 2021 05:16:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 debug
trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/ 0
276 B 18ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/debug?tim=06%3A16%3A04.301&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbnails-midrail-native&id=5680&cv=20210303-1-RELEASE&lt=deflated&pct=1
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:04 GMT
server: nginx
x-fastly-to-nlb-rtt: 16347
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.40.0.175:10213

GET
H2 204 social
trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/ 0
408 B 14ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/social?route=AM:AM:V&lti=deflated&ri=2b800282d3a23518cb6afcd2d26bc98a&sd=v2_39939c533cb3fc2608920a134c78ae0a_603a0525-4dba-40f3-b313-4fb6296d7a37-tuct73f3894_1615180564_1615180564_CIi3jgYQgPNHGLaMjoKBLyABKAEwODib4wlAgooQSMzK2QNQpewQWABgAGixr-m1yv33zq0B&ui=603a0525-4dba-40f3-b313-4fb6296d7a37-tuct73f3894&pi=/&wi=873729681997272865&pt=home&vi=1615180564022&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=06%3A16%3A04.365&id=6693&llvl=1&cv=20210303-1-RELEASE&
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:04 GMT
server: nginx
x-fastly-to-nlb-rtt: 16061
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.40.0.199:10213

GET
H/1.1 200
OK iasPET.1.js Show response
cdn.adsafeprotected.com/ 22 KB
7 KB 32ms
9ms Script
application/javascript 13.226.159.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adsafeprotected.com/iasPET.1.js
Requested by: Host: tags.news.com.au
URL: https://tags.news.com.au/prod/tad/tad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-6.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 54138d578ed166d5381db70b3dd14a16830233553b6e4213402bae2fdb0564b4

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 02 Mar 2021 11:51:46 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 08 Jul 2020 20:34:30 GMT
Server: AmazonS3
Age: 494659
ETag: W/"a8663f72a1dbe614b19f167a59af368d"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
Cache-Control: max-age=604800
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: s6O_XgjdxYvaVHMgUmdpaPJ-RE1tTln8-iDVF14wtr_p_LRPPV5IRQ==

GET
H2 200 ggcmb510.js Show response
seccdn-gl.imrworldwide.com/novms/js/2/ 12 KB
5 KB 43ms
26ms Script
application/javascript 2600:9000:20d7:5200:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://seccdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Requested by: Host: tags.news.com.au
URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20d7:5200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 07oifQkiz2QbVUMgsPZpuD.nQevtFk99
content-encoding: gzip
etag: W/"afa0d379b1e6e0a61fad577d0043ff26"
last-modified: Wed, 03 Feb 2021 14:35:45 GMT
server: AmazonS3
age: 210
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 76991fdca074ecae847653e013587ff8.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Mon, 08 Mar 2021 05:14:45 GMT
x-amz-cf-pop: ZAG50-C1
x-amz-cf-id: IgcmILeQUpWF1wt7-xNZ3g9C85eznl-NS8EJaJhtgw_poQZ5JQUkaQ==

GET
H2 200 vidora-client.1.x.x.min.js Show response
assets.vidora.com/js/ 8 KB
4 KB 115ms
26ms Script
application/javascript 2600:9000:20d7:7e00:4:77d:a0c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20d7:7e00:4:77d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 08052c2c99dd94a7e638999360264f21fd6ea6c6e7f0c9fbaf55e11cd4fe314f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 22:11:01 GMT
content-encoding: gzip
last-modified: Wed, 08 Apr 2020 14:24:21 GMT
server: AmazonS3
age: 25503
etag: W/"09285b59e7b4661ace266ee756c7b3f3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 35262001a2ae8da534143b9a1e14d8fe.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: ZAG50-C1
x-amz-cf-id: xQHcljvj5If8u8xcz7QR5t6O8BIowz2ti2YnaAPCPaKqf_tBmTYO1Q==

GET
H2 200 ebOneTag.js Show response
secure-ds.serving-sys.com/SemiCachedScripts/ 52 KB
16 KB 22ms
6ms Script
application/javascript 23.79.147.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.147.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: / ARR/3.0
Resource Hash: 560ff2564fbf2bef305cf0e9533c4db2671c96297d978fd31ac0310727fe455f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:04 GMT
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 15:15:57 GMT
server
x-powered-by: ARR/3.0
etag: "84a7fce7aaabd61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=311
accept-ranges: bytes
content-length: 15848

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
202 B 7ms
7ms Script
application/x-javascript 184.24.9.204
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsltd/hwt/202012150059&cb=1615180564409
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.9.204 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-9-204.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:04 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Mon, 08 Mar 2021 05:26:04 GMT

GET
H2 200 _error
uconnect.tealiumiq.com/ulog/ 43 B
454 B 28ms
7ms Image
image/gif 52.29.60.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uconnect.tealiumiq.com/ulog/_error?utid=newsltd/hwt/202012150059&e0=ge%3A%3A4%3A%3A%2F%2Ftags.tiqcdn.com%2Futag%2Fnewsltd%2Fhwt%2Fprod%2Futag.js%3A%3A_gaq%20is%20not%20defined
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.60.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:04 GMT
x-serverid: uconnect_i-0ce3b1c30a54fd7f0
vary: Origin
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc: _error::4:uconnect
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
x-region: eu-central-1
x-error: _error is not supported
content-type: image/gif
x-ulver: 1e0ddb7acfeaf5d87160e42b1f04f46f714dc636-SNAPSHOT
content-length: 43
x-uuid: dd0149f0-aeff-4270-973f-e463329aff7d
expires: Mon, 08 Mar 2021 05:16:04 GMT

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1615180564422
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1615180564422

5 KB
2 KB

32ms
31ms

XHR
application/json

52.208.123.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1615180564422

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.123.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

2b42c7ab057eeac2b8d6a4cd2b5510e96a8eb48a2e871f2dbd32e4101003b394

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v089-0419cb970.edge-irl1.demdex.com 5.80.6.20210202104731 2ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: W0ImYiXcSDw=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.heraldsun.com.au
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1538
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://www.heraldsun.com.au
X-TID: HNWATK8aRTg=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1615180564422
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 authorize Show response
login.newscorpaustralia.com/ Frame 3C53 2 KB
3 KB 345ms
345ms Document
text/html 104.108.60.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=Ok7U_UOiuKj~o-B018bjksQxeCnHm2NS&nonce=-7MlFUiltTSQzKs7RKc4P_TMaAR_CiGb&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4zIn0%3D

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.108.60.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-60-35.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

426b2ee88627465952794353774d99f6156fe68dfe1dc6564ec4632f1805f6d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: login.newscorpaustralia.com
:scheme: https
:path: /authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=Ok7U_UOiuKj~o-B018bjksQxeCnHm2NS&nonce=-7MlFUiltTSQzKs7RKc4P_TMaAR_CiGb&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4zIn0%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

content-type: text/html;charset=UTF-8
cf-ray: 62c996e00ce80e1e-MXP
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
cf-request-id: 08b1dca00a00000e1e8c0f7000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id: 62c996e00ce80e1e
ot-tracer-sampled: true
ot-tracer-spanid: 2b261b3965a0f470
ot-tracer-traceid: 31c90b6779d2b145
x-auth0-requestid: f7f22291f391458305a7
x-content-type-options: nosniff
x-ratelimit-limit: 1000
x-ratelimit-remaining: 999
x-ratelimit-reset: 1615180565
server: cloudflare
content-encoding: gzip
x-akamai-transformed: 9 538 0 pmb=mTOE,3
expires: Mon, 08 Mar 2021 05:16:04 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 08 Mar 2021 05:16:04 GMT
content-length: 845
vary: Accept-Encoding
set-cookie: __cfduid=d11f2738223d0c0c211346b45935024bc1615180564; expires=Wed, 07-Apr-21 05:16:04 GMT; path=/; domain=.au.auth0.com; HttpOnly; SameSite=Lax; Secure did=s%3Av0%3A618b8990-7fcd-11eb-b84d-f58c2a11017b.OWAAFhoetrLtWqf1lodw6FznMukAm2iOVsh4WU9zpG0; Max-Age=31557600; Path=/; Expires=Tue, 08 Mar 2022 11:16:04 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A618b8990-7fcd-11eb-b84d-f58c2a11017b.OWAAFhoetrLtWqf1lodw6FznMukAm2iOVsh4WU9zpG0; Max-Age=31557600; Path=/; Expires=Tue, 08 Mar 2022 11:16:04 GMT; HttpOnly; Secure ak_bmsc=40D5BC5AD7822F4D04DD0A5A7C9BD7E948F7B2D6FA57000014B3456095959C3F~plhkQyhdFO0MEbSCyvC5AJ3+CzMPz/D9WZF6wrBwRg9Ncve/RNOwUD0WQX/qYgp1y4DQynMrV0olm2+hAjtUOXXxKf6QEZ8r9bdn5V2F3Bi/MYNLEHSDlveH99kS4X0KB0K8sqEYrH7GNixWUBXhuoNdNJLEfSrazMJ2LwJQPU37YXg0Y4dV9A93EtIY0R4JdCNLLtV0xAP8R0K5tXsi2ZY0QoM+tnzXTOlLfH90UJSPOryKPrNzDkiuiS7QCLtBN5; expires=Mon, 08 Mar 2021 07:16:04 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=51A6B637EF25FDE9FD950AA1657719F8~zhuwY+b8I6cryy3XUh11bVoapS0/UPs7glSqnyBdDzZeimkcBEoSklDOrwwBLnYfDaar4l/fWTPdOnjqfDGNVeAgVaiApnNq2J3EETDjCyfkjWtCA8c5Esw1CAmPThowjGsutpRfPR/GlFHn7WZ65lAzrTwR/PzgYR9BSlq1pO6/5KOCUDaIRuEkHO3jMX+gmpA5QUh65r0FNpz1iSmE8j+31J3H1SzxXrNM+s+5BtyCiYTITxvvl9oh2a7fxFYC; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=EBDDFFDF15FAFB29624B3D4DA096048E~YAAQ1rL3SMMV7g14AQAATolDEAtc3B08uLKJKQt4GlN07jHSVTXF0akGmjBA3ZhyPkKJ/QQiVUD4ZMU7dPdNIv8OSK1MOjTAV4IB987x9HkqPUY8bp9Eyn+U0qmFqWEsefE04Ir+qKJH3BMrvI1TvKboJqb8B4oictjy85XgAAuaACiMNZe2OdWgZx+9iuOdbg1uON13yMGKtEo=; Domain=.newscorpaustralia.com; Path=/; Expires=Mon, 08 Mar 2021 09:16:04 GMT; Max-Age=14400; HttpOnly _abck=25C7E69F46A8042DBB8E694FBF8BD89A~-1~YAAQ1rL3SMQV7g14AQAATolDEAU0NxinNZTZODcnZ+boc24tzc6rAl5NFSn54oiRZ6RyBYpMrUCVMrGV+A054jsEWVaUoZsP69Rk6iGLXQxWYajEM55NoZHVSzFlrtZHdZ7SKdmgNjSHB/MrAaNL+z3q3c06+dfuq4HiW42oT2foAXfUGiq1NemSm8xbyzdQLhiND0fuJbJbZk3vPbEubfh7ShfqvIN04+VHj/PrXl1Tab2Ln46Bh/bs2ei/+1PQ0F3ZjN3/T8uPDbjusqXboIzqgT65aYCvK/3BZJ8tpv1rFPu0RAddnRCW8lDmbkQur3Z81jw9YqhIZFlJnjs4x4W0pyG0fzCcPfvVhaR6oDJFzMr1W1ICbbaDUMEv17LkfNj6U4xwJg==~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Tue, 08 Mar 2022 05:16:04 GMT; Max-Age=31536000; Secure

GET
H2 200 mynews-promo.png
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/c3po/ 366 KB
367 KB 51ms
50ms Image
image/png 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/c3po/mynews-promo.png

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

07e67598714a0c4563e38e21462f805842803eea1954787eb593acafbe8e9740

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-rq: ewr4 114 120 3158
last-modified: Tue, 09 Feb 2021 21:37:59 GMT
server: nginx
etag: "602300b7-5b713"
vary: User-Agent
content-type: image/png
expires: Thu, 11 Mar 2021 03:34:45 GMT
cache-control: max-age=253121
date: Mon, 08 Mar 2021 05:16:04 GMT
is-https: true
content-length: 374547
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H3-Q050 200 pubads_impl_2021030201.js Show response
securepubads.g.doubleclick.net/gpt/ 282 KB
100 KB 42ms
28ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

cd482357c0415690fe23972a4b6c62f0cdeebaa29f66bf2851bbeaed4450b982

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Mar 2021 09:37:28 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101677
x-xss-protection: 0
expires: Mon, 08 Mar 2021 05:16:04 GMT

GET
H2 204 supply-feature
trc.taboola.com/newscorpau-aud-heraldsun/log/3/ 0
87 B 16ms
14ms Image
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/newscorpau-aud-heraldsun/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=2b800282d3a23518cb6afcd2d26bc98a&sd=v2_39939c533cb3fc2608920a134c78ae0a_603a0525-4dba-40f3-b313-4fb6296d7a37-tuct73f3894_1615180564_1615180564_CIi3jgYQgPNHGLaMjoKBLyABKAEwODib4wlAgooQSMzK2QNQpewQWABgAGixr-m1yv33zq0B&ui=603a0525-4dba-40f3-b313-4fb6296d7a37-tuct73f3894&pi=/&wi=873729681997272865&pt=home&vi=1615180564022&d=%7B%22event_type%22%3A%22END_OF_ARTICLE_MEASUREMENT%22%2C%22event_state%22%3A%22REPORTED%22%2C%22event_value%22%3A%22%7B%5C%22distance%5C%22%3A1053.109375%2C%5C%22articleClasses%5C%22%3A%5C%22site-content%5C%22%2C%5C%22articleTag%5C%22%3A%5C%22SECTION%5C%22%2C%5C%22threshold%5C%22%3A%5C%22246%5C%22%7D%22%7D&tim=06%3A16%3A04.499&id=2807&llvl=1&cv=20210303-1-RELEASE&
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Mon, 08 Mar 2021 05:16:04 GMT
via: 1.1 varnish
server: nginx
x-timer: S1615180565.924219,VS0,VE9
x-served-by: cache-fra19149-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 ping
ping.chartbeat.net/ 43 B
169 B 264ms
87ms Image
image/gif 52.4.50.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2F&u=Bf7-VdIzKCJCeWLXO&d=heraldsun.com.au&g=36976&g0=home%2Chomepage%2Cno_video&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=10798&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=3580&t=DVA8VVTNzihDA1-lzDKc1Mpv38jn&V=122&i=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&tz=-60&_acct=anon&sn=1&sv=C1iRFDmcK4oMJGnYCk_gJ_DKoz-G&sd=1&im=06030402&_
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.50.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:05 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210303/r20110914/elements/html/ 8 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210303/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=927606849604.2622?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 04:55:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1222
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Mar 2021 04:55:42 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ 0
437 B 62ms
41ms Other
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuHisdoJ6D0n97RFNIxPmi3DTGZF1v-A1Sb6BzPp0lazMNp-j3ga3mffuKNFuoOJfhJ8BJtLdtnGXWTUEauQHpIndvnwR4kRGvHvmwK9Squkz4mat9oRmXNnOysl6GpjCD9&sig=Cg0ArKJSzMnMPqD32iWFEAE&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20210303.05384&adurl=

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=927606849604.2622?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 08 Mar 2021 05:16:05 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 gdpr_user_check.esi Show response
tags.news.com.au/prod/data-esi/top/ 63 B
361 B 480ms
458ms XHR
text/plain 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi?
Requested by: Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: AkamaiGHost /
Resource Hash: c7e5c94584c7a69b7da90a656c5b4f6af46beeb35d66ef255f7f0705ef6b1bf5

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:05 GMT
server: AkamaiGHost
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
etag: "f1d1adc077c1f1f826a151ee3db530bc:1600839199.327003"
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=0, no-cache
content-length: 63
mime-version: 1.0
expires: Mon, 08 Mar 2021 05:16:05 GMT

GET
H/1.1 200
OK Cookie set dest5.html Show response
newscorpau.demdex.net/ Frame DD05 7 KB
3 KB 156ms
30ms Document
text/html 52.208.139.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://newscorpau.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.139.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: newscorpau.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.heraldsun.com.au/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=54537386079071306343636709354180226755
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Thu, 11 Feb 2021 15:03:56 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=54537386079071306343636709354180226755;Path=/;Domain=.demdex.net;Expires=Sat, 04-Sep-2021 05:16:04 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: E8AOXl7GRwA=
Content-Length: 2785
Connection: keep-alive

GET
H2 200 id Show response
metrics.heraldsun.com.au/ 48 B
516 B 85ms
41ms XHR
application/x-javascript 15.237.76.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.heraldsun.com.au/id?d_visid_ver=5.1.1&d_fieldgroup=A&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&mid=54513600706862192803634583741145546713&ts=1615180564676

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.76.117 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-237-76-117.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

bef3a7c91c8e137c5d6389a78026c89ff43656b258ee8ef2cf013a4a9438e039

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 08 Mar 2021 05:16:04 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-5955cb7dcf-h9xvd
vary: Origin
x-c: main-1422.I3bac54.M0-478
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.heraldsun.com.au
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YEWzFQAAADwPxghv
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=54537386079071306343636709354180226755
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YEWzFQAAADwPxghv

42 B
915 B

29ms
29ms

Image
image/gif

52.208.123.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YEWzFQAAADwPxghv

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.123.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v089-0783044f5.edge-irl1.demdex.com 5.80.6.20210202104731 0ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: DnMGSclHTIc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YEWzFQAAADwPxghv
Date: Mon, 08 Mar 2021 05:16:05 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 279daaa0
login.newscorpaustralia.com/akam/11/ Frame 52A9 32 KB
0 32ms
30ms Script
application/javascript 104.108.60.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://login.newscorpaustralia.com/akam/11/279daaa0
Requested by: Host: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=rkaZywvpUsyuBf6KopEtIxt_T81lGXkf&nonce=ZUVvyGGVNeioeAJ31c4rhPYtFQbM9_3H&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4zIn0%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.60.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-60-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=rkaZywvpUsyuBf6KopEtIxt_T81lGXkf&nonce=ZUVvyGGVNeioeAJ31c4rhPYtFQbM9_3H&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4zIn0%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:04 GMT
content-encoding: gzip
last-modified: Thu, 02 May 2019 20:07:54 GMT
etag: "45f56d8f9bda006dad514cba59b45ae90085321f3d51b2b3a274c8d4d19b5158"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
content-length: 10449
expires: Mon, 08 Mar 2021 05:16:04 GMT

GET
H2 200 bf6d92c397dti17991ecfa342459f501b
login.newscorpaustralia.com/staticweb/ Frame 52A9 73 KB
0 32ms
31ms Script
application/javascript 104.108.60.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://login.newscorpaustralia.com/staticweb/bf6d92c397dti17991ecfa342459f501b
Requested by: Host: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=rkaZywvpUsyuBf6KopEtIxt_T81lGXkf&nonce=ZUVvyGGVNeioeAJ31c4rhPYtFQbM9_3H&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4zIn0%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.60.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-60-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=rkaZywvpUsyuBf6KopEtIxt_T81lGXkf&nonce=ZUVvyGGVNeioeAJ31c4rhPYtFQbM9_3H&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4zIn0%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:04 GMT
content-encoding: gzip
last-modified: Tue, 16 Feb 2021 22:20:44 GMT
etag: "77ab0fb0bef6d3471b849a9e26e339e68a4c60a0a2f5d2cf6ab40c38bc1b0875"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=21600
content-length: 18915

GET
H2 200 279daaa0
login.newscorpaustralia.com/akam/11/ Frame 5D2F 32 KB
0 15ms
12ms Script
application/javascript 104.108.60.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://login.newscorpaustralia.com/akam/11/279daaa0
Requested by: Host: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=7OQwEBdDRi6XR4XQgR1auZCOirbKpETa&nonce=y-0S8hAA-fTbnXeXBPq7IuNiHcfFib3F&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4zIn0%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.60.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-60-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=7OQwEBdDRi6XR4XQgR1auZCOirbKpETa&nonce=y-0S8hAA-fTbnXeXBPq7IuNiHcfFib3F&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4zIn0%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:04 GMT
content-encoding: gzip
last-modified: Thu, 02 May 2019 20:07:54 GMT
etag: "45f56d8f9bda006dad514cba59b45ae90085321f3d51b2b3a274c8d4d19b5158"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
content-length: 10449
expires: Mon, 08 Mar 2021 05:16:04 GMT

GET
H2 200 bf6d92c397dti17991ecfa342459f501b
login.newscorpaustralia.com/staticweb/ Frame 5D2F 73 KB
0 9ms
7ms Script
application/javascript 104.108.60.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://login.newscorpaustralia.com/staticweb/bf6d92c397dti17991ecfa342459f501b
Requested by: Host: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=7OQwEBdDRi6XR4XQgR1auZCOirbKpETa&nonce=y-0S8hAA-fTbnXeXBPq7IuNiHcfFib3F&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4zIn0%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.60.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-60-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=7OQwEBdDRi6XR4XQgR1auZCOirbKpETa&nonce=y-0S8hAA-fTbnXeXBPq7IuNiHcfFib3F&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4zIn0%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:04 GMT
content-encoding: gzip
last-modified: Tue, 16 Feb 2021 22:20:44 GMT
etag: "77ab0fb0bef6d3471b849a9e26e339e68a4c60a0a2f5d2cf6ab40c38bc1b0875"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=21600
content-length: 18915

GET
H2 200 279daaa0
login.newscorpaustralia.com/akam/11/ Frame 37F4 32 KB
0 16ms
14ms Script
application/javascript 104.108.60.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://login.newscorpaustralia.com/akam/11/279daaa0
Requested by: Host: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=ipYpZ.~Uta_VVX2k1kHcyu4GL6Atukd_&nonce=6v5kjDS1S8j6VeGOTogLbV-rgSQbrIR1&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4zIn0%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.60.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-60-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=ipYpZ.~Uta_VVX2k1kHcyu4GL6Atukd_&nonce=6v5kjDS1S8j6VeGOTogLbV-rgSQbrIR1&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4zIn0%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:04 GMT
content-encoding: gzip
last-modified: Thu, 02 May 2019 20:07:54 GMT
etag: "45f56d8f9bda006dad514cba59b45ae90085321f3d51b2b3a274c8d4d19b5158"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
content-length: 10449
expires: Mon, 08 Mar 2021 05:16:04 GMT

GET
H2 200 bf6d92c397dti17991ecfa342459f501b
login.newscorpaustralia.com/staticweb/ Frame 37F4 73 KB
0 10ms
10ms Script
application/javascript 104.108.60.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://login.newscorpaustralia.com/staticweb/bf6d92c397dti17991ecfa342459f501b
Requested by: Host: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=ipYpZ.~Uta_VVX2k1kHcyu4GL6Atukd_&nonce=6v5kjDS1S8j6VeGOTogLbV-rgSQbrIR1&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4zIn0%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.60.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-60-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=ipYpZ.~Uta_VVX2k1kHcyu4GL6Atukd_&nonce=6v5kjDS1S8j6VeGOTogLbV-rgSQbrIR1&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4zIn0%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:04 GMT
content-encoding: gzip
last-modified: Tue, 16 Feb 2021 22:20:44 GMT
etag: "77ab0fb0bef6d3471b849a9e26e339e68a4c60a0a2f5d2cf6ab40c38bc1b0875"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=21600
content-length: 18915

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 5 KB
2 KB 31ms
30ms XHR
application/json 52.208.123.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=54513600706862192803634583741145546713&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=newsnkidcookie%01438545d00038fe8840b1209781ad4d2d%011&ts=1615180564794

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.123.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0d0964cc683d262090d8a5805c87add21e558bb6b52620d87128c2e507113ed0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v089-0df3514ed.edge-irl1.demdex.com 5.80.6.20210202104731 2ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: EefPHjFbRFk=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.heraldsun.com.au
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1538
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ 44 B
490 B 108ms
108ms Image
image/gif 2600:9000:21f3:f000:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1615180564801&ci=newscorp&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&sr=1600x1200&tz=1
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:f000:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:04 GMT
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA2-C2
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 44
x-amz-cf-id: n1srZ3Uy3dBLx79HiZeyD3Wlzv4wXcfB2T7d0-3OtPAjenpC76--qg==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET 279daaa0
login.newscorpaustralia.com/akam/11/ Frame 3C53 0
0

GET bf6d92c397dti17991ecfa342459f501b
login.newscorpaustralia.com/staticweb/ Frame 3C53 0
0

GET
H2 200 s39711053705653
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.0/ 43 B
442 B 17ms
16ms Image
image/gif 15.237.76.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.0/s39711053705653?AQB=1&ndh=1&pf=1&t=8%2F2%2F2021%206%3A16%3A4%201%20-60&cid.&newsnkidcookie.&id=438545d00038fe8840b1209781ad4d2d&as=1&.newsnkidcookie&.cid&vid=438545d00038fe8840b1209781ad4d2d&mid=54513600706862192803634583741145546713&aamlh=6&ce=UTF-8&ns=newscorpau&cdp=3&g=https%3A%2F%2Fwww.heraldsun.com.au%2F&cc=AUD&ch=D%3Dv4&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=D%3Dv1&v1=news%20corp%20au&h1=news%20corp%20au%7Cherald%20sun%7Cherald%20sun%20web%7Chome&c2=D%3Dv2&v2=herald%20sun&c3=D%3Dv3&v3=herald%20sun%20web&c4=D%3Dv4&v4=home&c9=D%3Dv9&v9=homepage&c10=D%3Dg&v10=D%3DpageName&c11=D%3Dv11&v11=D%3Dvid&c14=D%3Dv14&v14=anonymous&c22=D%3Dv22&v22=4%3A16%20PM%7CMonday&c24=D%3Dv24&v24=New&c30=First%20Visit&v34=D%3Dg&c46=D%3Dv46&v46=not%20logged%20in&v52=1600x1200%7Cwindows%7C10&c60=TypeError%3A%20Cannot%20read%20property%20%27getItem%27%20of%20null&v77=D%3Dmid&v111=0&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&AQE=1

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.76.117 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-237-76-117.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:04 GMT
x-content-type-options: nosniff
x-c: main-1422.I3bac54.M0-478
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 09 Mar 2021 05:16:04 GMT
server: jag
xserver: anedge-5955cb7dcf-xm7jg
etag: 3468573849919062016-4621924670560439478
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sun, 07 Mar 2021 05:16:04 GMT

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 714 B
951 B 101ms
37ms XHR
application/json 99.80.67.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=10507&slot=%7Bid:ad-block-728x90-1,ss:%5B728.90,970.250,970.50,1000.100%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-728x90-3,ss:%5B728.90%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x250-1,ss:%5B300.250,300.600%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x250-2,ss:%5B300.250%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-1000x50-1,ss:%5B1000.50,728.1%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-728x90-2,ss:%5B728.90,1000.150%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-out-of-page,ss:%5B1.1%5D,p:/5129/ndm.hwt/home,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=262ebab3-bfd0-6b84-2ee7-a2cc7ce21f5d&url=https%253A%252F%252Fwww.heraldsun.com.au%252F
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.67.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f1e2e60c71fd14eae5445faaeeca5617296e5b4c8c8f4d922c3187816267c95a

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:04 GMT
x-server-name: app22.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.heraldsun.com.au
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H/1.1

200
OK

ibs:dpid=358&dpuuid=1307891828321342721
dpm.demdex.net/ Frame DD05
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
https://dpm.demdex.net/ibs:dpid=358&dpuuid=1307891828321342721

42 B
915 B

33ms
33ms

Image
image/gif

52.208.123.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=358&dpuuid=1307891828321342721

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.123.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v089-0bece2f88.edge-irl1.demdex.com 5.80.6.20210202104731 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: x2m1rQFvS1A=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 08 Mar 2021 05:16:04 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 535.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.41:80
AN-X-Request-Uuid: db042c40-891a-4caa-90cf-95baa99741a1
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dpm.demdex.net/ibs:dpid=358&dpuuid=1307891828321342721
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 6630 Show response
secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/ 16 KB
1 KB 19ms
6ms XHR
application/octet-stream 23.79.147.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/6630
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.147.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: ATS/7.1.0 /
Resource Hash: 4578c19c9c34c57fbb97b3547a613cc2435655f96bf40f4e1146f317ef1af1dc

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: UrQAF.0NtJxTgeM2_t7tqxejEVz5SEca
content-encoding: gzip
last-modified: Wed, 03 Mar 2021 22:50:12 GMT
server: ATS/7.1.0
x-amz-request-id: 8TW84D83EB63WK6G
etag: "4b54a7fe7a0ce22f3d971e1f86e2b223"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=494
date: Mon, 08 Mar 2021 05:16:04 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 1180
x-amz-id-2: Yc7nU0QrDPVhM6MmWZRbRwcli7aw6tLQhJgn2NmnHwDlmUdPhIFg8xQ057V96VVfIWhaz6iU+7M=

GET
H2 200 glcfg510.js Show response
cdn-gl.imrworldwide.com/novms/js/2/configs/ 2 KB
1 KB 24ms
24ms Script
application/javascript 2600:9000:20d7:5200:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/configs/glcfg510.js
Requested by: Host: seccdn-gl.imrworldwide.com
URL: https://seccdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20d7:5200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: LpJK.kF6sOPxbzf9okH8tztmeAwG42mm
content-encoding: gzip
etag: W/"931051f801612c3a0e2782961ac3d56c"
last-modified: Wed, 03 Feb 2021 14:35:44 GMT
server: AmazonS3
age: 2515
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 76991fdca074ecae847653e013587ff8.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Mon, 08 Mar 2021 04:35:56 GMT
x-amz-cf-pop: ZAG50-C1
x-amz-cf-id: Fk8MCY41kO6c-si1icvME6a3Xf8xeOQo1RoP4smrWNU_0bZSCsr2Ug==

GET
H/1.1 200 Serving Show response
bs.serving-sys.com/ 10 KB
3 KB 61ms
18ms Script
text/html 80.252.91.53
EQUINIX-CONNECT

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?cn=ot&onetagid=6630&dispType=js&sync=0&sessionid=7931306195667358582&pageurl=$$https%3A%2F%2Fwww.heraldsun.com.au%2F$$&activityValues=$$Session%3D1017268847448151811$$&ns=0&rnd=9731588068335193
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 80.252.91.53 Amsterdam, Netherlands, ASN15830 (EQUINIX-CONNECT, GB),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: ba29aea895a9591a10200f777cb603b6358225fc081852c6ca18ac9beac39353

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Mar 2021 05:16:04 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
P3P: CP="NOI DEVa OUR BUS UNI"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
Content-Type: text/html; charset=UTF-8
Content-Length: 2386
Expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js Show response
cdn-gl.imrworldwide.com/conf/ 32 KB
7 KB 44ms
43ms Script
application/javascript 2600:9000:20d7:5200:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Requested by: Host: secure-gl.imrworldwide.com
URL: https://secure-gl.imrworldwide.com/v60.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20d7:5200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27856bb0abbe3c6d17d91b923fe4cfe283441dd6d3c915cd40b79499e2f78c87

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 4h6oQaYgXRfMvHut9R3YFOL2ymvWBPGQ
content-encoding: gzip
etag: W/"3095aa72b3c68c5572ee631491ef3e9f"
last-modified: Sun, 07 Mar 2021 11:18:15 GMT
server: AmazonS3
age: 2352
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 76991fdca074ecae847653e013587ff8.cloudfront.net (CloudFront)
cache-control: max-age=86400,s-maxage=86400
date: Mon, 08 Mar 2021 04:36:53 GMT
x-amz-cf-pop: ZAG50-C1
x-amz-cf-id: b4lzhuJ-ZjZccIf5ozWhxZUKQbkaUGVllQ2EzIpgd_sISPndcLD1aw==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.heraldsun.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Mar 2021 05:16:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.heraldsun.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Mar 2021 05:16:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 151 KB
17 KB 59ms
58ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3422481516947490&correlator=2869736765884589&output=ldjh&impl=fifs&hxva=1&scor=324320054838803&eid=31060201%2C31060296%2C31060203&vrg=2021030201&ptt=17&co=1&npa=1&sc=1&sfv=1-0-37&ecs=20210308&iu_parts=5129%2Cndm.hwt%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%7C970x50%7C1000x100%2C728x90%2C300x250%7C300x600%2C300x250%2C1000x50%7C728x1%2C728x90%7C1000x150%2C1x1&ists=1&prev_scp=pos%3D1%26id%3D61bc5df2-7fcd-11eb-8876-06da572054ee%7Cpos%3D3%26id%3D61bc5df3-7fcd-11eb-8876-06da572054ee%7Cpos%3D1%26id%3D61bc5df4-7fcd-11eb-8876-06da572054ee%26vw%3D40%2C50%2C60%26vw05%3D40%26grm%3D40%2C50%2C60%26pub%3D40%2C50%7Cpos%3D2%26id%3D61bc5df5-7fcd-11eb-8876-06da572054ee%7Cpos%3D1%26id%3D61bc5df6-7fcd-11eb-8876-06da572054ee%7Cpos%3D2%26id%3D61bc5df7-7fcd-11eb-8876-06da572054ee%7Cpos%3D1%26id%3D61bc5df8-7fcd-11eb-8876-06da572054ee&eri=1&cust_params=us%3Db%26s%3D0%26co%3D1%26kw%3D%26nk%3D438545d00038fe8840b1209781ad4d2d%26sec1%3Dhome%26ksgmnt%3D%26siteview%3D1%26pagetype%3Dhomepage%26adl%3Dfalse%26pvid%3D438545d00038fe8840b1209781ad4d2d-00000000000000000000000000000000-1615180564243-257282%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3D&bc=31&abxe=1&lmt=1615180565&dt=1615180565001&dlt=1615180563710&idt=991&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C176%2C1123%2C1124%2C176%2C176%2C0&adys=28%2C10203%2C467%2C9408%2C10203%2C3423%2C10845&adks=1616217045%2C818813054%2C2956706420%2C1415436295%2C1982096792%2C3785065344%2C3544675803&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&ifi=1&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x134%7C1248x0%7C300x0%7C300x0%7C1248x0%7C1248x0%7C1600x10845&msz=728x133%7C728x90%7C300x276%7C1248x276%7C1000x50%7C728x90%7C1x1&ga_vid=2006604236.1615180565&ga_sid=1615180565&ga_hid=1499057378&ga_fc=false&fws=640%2C128%2C640%2C128%2C128%2C128%2C128&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

b48b43bd92622fd847ada28161e662791bebd5b2cc04144d0a5ce7447b907b82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16947
x-xss-protection: 0
google-lineitem-id: 4682990628,4682990628,4682990628,4682990628,4682990628,4682990628,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138234025560,138234092474,138234092471,138234092456,138234082178,138234025461,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.heraldsun.com.au
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
98556657706bc6f7d2f73bcf07ab4e7f.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 50ms
15ms Other
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://98556657706bc6f7d2f73bcf07ab4e7f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 174 KB
50 KB 28ms
28ms Script
application/javascript 2600:9000:20d7:5200:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20d7:5200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a3aaaf42bf0ebf882980b8bcfcdbe9a4662fb93015d64fbc4d63fdbd2fff5b3e

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 48i1KLXCzEygN6lVfpDO18yBCPTP4JXh
content-encoding: gzip
etag: W/"1cd612bd5317f2443dde3a70328aa3e8"
last-modified: Wed, 03 Feb 2021 14:35:45 GMT
server: AmazonS3
age: 3231
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 76991fdca074ecae847653e013587ff8.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Mon, 08 Mar 2021 04:22:15 GMT
x-amz-cf-pop: ZAG50-C1
x-amz-cf-id: tnoSDyjZFkg0dBmAuEDcoBJe6hSF1K-dtckiTdIcnnEu-iiSxevbkw==

GET
H/1.1

200
OK

ibs:dpid=470&dpuuid=3578741287086522757
dpm.demdex.net/ Frame DD05
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
https://dpm.demdex.net/ibs:dpid=470&dpuuid=3578741287086522757

42 B
915 B

30ms
29ms

Image
image/gif

52.208.123.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=470&dpuuid=3578741287086522757

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.123.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v089-093656234.edge-irl1.demdex.com 5.80.6.20210202104731 0ms (+2ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: pEmmsztHQhM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=470&dpuuid=3578741287086522757
pragma: no-cache
date: Mon, 08 Mar 2021 05:16:04 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ Frame F29B 4 KB
2 KB 34ms
10ms Script
application/x-javascript 13.226.146.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.146.155 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-146-155.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 07 Mar 2021 07:43:34 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 77552
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 dfeaf865724e57eaac72220929416926.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: H5k5DsEVG-zD9lSU3JcLOQh9i-StKhDz_AIFU47CTNB8USQcVH0h6Q==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ Frame BD1A 5 KB
2 KB 24ms
8ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=438545d00038fe8840b1209781ad4d2d-1615180561
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:05 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 15894
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1615180565.065191,VS0,VE0
x-served-by: cache-hhn11575-HHN

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame 8B08 4 KB
2 KB 24ms
6ms Script
application/x-javascript 2a02:26f0:6c00:296::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=438545d00038fe8840b1209781ad4d2d-1615180561
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:296::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 08 Mar 2021 05:16:05 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=60963
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 76C1 98 KB
39 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-707564276

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

07ae834bb5a865ceb2fa1ee435f4ca0dac67f034575bafc6ed7dbe7ae5cfbc89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:05 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39437
x-xss-protection: 0
last-modified: Mon, 08 Mar 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 08 Mar 2021 05:16:05 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ Frame E3A0 4 KB
2 KB 31ms
9ms Script
application/x-javascript 13.226.146.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.146.155 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-146-155.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 07 Mar 2021 07:43:34 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 77552
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: I8IdCK9J6PKK9vQYiHgxByR4mUf3N3EcQJ5x5rFO3ZhSApEgj4BzzQ==

GET
H/1.1 200
OK pixie.js Show response
acdn.adnxs.com/dmp/up/ Frame F870 7 KB
3 KB 31ms
7ms Script
application/javascript 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/up/pixie.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=438545d00038fe8840b1209781ad4d2d-1615180561
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3883ff2a5b46193da5464f5ae5fb94169d1361cfecedbd187439d459dc669f31

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 08 Mar 2021 05:16:05 GMT
Content-Encoding: gzip
Age: 34684
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 2601
X-Served-By: cache-lga21928-LGA, cache-fra19164-FRA
Access-Control-Allow-Origin: *
Last-Modified: Thu, 14 May 2020 21:04:36 GMT
Server: nginx/1.13.10
X-Timer: S1615180565.099569,VS0,VE0
ETag: W/"5ebdb264-1cfb"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Thu, 10 Dec 2020 19:35:03 GMT
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 1, 4046

GET
H3-Q050

200

activityi;dc_pre=CMDc0b74n-8CFQPB1QodxRIAwA;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7931100456042.51 Show response
8228261.fls.doubleclick.net/ Frame E3F7
Redirect Chain

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7931100456042.51?
https://8228261.fls.doubleclick.net/activityi;dc_pre=CMDc0b74n-8CFQPB1QodxRIAwA;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=793110045604...

401 B
812 B

45ms
30ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8228261.fls.doubleclick.net/activityi;dc_pre=CMDc0b74n-8CFQPB1QodxRIAwA;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7931100456042.51?

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=438545d00038fe8840b1209781ad4d2d-1615180561

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

e61acdc6a534c76aeeb5b74d229a1699e6637ff707360a1ab9f997d3a56ea32b

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8228261.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CMDc0b74n-8CFQPB1QodxRIAwA;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7931100456042.51?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmb-Ul_VLHXZB6Hm8rmvbB8rQ2fJ11G7zQgmZVXTDNvGt-PMon4u0YvkiVcqG0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 08 Mar 2021 05:16:05 GMT
expires: Mon, 08 Mar 2021 05:16:05 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 330
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 08 Mar 2021 05:16:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8228261.fls.doubleclick.net/activityi;dc_pre=CMDc0b74n-8CFQPB1QodxRIAwA;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7931100456042.51?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050

200

activityi;dc_pre=CLnv0b74n-8CFdEeBgAd13oB4w;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3409197494605.8354 Show response
8228261.fls.doubleclick.net/ Frame A851
Redirect Chain

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3409197494605.8354?
https://8228261.fls.doubleclick.net/activityi;dc_pre=CLnv0b74n-8CFdEeBgAd13oB4w;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=340919749460...

403 B
357 B

41ms
31ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8228261.fls.doubleclick.net/activityi;dc_pre=CLnv0b74n-8CFdEeBgAd13oB4w;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3409197494605.8354?

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=438545d00038fe8840b1209781ad4d2d-1615180561

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

6a0de374c8127a8d791479a09896f0d545882dca5aaeeec1c3b70e069cbe4f64

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8228261.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CLnv0b74n-8CFdEeBgAd13oB4w;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3409197494605.8354?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmb-Ul_VLHXZB6Hm8rmvbB8rQ2fJ11G7zQgmZVXTDNvGt-PMon4u0YvkiVcqG0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 08 Mar 2021 05:16:05 GMT
expires: Mon, 08 Mar 2021 05:16:05 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 329
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 08 Mar 2021 05:16:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8228261.fls.doubleclick.net/activityi;dc_pre=CLnv0b74n-8CFdEeBgAd13oB4w;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3409197494605.8354?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame 4816 98 KB
39 KB 55ms
34ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-820018408

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d720213de91fe0038983a3252627bebe51c76cd9bb60361aeb33cc0b9327b58c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:05 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39438
x-xss-protection: 0
last-modified: Mon, 08 Mar 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 08 Mar 2021 05:16:05 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame 84B4 40 KB
16 KB 38ms
16ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

c490a90e70edad9a18b327427e3d2d4e315d7824d0fecac3787fb4723c00305d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15433
x-xss-protection: 0
server: cafe
etag: 8077337756528662035
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 08 Mar 2021 05:16:05 GMT

GET
H2 200 activity
au-gmtdmp.mookie1.com/t/v2/ Frame B6E1 43 B
609 B 279ms
262ms Image
image/gif 35.227.202.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296557&src.rand=[timestamp]
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.202.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:05 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK px
secure.adnxs.com/ Frame 9679 43 B
968 B 43ms
14ms Image
image/gif 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/px?id=879166&seg=9702347&t=2

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Mar 2021 05:16:05 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.145:80
AN-X-Request-Uuid: a1567a89-82a3-4e95-b2a3-02df4dbb2c81
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK px
secure.adnxs.com/ 0
952 B 47ms
16ms Image
application/javascript 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Mar 2021 05:16:05 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.140:80
AN-X-Request-Uuid: dcb172e0-2977-4595-8c5f-be11a9f144bf
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK px
secure.adnxs.com/ 0
952 B 44ms
14ms Image
application/javascript 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/px?id=1049968&seg=15374298&t=1

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Mar 2021 05:16:05 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.136:80
AN-X-Request-Uuid: 88874f8c-773d-4153-aa96-d3efbde57fb8
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame BC4C 0
0 42ms
42ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuhsE5uJlnMvzYcx_LGgtw0F0HD5_taVU_TYDEYD1m8CTSInk4LZbxoagkaI1UqOwDuiONZf1lzFfGuDjbhQlurYCQuD8onq8qHaONEIxgmhFBqBBYEalFLs7RgSe6iMLP6Q7oZs1DhFswXZABGMPuU8EwCacNhHx70k58hJSllbDBucfspE0hWsVScXh--U6r52Wzd_hUJU9Ke4f-o1qlO5opTob7G_1Z07z6HrHA58ABErfGtyFAuPNkbnDRKVFrls0du5HVrOQ1yFj5wl-krbjQDV5-gVQSPmjgpqtDKRnLRFw&sai=AMfl-YTgmdH3E2ZI1a0aDTCnpfJLngorETGGUthTmz9455AfbEj9_6m3Rgk322euLhQKpX7g-XTFiSb1p535&sig=Cg0ArKJSzIbEBGVyhyQaEAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=438545d00038fe8840b1209781ad4d2d-1615180561

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Mar 2021 05:16:05 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/ Frame BC4C 18 KB
8 KB 36ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 2412555088240638002
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Mar 2021 05:11:56 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame BC4C 3 KB
2 KB 39ms
25ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Mar 2021 05:15:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BC4C 110 KB
34 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614774766775808"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34192
x-xss-protection: 0
expires: Mon, 08 Mar 2021 05:16:05 GMT

GET
H3-Q050 200 7114969398400660195
tpc.googlesyndication.com/simgad/ Frame BC4C 68 B
94 B 38ms
25ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7114969398400660195

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 13:28:32 GMT
x-content-type-options: nosniff
age: 229653
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 23 May 2018 07:39:36 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Mar 2022 13:28:32 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2EB2 0
0 44ms
41ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst04e8XXWMe5xn43C0ZYh-7Hr0pWuWm2iarLlYP9GipMdA-aa7qkMcmZMY1UlRijiK5BFCCdjg4UVfMGmuiALJ-IDDFGYzGwJKqJX6YDjNGpzm_AxcNJbiei1NR6pfGUEXQY9qswW0ewNjwtauyLUN4Ne9Cuxs8xnDRfFBUkoGQ7R0aEVTa6JWVddbC1fP67IQlcKOQOhlxDcySWSKO7vUUq58NDJ5u3clJtYAj3ti2ymMpdTQsF1rWODe1P5urE6iGblyqJUeNHCYoz5NVeBlm4BVvL5KsflE0jHDhQ9aKiL_j0w&sai=AMfl-YSI_QcQ4UNxMT3-ZUxIXPQZF_WYPdLue7xAhKtYbD3aUyreN8TcnyPEH7JJ6JX6Ez2Uz0x6R6AZHwi1&sig=Cg0ArKJSzMsB81H0pzYpEAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=438545d00038fe8840b1209781ad4d2d-1615180561

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Mar 2021 05:16:05 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 7114969398400660195
tpc.googlesyndication.com/simgad/ Frame 2EB2 68 B
232 B 29ms
23ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7114969398400660195

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 13:28:32 GMT
x-content-type-options: nosniff
age: 229653
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 23 May 2018 07:39:36 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Mar 2022 13:28:32 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/ Frame 2EB2 18 KB
7 KB 30ms
24ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 2412555088240638002
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Mar 2021 05:11:56 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame 2EB2 3 KB
2 KB 31ms
25ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Mar 2021 05:15:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2EB2 110 KB
33 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614774766775808"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34192
x-xss-protection: 0
expires: Mon, 08 Mar 2021 05:16:05 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2EB2 0
0 16ms
13ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ_Crh8D5P8bI6fO1lxHD6T1jwxViD_YtJJdRrR5fkrwJg3IkUfgocIY7LmZFnYsmqRQ-a6
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614774803212306"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28399
x-xss-protection: 0
expires: Mon, 08 Mar 2021 05:16:05 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 69A8 0
0 41ms
40ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssx5QOlhsuIu15IiGkwOn8Gg2AhcZNJYBI0z4lrOMFRduQCwHoS3QggpPU621p0C7T6qHcgNR8LGQlf8dWJGLZQBKhDCZbdgTwMMYqe1lb9OUvTRMjy5_MRC9boKrIl7CpFRVDtBaVIyDNiKwJEE0EY7BJgC7MBOINPK36BFZ1gKcDEoXuOtDOIe8fxE4e_xIgButkvZmkiUKCgsOFTH7scJiJtG5uHtzFrmuMlaxGOdRRNZJVg18Xem9xwAfuW3FALXJk4z5MHFqqXUd4XYLBdfi_-MGrnCuFloaGbCPErwxXXjg&sai=AMfl-YR2_sYZ0kPrvVlVbQVNQ-jeZQ8BRB-Q6MoUMbt3ZzkQ-mDtv3EuxpknF7HxoP_NaFndHBVs8HAp7A4H&sig=Cg0ArKJSzE3S88brGHl0EAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=438545d00038fe8840b1209781ad4d2d-1615180561

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Mar 2021 05:16:05 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/ Frame 69A8 18 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 2412555088240638002
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Mar 2021 05:11:56 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame 69A8 3 KB
2 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Mar 2021 05:15:00 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 69A8 110 KB
33 KB 47ms
30ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614774766775808"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34192
x-xss-protection: 0
expires: Mon, 08 Mar 2021 05:16:05 GMT

GET
H3-Q050 200 13756812283639570429
tpc.googlesyndication.com/simgad/ Frame 69A8 68 B
169 B 9ms
9ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13756812283639570429

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 02:37:17 GMT
x-content-type-options: nosniff
age: 355128
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 23 May 2018 07:40:06 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Mar 2022 02:37:17 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 700F 0
0 43ms
40ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstH3oLIjRzeMB-gE3nhMxrbOKL46uTiuwRciOugcJpXoQ69QgJyGPzeciSBol2ZwlbcFslu4GXTIci2G1Xn4SGjku-6firkhucoICB87Kr6eDgz8v0jw2XOMSwUuu1F9XuLTXy3OJyFeyi6Lyp5ZT8fqNEkWmqeIM-1u8X1YFMdv3TsoNA1FPr1Vy8tWacARYnUg6hi5VY7N6_WDmOslnxIChiomup90cHbBAj3jRskeYThqAlst71msNGxcfdcWpdKa9u-4Xaz1f9hKcXX5B-qM6tM3yBIa6aNFw3vxr2HIzWEAQ&sai=AMfl-YTFVkR0To06ms0Ip_bJc1OkGj3eKtZYWZi0e3eR4je22SIFrZYawURKaysqLuc2X-Ad7vtwYOtvyvNE&sig=Cg0ArKJSzE_zwiI6R-PlEAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=438545d00038fe8840b1209781ad4d2d-1615180561

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Mar 2021 05:16:05 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 13756812283639570429
tpc.googlesyndication.com/simgad/ Frame 700F 68 B
94 B 7ms
6ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13756812283639570429

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 02:37:17 GMT
x-content-type-options: nosniff
age: 355128
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 23 May 2018 07:40:06 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Mar 2022 02:37:17 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/ Frame 700F 18 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 2412555088240638002
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Mar 2021 05:11:56 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame 700F 3 KB
2 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Mar 2021 05:15:00 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 700F 110 KB
33 KB 40ms
30ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614774766775808"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34192
x-xss-protection: 0
expires: Mon, 08 Mar 2021 05:16:05 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame C946 0
0 42ms
40ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvHhZTZxsJ7Eo9VT-maAjw8s1qc_AF-yb4ti7WJ4ckHdAk9HB2VlWBuQNBCDQChETRwXSLfZyzCuN5__1OGs0p7YQxgLFi9jQth8OHBrGKb4LFQgKxeyknyx9gRqgOE4iucxwoB_3mhCVG1OiatM4322Cgv5QevPFsJCnXK7xCsMQT7byxkxudWroZKqN_9kRhGTGfbN1QziLgLQ446xVOwzwmXGRIRrrWrHlb1YwFmpzoXsYOhOq2JvA4SWlgijXCLgjQLERq7mgSPpCd54eWYZ2WBKmyPUSgx9B9C1M12S0e99Q&sai=AMfl-YSZlM4MxmqSxWy6mubFIZt111wyllTsU1s6Yh6NwZivCvAJ1TD52wafwZMpuYj9j3SLVoOlOydS6CFF&sig=Cg0ArKJSzLiR0Y5p8PgdEAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=438545d00038fe8840b1209781ad4d2d-1615180561

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Mar 2021 05:16:05 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/ Frame C946 18 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 2412555088240638002
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Mar 2021 05:11:56 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame C946 3 KB
2 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Mar 2021 05:15:00 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C946 110 KB
34 KB 32ms
28ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614774766775808"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34192
x-xss-protection: 0
expires: Mon, 08 Mar 2021 05:16:05 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame C946 0
0 44ms
29ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS90Prx5ZGUwagvG9OnxX_P3e0sTd6_rqCL65Ts96VGMCz_kWNI43oaPtPUmA_cccZ7Ka-Z
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 13503232906761715217
tpc.googlesyndication.com/simgad/ Frame C946 3 KB
3 KB 8ms
6ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13503232906761715217

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a87453753b5611e7806718ec99a837dc8068d9eb20b4b6b3bb0d38ee2bd84d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:56:32 GMT
x-content-type-options: nosniff
age: 245973
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3270
x-xss-protection: 0
last-modified: Wed, 23 May 2018 04:43:28 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Mar 2022 08:56:32 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame A6AA 0
0 42ms
41ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsukg7IVCYj7TXhKDjDs-_tkVbGZzK6nM3BDjbikT8AUeDarqN6oXwLUqV7yO8EKljabUWCC_-mUN91f1C1q8zBlYlsPlQb7H_DjaILrtmrXqpHNOIYZPH4ZOMQH51Um432EY5PLMIMF5Mxv75KUXvXKN_jTaXD8g5uv4rSrC4-8rAI3nmFAueVABAI0tQPdfMCaaJdqT0XKN1fCCAgBQjWMgKMfxidpcGhlEq0FE2CNEJLTnXaPUp7dvOrQkKs-Gni_JML63YulJirzLTk0iRoKt8a3wWTvs8orH8b1cz5S2bKNbA&sai=AMfl-YTg03NegjcYX71eJQh56D1GVxDlhjH1dN4-4uBjyFnMNDGBbpcFUgyp_ffb2o9EViSbN2SrkFxblYrP&sig=Cg0ArKJSzAzA0he3HwghEAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=438545d00038fe8840b1209781ad4d2d-1615180561

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Mar 2021 05:16:05 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 7114969398400660195
tpc.googlesyndication.com/simgad/ Frame A6AA 68 B
94 B 6ms
6ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7114969398400660195

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 13:28:32 GMT
x-content-type-options: nosniff
age: 229653
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 23 May 2018 07:39:36 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Mar 2022 13:28:32 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/ Frame A6AA 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 2412555088240638002
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Mar 2021 05:11:56 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame A6AA 3 KB
2 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Mar 2021 05:15:00 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A6AA 110 KB
33 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614774766775808"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34192
x-xss-protection: 0
expires: Mon, 08 Mar 2021 05:16:05 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame A6AA 0
0 38ms
29ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTCdvgJHfRprIRV6bZL6uZH2ECJODilNdbLAmfcW8lFV6Gu7yhlpYLK5SzcJ4nznLB5hAbe
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame DD05 0
214 B 29ms
7ms Image
text/plain 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=6404&puid=54537386079071306343636709354180226755&gdpr=0&gdpr_consent=
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

collect
px.ads.linkedin.com/ Frame 8B08
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1615180565235&url=https%3A%2F%2Fwww.heraldsun.com.au%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26time%3D1615180565235%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1615180565235&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&liSync=true

0
57 B

141ms
140ms

Image
application/javascript

2620:119:50e3:101::6cae:b45
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1615180565235&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&liSync=true
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:119:50e3:101::6cae:b45 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:05 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-proto: http/2
x-li-pop: prod-eda6
content-type: application/javascript
content-length: 0
x-li-uuid: YiRFyypGahaQcgdF/ioAAA==

Redirect headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
linkedin-action: 1
content-length: 0
x-li-uuid: yLE+wSpGahYg5bj2aCsAAA==
pragma: no-cache
x-li-pop: afd-prod-ltx1
x-msedge-ref: Ref A: 6B8C9904715A41B9B616915808DC8E17 Ref B: FRAEDGE0909 Ref C: 2021-03-08T05:16:05Z
date: Mon, 08 Mar 2021 05:16:05 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options: sameorigin
x-li-fabric: prod-ltx1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1615180565235&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&liSync=true
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ls.html Show response
cdn-gl.imrworldwide.com/novms/html/ Frame A489 12 KB
4 KB 25ms
25ms Document
text/html 2600:9000:20d7:5200:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20d7:5200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

:method: GET
:authority: cdn-gl.imrworldwide.com
:scheme: https
:path: /novms/html/ls.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

content-type: text/html
last-modified: Wed, 03 Feb 2021 14:35:44 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: TUYRoecoF1i4c0OOX1nHzaoGL1pXvxF4
server: AmazonS3
content-encoding: gzip
date: Mon, 08 Mar 2021 04:49:01 GMT
cache-control: max-age=86400
etag: W/"7fa83dfc7b78314b137e2eb13834daa7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 76991fdca074ecae847653e013587ff8.cloudfront.net (CloudFront)
x-amz-cf-pop: ZAG50-C1
x-amz-cf-id: s4kcqpfwHdhI5SCde-orSolzTnwLaMoVIrce5AB9rqBm1bbmDETkrg==
age: 5223

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/ Frame 84B4 2 KB
1 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/?random=1615180565257&cv=9&fst=1615180565257&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7831aea48fb03190080aa5c30dc644a362257f1e7f8d2cdae3a1e98587ea3e02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 971
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ Frame BD1A 43 B
448 B 141ms
124ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o3flk&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2F

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 118
pragma: no-cache
last-modified: Mon, 08 Mar 2021 05:16:05 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 8e8aae23a5ded1dbbc1b1bafd41d1ce2
x-transaction: 00cd95f500445373
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK pixie
ib.adnxs.com/ Frame F870 42 B
353 B 6ms
6ms Image
image/gif 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/pixie?e=PageView&pi=4332873b-84ca-4d4d-a575-ee974bcdf99a&it=1615180565295&v=0.0.15&u=https%3A%2F%2Fwww.heraldsun.com.au%2F&r=https%3A%2F%2Fwww.heraldsun.com.au%2F&st=1615180565295&et=1615180565296&if=1
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: nginx/1.17.9 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 08 Mar 2021 05:16:05 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx/1.17.9
Connection: keep-alive
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 535.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 10.13.70.77:80
Content-Length: 42
Content-Type: image/gif

GET
H3-Q050 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 76C1 32 KB
13 KB 44ms
29ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-707564276

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

104ff1abbbad8a44885817c01d09b1454d44dfef30c991f25712feb21ffea675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12538
x-xss-protection: 0
server: cafe
etag: 10853274261861872019
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 08 Mar 2021 05:16:05 GMT

GET
DATA 200
OK truncated
/ Frame BC4C 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 73055c10a6abf7d53102695e042a76c76b572b5714874a8b69b66a729374121f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 9F04 48 KB
14 KB 115ms
57ms Script
application/javascript 99.80.67.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025560&pubOrder=305536031&cb=1304318945&custom=homepage&custom3=168400391&adsafe_par&impId=61bc5df2-7fcd-11eb-8876-06da572054ee
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.67.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b651f39c8d676a6f13c2d1296e59c09f2339469edc1785afd10c581d3c82895c

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:05 GMT
content-encoding: gzip
x-server-name: app24.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
DATA 200
OK truncated
/ Frame 2EB2 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ff94a1a9432c4acff10b51791409428a3f3941d764f07856c72db5664c77d81

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 740E 48 KB
14 KB 86ms
59ms Script
application/javascript 99.80.67.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|3&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092474&pubOrder=305536031&cb=175456845&custom=homepage&custom3=168400391&adsafe_par&impId=61bc5df3-7fcd-11eb-8876-06da572054ee
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.67.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b4566b601edd1615054b8c509226aafe9f03e9f0c301fdab2d0c8ba006ac95fc

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:05 GMT
content-encoding: gzip
x-server-name: app19.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
DATA 200
OK truncated
/ Frame C946 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aad9d0793ca00bde7bdc134dde38f88f9b0054a4cf96176cd419233285a7c092

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame DA1C 48 KB
14 KB 69ms
68ms Script
application/javascript 99.80.67.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234082178&pubOrder=305536031&cb=1402638235&custom=homepage&custom3=168400391&adsafe_par&impId=61bc5df6-7fcd-11eb-8876-06da572054ee
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.67.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 4138e902d37a62be263be0c92fe2b277b4db7c86c7a2b78f74ac01cc191c929a

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:05 GMT
content-encoding: gzip
x-server-name: app18.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
DATA 200
OK truncated
/ Frame 69A8 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 429ba3095ea6a5e97e629663aeab1cc2ded714ae30a86bbd9356d2b25d553d73

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 6117 48 KB
14 KB 40ms
40ms Script
application/javascript 99.80.67.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092471&pubOrder=305536031&cb=408163390&custom=homepage&custom3=168400391&adsafe_par&impId=61bc5df4-7fcd-11eb-8876-06da572054ee
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.67.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 53359eccb6aa442ab24dfb0da86e7cd95b1a00e12367e34a9cd5110328c09516

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:05 GMT
content-encoding: gzip
x-server-name: app12.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
DATA 200
OK truncated
/ Frame 700F 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1c4d89b64041d90152614201d89b44d98cf3138cee6848965accda2a95fbab4

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 54B2 48 KB
14 KB 31ms
31ms Script
application/javascript 99.80.67.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092456&pubOrder=305536031&cb=939344018&custom=homepage&custom3=168400391&adsafe_par&impId=61bc5df5-7fcd-11eb-8876-06da572054ee
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.67.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: dbab728b301552419d058ae42f7fd343228edab6c1e793f75159fef31757d85e

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:05 GMT
content-encoding: gzip
x-server-name: app02.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
DATA 200
OK truncated
/ Frame A6AA 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f15c7fc7c53dc4350f1f5ac6fff6228cfa0877b7d7531a5d878862c5d8bf5bb2

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame B410 48 KB
14 KB 31ms
30ms Script
application/javascript 99.80.67.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025461&pubOrder=305536031&cb=1212839332&custom=homepage&custom3=168400391&adsafe_par&impId=61bc5df7-7fcd-11eb-8876-06da572054ee
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.67.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: d22eb69386867352f1f14642641c7def58e6a3a39392ea5fa6de5bbeac606dbd

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:05 GMT
content-encoding: gzip
x-server-name: app26.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEKb1nFtRtvrzcdA4Ds5iOtc&google_cver=1
dpm.demdex.net/ Frame DD05
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NTQ1MzczODYwNzkwNzEzMDYzNDM2MzY3MDkzNTQxODAyMjY3NTU=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEKb1nFtRtvrzcdA4Ds5iOtc&google_cver=1?gdpr=0&gdpr_consent=

42 B
915 B

30ms
29ms

Image
image/gif

52.208.123.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEKb1nFtRtvrzcdA4Ds5iOtc&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.123.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v089-050253de1.edge-irl1.demdex.com 5.80.6.20210202104731 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: R4vufOzuQ5U=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEKb1nFtRtvrzcdA4Ds5iOtc&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 dc_pre=CMDc0b74n-8CFQPB1QodxRIAwA;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7931100456042.51
adservice.google.com/ddm/fls/z/ Frame E3F7 42 B
476 B 69ms
55ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMDc0b74n-8CFQPB1QodxRIAwA;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7931100456042.51

Requested by

Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CMDc0b74n-8CFQPB1QodxRIAwA;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7931100456042.51?

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8228261.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 dc_pre=CLnv0b74n-8CFdEeBgAd13oB4w;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3409197494605.8354
adservice.google.com/ddm/fls/z/ Frame A851 42 B
65 B 69ms
55ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLnv0b74n-8CFdEeBgAd13oB4w;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3409197494605.8354

Requested by

Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CLnv0b74n-8CFdEeBgAd13oB4w;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3409197494605.8354?

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8228261.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 4816 32 KB
12 KB 16ms
16ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-820018408

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

104ff1abbbad8a44885817c01d09b1454d44dfef30c991f25712feb21ffea675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12538
x-xss-protection: 0
server: cafe
etag: 10853274261861872019
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 08 Mar 2021 05:16:05 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2EB2 0
0 68ms
55ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvJQFjn_9xefWEvUfdqJmxonVh05-i1L-noxyHCS07rndy_JIhQmhO9zTVAlrAzvmZF6QldzWtsfx0CeFQbq_9qXHGi0VV4XFgeovxayrQOpJwLOP_jtcYp5NfQVbABFh1pok4_hFlsdztOSHXB7VZy4xrmC7DmZ8Nuntfgjy4YRC79mRxaUzbx8lnMRS9B39ubLkWDG-gCTdGz8PPkiFplCC4oAid29gfs_pudSkdfs6zRuEJVxM6uVgeaCpBIB2qMFO6SZs2-0h7lWiK2kgeM2Kp_iJhmSlwuQXFiff3XMVehoooO&sai=AMfl-YQCHodLCJwWw47We7xOPKlFsMCxax3RL-5DaU8KsVI_zVxkcLGNmcnL1TooJMxZ7JYxXf7l4fCL6tLO&sig=Cg0ArKJSzISd68B4rf0HEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Mar 2021 05:16:05 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H2 204 bulk Show response
trc.taboola.com/newscorpau-aud-heraldsun/log/3/ 0
203 B 17ms
17ms XHR
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/newscorpau-aud-heraldsun/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210303-1-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Mon, 08 Mar 2021 05:16:05 GMT
via: 1.1 varnish
server: nginx
x-timer: S1615180566.587491,VS0,VE9
x-served-by: cache-fra19149-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.heraldsun.com.au
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame C946 0
0 45ms
44ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvYSNJGscv2uuI-8vZNdfOgwqBAu0H-aU5yx1grNGRMYv03ai4H14cQf3NsUSv92ihy5voHXESJ3bHcbT5S2ALhoBOsSbh8aGwixQQdpiIh7psVThzLCDkN927B8SwfdvM2ZZ2g39hizWfBumYwG7xccxP3Qws3iv7ZX6DU0s6yWNQyQAFIgpb3DKwl8BVEOZiXQQyjpwVJqszEPEGCFGOExOrTPdaPFViD5BSpFR50icWv49T_mN_Te4iSWvH6QFG2qTBN39ZShnQt5sopsSKJI4DU1f39QSl306YcP04lqwmlaCCI&sai=AMfl-YQbUKV0yHbiNQDglbLlxlc5aHoTBJpgAhgH5UHyn6CcxgzRbtlPzR9h4clYmhqmToPHcTJsEDyrA0Pz&sig=Cg0ArKJSzOcz2cf81AL5EAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Mar 2021 05:16:05 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame A6AA 0
0 40ms
40ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssMscQgmlNqAbXYVTuL5quGyLpbRVKO4nc_zbdoDO_h4Af8axByeSSAW_7Zb1VzSCMVeoPjahG5t4JdE7yKQsTg1aZ7gE5-NlxAjLG51cUBfqpPjaMMhNxQQ-opKiA2Ia41Qx46fTtfFFWId1I0HR0OQqDoTMVUJ9c0awt4BOR8YXOs1SLrfiEOI1NyAu3FRoz0fDG7MZZb5SwOVMAXgLymPxa1B5hL6SXSMV4RZwLR5MHQauIfXTHfbfZLoPKy7UXU4fAajkm5Fu1a8rvJ6tLU3AqYzjbilsnaX6xHLJzcx8b2Dv0-&sai=AMfl-YQ7DqXfhIxVuZno8ZV_FD69SoqgVCf0h_gqa3RKS2ha8QGfmotybR71E-Z3z5StozW9R_vyWCJRg16C&sig=Cg0ArKJSzGXzEihb_yUMEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Mar 2021 05:16:05 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame BC4C 0
0 41ms
41ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuZZ9eFvckJOR87Rf9xiEgxKvrgAzi7gCbV6ImzoSooNAZho13rpEtadM9rfxAVHh3v3_wReeV6jjEnl07F0Ua-Va46oUJStTrwCV_1-PbIyddorzgmEL50FuAdSGjnL8vvALhLSXeC5Hcwf6TOjjov03ozK-MJsHcAj0Bk1uX5_aHVcIcp_Vhfu4IbBTlFq1RYmWcllvlirAv8IhfhafE-zm0tYz4BkIcTtkTbunNOrlhRrGsCcwO_2e9pfw3J5oO5OC-KnsARMK9pkz9p-VOe39-93_fHwyUZrZLnuQaTGr31or8m&sai=AMfl-YTDhncFxFY09DxQasj5CYcsayKhv2IpQrxiLkodupW59_IAXBMz7XG4aqzS2X28Yu6Q4MSrpJj0ksor&sig=Cg0ArKJSzO5LIGPL2TMHEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Mar 2021 05:16:05 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 69A8 0
0 41ms
40ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvkzLrHQLIYOLpeY2A8idab1SZ45ijuvFIy6qeVvOcudwBsMYR0Lo6K2dnjaLRdybsLr1otor1lJl2mLzjTSDQwyyBhGSYzwz72iecMYexkXKAcAhoHSZcawfJsBDiCkXPHjkTmXh3GlCCnIcou9XvuDR9KbEq6ZMzXwtOxszZUTwh1ZepNxC-4d5OukOxfTYTaxIoTjMn8Nl2HFfXEjdVtaHfEsb4ge6f1hFbk0ZroTsiXXY2dbEI_wfN6xYySQvC4LStSdDYA7xEouCZBLMZeJZvUjextc8ND-3RTDq_fGH9T3LLS&sai=AMfl-YRUx6IDnh0-TH3Pqr2-HSYjkaEGATnGoFcEXrZOujyYetzWa0RyCxBg5_yuVXQklxQg2B-6ymslTCMo&sig=Cg0ArKJSzI1eORyMxEIuEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Mar 2021 05:16:05 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 700F 0
0 40ms
40ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssyectsWuaMJAYjNJxzE91kiOK2E_thjXfxuq3GqvI3b9FUrgJE8fiOIj-nM7VKDWF2M0uIfebAH_SeUJulq-fdL9soefIEGCQJ7nMsXTOOdAoGB6bk1CDCSyT4ilYb2JH5A42DHThw8dSKcNwKbl0ASFsdJ5rCkufB7torcVdU61nyXLuZgyCxR5K_Fz7jIztGECXoA-02Qyw-I4DmUgrESsi2gdx_ZF6LIGMUlYKfmmGc07iOCHWMXyvSd6PesfagpjvZDek1dmb8SoS0hq4Jrh8YZkAyJXAJIskizTSQByN7NFCH&sai=AMfl-YS_kdSKmh4pkYrWWsmgAwg1aIsnSx8BCURk1MN9Rgp-eI8u9rDLh9bBVQZ8sJdV4zqC6qPyq5xl3sna&sig=Cg0ArKJSzL8tmQYW8HSUEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Mar 2021 05:16:05 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/859754747/ Frame 84B4 42 B
329 B 19ms
19ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/859754747/?random=1615180565257&cv=9&fst=1615179600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=3842735735&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/859754747/ Frame 84B4 42 B
154 B 21ms
20ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/859754747/?random=1615180565257&cv=9&fst=1615179600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=3842735735&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/ Frame 76C1 2 KB
1 KB 51ms
49ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/?random=1615180565644&cv=9&fst=1615180565644&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2o0&sendb=1&ig=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

c8ae74e20ddba0d65b6b32cfa0d1d646c1e55552656cddbd0e3d8fa025200eb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1011
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.gr.19.8.170.js Show response
static.adsafeprotected.com/ Frame 9F04 179 KB
57 KB 192ms
105ms Script
application/javascript 54.220.184.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.170.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025560&pubOrder=305536031&cb=1304318945&custom=homepage&custom3=168400391&adsafe_par&impId=61bc5df2-7fcd-11eb-8876-06da572054ee
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.184.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 222bc2150382a10030b846ad56ed3d2d4cb14a0c2e02fadf4b7b603519e0d4d6

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:05 GMT
content-encoding: gzip
last-modified: Wed, 03 Mar 2021 18:23:10 GMT
server: nginx/1.16.1
etag: W/"40a05a3e6780f402291cef9a938c91de"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 main.gr.19.8.170.js Show response
static.adsafeprotected.com/ Frame 740E 179 KB
57 KB 139ms
54ms Script
application/javascript 54.220.184.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.170.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|3&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092474&pubOrder=305536031&cb=175456845&custom=homepage&custom3=168400391&adsafe_par&impId=61bc5df3-7fcd-11eb-8876-06da572054ee
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.184.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 222bc2150382a10030b846ad56ed3d2d4cb14a0c2e02fadf4b7b603519e0d4d6

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:05 GMT
content-encoding: gzip
last-modified: Wed, 03 Mar 2021 18:23:10 GMT
server: nginx/1.16.1
etag: W/"40a05a3e6780f402291cef9a938c91de"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H/1.1

200
OK

ibs:dpid=903&dpuuid=5697664b-3c46-476e-ba6b-6507bb7241bf
dpm.demdex.net/ Frame DD05
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://dpm.demdex.net/ibs:dpid=903&dpuuid=5697664b-3c46-476e-ba6b-6507bb7241bf

42 B
915 B

29ms
28ms

Image
image/gif

52.208.123.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=903&dpuuid=5697664b-3c46-476e-ba6b-6507bb7241bf

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.123.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v089-0783044f5.edge-irl1.demdex.com 5.80.6.20210202104731 0ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: zvcuyX6cRMU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:05 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dpm.demdex.net/ibs:dpid=903&dpuuid=5697664b-3c46-476e-ba6b-6507bb7241bf
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 189

GET
H2 200 main.gr.19.8.170.js Show response
static.adsafeprotected.com/ Frame DA1C 179 KB
57 KB 181ms
105ms Script
application/javascript 54.220.184.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.170.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234082178&pubOrder=305536031&cb=1402638235&custom=homepage&custom3=168400391&adsafe_par&impId=61bc5df6-7fcd-11eb-8876-06da572054ee
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.184.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 222bc2150382a10030b846ad56ed3d2d4cb14a0c2e02fadf4b7b603519e0d4d6

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:05 GMT
content-encoding: gzip
last-modified: Wed, 03 Mar 2021 18:23:10 GMT
server: nginx/1.16.1
etag: W/"40a05a3e6780f402291cef9a938c91de"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 main.gr.19.8.170.js Show response
static.adsafeprotected.com/ Frame 6117 179 KB
57 KB 178ms
104ms Script
application/javascript 54.220.184.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.170.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092471&pubOrder=305536031&cb=408163390&custom=homepage&custom3=168400391&adsafe_par&impId=61bc5df4-7fcd-11eb-8876-06da572054ee
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.184.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 222bc2150382a10030b846ad56ed3d2d4cb14a0c2e02fadf4b7b603519e0d4d6

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:05 GMT
content-encoding: gzip
last-modified: Wed, 03 Mar 2021 18:23:10 GMT
server: nginx/1.16.1
etag: W/"40a05a3e6780f402291cef9a938c91de"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 main.gr.19.8.170.js Show response
static.adsafeprotected.com/ Frame 54B2 179 KB
57 KB 153ms
82ms Script
application/javascript 54.220.184.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.170.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092456&pubOrder=305536031&cb=939344018&custom=homepage&custom3=168400391&adsafe_par&impId=61bc5df5-7fcd-11eb-8876-06da572054ee
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.184.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 222bc2150382a10030b846ad56ed3d2d4cb14a0c2e02fadf4b7b603519e0d4d6

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:05 GMT
content-encoding: gzip
last-modified: Wed, 03 Mar 2021 18:23:10 GMT
server: nginx/1.16.1
etag: W/"40a05a3e6780f402291cef9a938c91de"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 main.gr.19.8.170.js Show response
static.adsafeprotected.com/ Frame B410 179 KB
57 KB 173ms
105ms Script
application/javascript 54.220.184.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.170.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025461&pubOrder=305536031&cb=1212839332&custom=homepage&custom3=168400391&adsafe_par&impId=61bc5df7-7fcd-11eb-8876-06da572054ee
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.184.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 222bc2150382a10030b846ad56ed3d2d4cb14a0c2e02fadf4b7b603519e0d4d6

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:05 GMT
content-encoding: gzip
last-modified: Wed, 03 Mar 2021 18:23:10 GMT
server: nginx/1.16.1
etag: W/"40a05a3e6780f402291cef9a938c91de"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/ Frame 4816 2 KB
1 KB 51ms
50ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/?random=1615180565673&cv=9&fst=1615180565673&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2o0&sendb=1&ig=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

c8b6b13c6a99536a5c485723eda213256a782ef1116de8dd2742465e531db040

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1012
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gn
secure-dcr.imrworldwide.com/cgi-bin/ Frame A489 44 B
530 B 102ms
33ms Image
image/gif 54.246.196.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&sessionId=pnoalycbxgwqwvvpo0nekqvy45e6k1615180565&c16=sdkv,bj.6.0.0&uoo=&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&c30=bldv,6.0.0.582&retry=0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.196.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:05 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 /
pnoalycbxgwqwvvpo0nekqvy45e6k1615180565.nuid.imrworldwide.com/ Frame A489 35 B
350 B 95ms
27ms Image
image/gif 2600:9000:20d7:3200:1d:667e:2a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pnoalycbxgwqwvvpo0nekqvy45e6k1615180565.nuid.imrworldwide.com/
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20d7:3200:1d:667e:2a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:03:46 GMT
via: 1.1 43bd2d4908cb8542cdbe4153b40c694b.cloudfront.net (CloudFront)
last-modified: Tue, 11 Sep 2018 17:05:20 GMT
server: AmazonS3
age: 741
etag: "c2196de8ba412c60c22ab491af7b1409"
x-cache: Hit from cloudfront
content-type: image/gif
x-amz-cf-pop: ZAG50-C1
accept-ranges: bytes
content-length: 35
x-amz-cf-id: E8cWix9B9UxRUmFByRjMEMW4jtVgmQ9iSJccvOGzDXanQPE5GHD_uw==

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/707564276/ Frame 76C1 42 B
66 B 20ms
19ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/707564276/?random=1615180565644&cv=9&fst=1615179600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2o0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=156896855&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/707564276/ Frame 76C1 42 B
530 B 47ms
31ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/707564276/?random=1615180565644&cv=9&fst=1615179600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2o0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=156896855&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/820018408/ Frame 4816 42 B
66 B 19ms
19ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/820018408/?random=1615180565673&cv=9&fst=1615179600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2o0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=930115097&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/820018408/ Frame 4816 42 B
66 B 48ms
33ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/820018408/?random=1615180565673&cv=9&fst=1615179600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2o0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=930115097&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 404
Not Found usersync.html
image5.pubmatic.com/AdServer/usersync/ Frame DD05 0
0 29ms
15ms Image
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 campaigns Show response
resourcesssl.newscdn.com.au/indies/ 6 KB
2 KB 9ms
8ms XHR
application/json 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22homepage%22,site:%22heraldsun.com.au%22,section:%22/home%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Requested by: Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: Google Frontend / Express
Resource Hash: 697897d5fb1e297e79a517f84e46e0d952318a1f919b708f710addd5f2865a77

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 08 Mar 2021 05:16:06 GMT
content-encoding: gzip
etag: W/"185f-W+kxCzzSqr8gPlgVu4/+w7gNuAk"
x-powered-by: Express
x-cache-hits: 0
content-length: 1821
x-served-by: cache-dca17774-DCA
server: Google Frontend
x-timer: S1614924290.030150,VS0,VE333
x-i: true
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 6ed8993bbfb447c03a2d16a9a3e2e4bf
cache-control: private, max-age=348557
function-execution-id: 2n0qgoulax0q
accept-ranges: bytes
x-orig-accept-language: en-US,en;q=0.9
x-country-code: DE
expires: Fri, 12 Mar 2021 06:05:23 GMT

OPTIONS
H2 204 campaigns
resourcesssl.newscdn.com.au/indies/ Frame 0
0 357ms
356ms Preflight
text/html 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22homepage%22,site:%22heraldsun.com.au%22,section:%22/home%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Protocol: H2
Server: 104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.heraldsun.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
content-type: text/html
function-execution-id: 6isky2dsukf3
server: Google Frontend
x-cloud-trace-context: b5d0d42f2a670d420d21c96111143032
x-country-code: DE
x-orig-accept-language: en-US
x-powered-by: Express
accept-ranges: bytes
x-served-by: cache-dca17757-DCA
x-cache-hits: 0
x-timer: S1615180566.850261,VS0,VE237
cache-control: private, max-age=604771
expires: Mon, 15 Mar 2021 05:15:37 GMT
date: Mon, 08 Mar 2021 05:16:06 GMT
x-i: true

GET
H2 200 sca.17.5.1.js Show response
static.adsafeprotected.com/ Frame 4BC6 82 KB
22 KB 29ms
27ms Script
application/javascript 54.220.184.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.1.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.184.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:05 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 17:39:07 GMT
server: nginx/1.16.1
age: 44
etag: W/"793767aa29c23c195c863f01f1e83e06"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 32ms
32ms Image
image/gif 99.80.67.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|3&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092474&pubOrder=305536031&cb=175456845&custom=homepage&custom3=168400391&adsafe_par&impId=61bc5df3-7fcd-11eb-8876-06da572054ee&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:df2c7711-f261-8fc6-5d70-e081a45974ae,c:6frn9c,sl:outOfView,em:true,fr:true,mn:app19ie,pt:1-5-15,wc:0.0.1600.1200,ac:800.10483.1.1,am:i,cc:800.10483.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:sr2B381+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1g*.10507%7C1g1%7C1h1%7C1i1%7C1j1%7C1k1%7C1l%7C1m,idMap:1g*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:218,oid:62035221-7fcd-11eb-abf4-068792706006,v:19.8.170,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.67.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:05 GMT
x-server-name: app30.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1

200
OK

ibs:dpid=23728&dpuuid=YEWzFfO5SvDiPgwooCCK9AAA%261192
dpm.demdex.net/ Frame DD05
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__
https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&C=1
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YEWzFfO5SvDiPgwooCCK9AAA%261192

42 B
915 B

29ms
28ms

Image
image/gif

52.208.123.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YEWzFfO5SvDiPgwooCCK9AAA%261192

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.123.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v089-0fe4fd016.edge-irl1.demdex.com 5.80.6.20210202104731 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: Mt+FiCrdTro=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 08 Mar 2021 05:16:06 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YEWzFfO5SvDiPgwooCCK9AAA%261192
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 264
Expires: Mon, 08 Mar 2021 05:16:06 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 269ms
89ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=df2c7711-f261-8fc6-5d70-e081a45974ae&tv=%7Bc:6frn9T,pingTime:-2,time:260,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:263,beZ:264,mfA:452,cmA:453,inA:453,inZ:462,prA:462,prZ:472,si:481,poA:481,poZ:493,cmZ:493,mfZ:493,loA:513,loZ:515,ltA:523,ltZ:523%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:217%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:261,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:217,wc:0.0.1600.1200,ac:800.10483.1.1,am:i,cc:800.10483.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B66~0%5D,as:%5B66~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sr2B381+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1g*.10507%7C1g1%7C1h1%7C1i1%7C1j1%7C1k1%7C1l%7C1m,idMap:1g*,rmeas:1,rend:0,renddet:IMG.us,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_1,google_ads_iframe_/5129/ndm.hwt/home_1__container__,ad-block-728x90-3%5D,sinceFw:41,readyFired:true%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Mar 2021 05:16:06 GMT
X-Server-Name: dt40.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 sca.17.5.1.js Show response
static.adsafeprotected.com/ Frame 2770 82 KB
22 KB 29ms
28ms Script
application/javascript 54.220.184.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.1.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.184.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:05 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 17:39:07 GMT
server: nginx/1.16.1
etag: W/"793767aa29c23c195c863f01f1e83e06"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 33ms
32ms Image
image/gif 99.80.67.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=10x10|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234082178&pubOrder=305536031&cb=1402638235&custom=homepage&custom3=168400391&adsafe_par&impId=61bc5df6-7fcd-11eb-8876-06da572054ee&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:1f2685fc-6b7f-3fb7-63ee-14257bf6cca5,c:6frnat,sl:outOfView,em:true,fr:true,mn:app18ie,pt:1-5-15,wc:0.0.1600.1200,ac:795.10524.10.10,am:i,cc:795.10524.10.10,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:sr2B38a+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1g1%7C1g2%7C1h1%7C1i1%7C1j*.10507%7C1j1%7C1k1%7C1l%7C1m,idMap:1j*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:288,oid:6205c314-7fcd-11eb-924e-0ab32f77e5b0,v:19.8.170,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.67.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:05 GMT
x-server-name: app29.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 sca.17.5.1.js Show response
static.adsafeprotected.com/ Frame 4BA2 82 KB
22 KB 28ms
27ms Script
application/javascript 54.220.184.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.1.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.184.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:05 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 17:39:07 GMT
server: nginx/1.16.1
etag: W/"793767aa29c23c195c863f01f1e83e06"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 33ms
32ms Image
image/gif 99.80.67.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092471&pubOrder=305536031&cb=408163390&custom=homepage&custom3=168400391&adsafe_par&impId=61bc5df4-7fcd-11eb-8876-06da572054ee&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:3f5e676c-d422-1b77-131a-c629106d2bce,c:6frnaS,sl:outOfView,em:true,fr:true,mn:app12ie,pt:1-5-15,wc:0.0.1600.1200,ac:1273.484.1.1,am:i,cc:1273.484.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:sr2B38c+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1g1%7C1g2%7C1h*.10507%7C1h1%7C1i1%7C1j1%7C1j2%7C1k1%7C1l%7C1m,idMap:1h*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:310,oid:620aa58f-7fcd-11eb-b9ae-0a1e87f1382c,v:19.8.170,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.67.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:06 GMT
x-server-name: app32.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 sca.17.5.1.js Show response
static.adsafeprotected.com/ Frame 5364 82 KB
22 KB 28ms
27ms Script
application/javascript 54.220.184.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.1.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.184.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:06 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 17:39:07 GMT
server: nginx/1.16.1
age: 14
etag: W/"793767aa29c23c195c863f01f1e83e06"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 32ms
32ms Image
image/gif 99.80.67.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092456&pubOrder=305536031&cb=939344018&custom=homepage&custom3=168400391&adsafe_par&impId=61bc5df5-7fcd-11eb-8876-06da572054ee&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:c2f89896-c38d-ff4b-27c2-66cb8101e034,c:6frnbd,sl:outOfView,em:true,fr:true,mn:app02ie,pt:1-5-15,wc:0.0.1600.1200,ac:1274.9443.1.1,am:i,cc:1274.9443.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:sr2B38g+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1g1%7C1g2%7C1h1%7C1h2%7C1i*.10507%7C1i1%7C1j1%7C1j2%7C1k1%7C1l%7C1m,idMap:1i*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:328,oid:620eeb5c-7fcd-11eb-b71b-02c790015d1e,v:19.8.170,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.67.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:06 GMT
x-server-name: app23.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 sca.17.5.1.js Show response
static.adsafeprotected.com/ Frame 5F3F 82 KB
22 KB 28ms
27ms Script
application/javascript 54.220.184.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.1.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.184.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:06 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 17:39:07 GMT
server: nginx/1.16.1
age: 21
etag: W/"793767aa29c23c195c863f01f1e83e06"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 33ms
32ms Image
image/gif 99.80.67.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025461&pubOrder=305536031&cb=1212839332&custom=homepage&custom3=168400391&adsafe_par&impId=61bc5df7-7fcd-11eb-8876-06da572054ee&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:b87930aa-1b2b-6d63-1399-0a845ab91c0a,c:6frnbv,sl:outOfView,em:true,fr:true,mn:app26ie,pt:1-5-15,wc:0.0.1600.1200,ac:800.3440.1.1,am:i,cc:800.3440.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:sr2B38i+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1g1%7C1g2%7C1h1%7C1h2%7C1i1%7C1i2%7C1j1%7C1j2%7C1k*.10507%7C1k1%7C1l%7C1m,idMap:1k*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:343,oid:6213f3ec-7fcd-11eb-abdb-0a791baeecf6,v:19.8.170,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.67.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:06 GMT
x-server-name: app05.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 sca.17.5.1.js Show response
static.adsafeprotected.com/ Frame 55F8 82 KB
22 KB 28ms
27ms Script
application/javascript 54.220.184.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.1.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.184.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:06 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 17:39:07 GMT
server: nginx/1.16.1
age: 44
etag: W/"793767aa29c23c195c863f01f1e83e06"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 32ms
32ms Image
image/gif 99.80.67.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025560&pubOrder=305536031&cb=1304318945&custom=homepage&custom3=168400391&adsafe_par&impId=61bc5df2-7fcd-11eb-8876-06da572054ee&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:e44fa13a-30d2-44db-409c-9944dd146b2b,c:6frnbN,sl:outOfView,em:true,fr:true,mn:app24ie,pt:1-5-15,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:sr2B37Z+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d%7C1e%7C1f*.10507%7C1f1%7C1g1%7C1g2%7C1h1%7C1h2%7C1i1%7C1i2%7C1j1%7C1j2%7C1k1%7C1k2%7C1l%7C1m,idMap:1f*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:380,oid:6203523d-7fcd-11eb-a6bf-02cb850ca5c2,v:19.8.170,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.67.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:06 GMT
x-server-name: app09.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1

200
OK

ibs:dpid=30432&dpuuid=CI-ad5ab97f051e8e586b5afd54788aa285
dpm.demdex.net/ Frame DD05
Redirect Chain

https://dt.scanscout.com/ssframework/uid?UIAA=54537386079071306343636709354180226755&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-ad5ab97f051e8e586b5afd54788aa285

42 B
915 B

29ms
29ms

Image
image/gif

52.208.123.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-ad5ab97f051e8e586b5afd54788aa285

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.123.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v089-028100483.edge-irl1.demdex.com 5.80.6.20210202104731 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: cgnQJBZmS20=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-ad5ab97f051e8e586b5afd54788aa285
Date: Mon, 08 Mar 2021 05:16:06 GMT
useSecure: true
Server: nginx/1.10.3
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame CEBF 0
181 B 88ms
26ms Document
text/html 52.50.124.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.124.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-124-20.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TDID=5697664b-3c46-476e-ba6b-6507bb7241bf; TDCPM=CAESEgoDYWFtEgsIpN_M6un-sDkQBRgBIAEoAjILCKTXz5eA_7A5EAU4AVoDYWFtYAI.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

date: Mon, 08 Mar 2021 05:16:06 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 adsct Show response
analytics.twitter.com/i/ Frame BD1A 31 B
651 B 132ms
115ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o3flk&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 109
pragma: no-cache
last-modified: Mon, 08 Mar 2021 05:16:06 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: dffe6ebf3786457cb5ea8705872243db
x-transaction: 0057cd730077ad00
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 192ms
92ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=1f2685fc-6b7f-3fb7-63ee-14257bf6cca5&tv=%7Bc:6frncE,pingTime:-2,time:422,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:230,beZ:231,mfA:502,cmA:502,inA:502,inZ:504,prA:504,prZ:512,si:517,poA:518,poZ:527,cmZ:527,mfZ:527,loA:614,loZ:615,ltA:651,ltZ:651%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:10,h:10,t:287%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:422,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:287,wc:0.0.1600.1200,ac:795.10524.10.10,am:i,cc:795.10524.10.10,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B149~0%5D,as:%5B149~10.10%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sr2B37Z+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d%7C1e%7C1f.10507%7C1f1%7C1g1%7C1g2%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1j*.10507%7C1j1%7C1k.10507%7C1k1%7C1l%7C1m,idMap:1j*,rmeas:1,rend:0,renddet:IMG.us,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_4,google_ads_iframe_/5129/ndm.hwt/home_4__container__,ad-block-1000x50-1%5D,sinceFw:133,readyFired:true%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Mar 2021 05:16:06 GMT
X-Server-Name: dt40.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 259ms
88ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=3f5e676c-d422-1b77-131a-c629106d2bce&tv=%7Bc:6frncH,pingTime:-2,time:423,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:200,beZ:202,mfA:496,cmA:496,inA:496,inZ:499,prA:499,prZ:505,si:510,poA:511,poZ:517,cmZ:517,mfZ:517,loA:588,loZ:590,ltA:623,ltZ:623%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:310%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:423,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:310,wc:0.0.1600.1200,ac:1273.484.1.1,am:i,cc:1273.484.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B126~0%5D,as:%5B126~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sr2B37Z+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d%7C1e%7C1f.10507%7C1f1%7C1g1%7C1g2%7C1h*.10507%7C1h1%7C1i.10507%7C1i1%7C1j.10507%7C1j1%7C1j2%7C1k.10507%7C1k1%7C1l%7C1m,idMap:1h*,rmeas:1,rend:0,renddet:IMG.us,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_2,google_ads_iframe_/5129/ndm.hwt/home_2__container__,ad-block-300x250-1,newscorpau_multi_collection-3%5D,sinceFw:112,readyFired:true%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Mar 2021 05:16:06 GMT
X-Server-Name: dt37.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame C099 0
182 B 81ms
26ms Document
text/html 52.50.124.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.124.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-124-20.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TDID=5697664b-3c46-476e-ba6b-6507bb7241bf; TDCPM=CAESEgoDYWFtEgsIpN_M6un-sDkQBRgBIAEoAjILCKTXz5eA_7A5EAU4AVoDYWFtYAI.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

date: Mon, 08 Mar 2021 05:16:06 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 258ms
86ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=c2f89896-c38d-ff4b-27c2-66cb8101e034&tv=%7Bc:6frncL,pingTime:-2,time:423,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:175,beZ:176,mfA:490,cmA:490,inA:490,inZ:492,prA:492,prZ:499,si:503,poA:503,poZ:509,cmZ:509,mfZ:509,loA:568,loZ:569,ltA:598,ltZ:598%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:327%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:423,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:327,wc:0.0.1600.1200,ac:1274.9443.1.1,am:i,cc:1274.9443.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B107~0%5D,as:%5B107~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sr2B37Z+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d%7C1e%7C1f.10507%7C1f1%7C1g1%7C1g2%7C1h.10507%7C1h1%7C1h2%7C1i*.10507%7C1i1%7C1j.10507%7C1j1%7C1j2%7C1k.10507%7C1k1%7C1l%7C1m,idMap:1i*,rmeas:1,rend:0,renddet:IMG.us,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_3,google_ads_iframe_/5129/ndm.hwt/home_3__container__,ad-block-300x250-2,newscorpau_ads-19,group_3_col-22%5D,sinceFw:95,readyFired:true%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Mar 2021 05:16:06 GMT
X-Server-Name: dt48.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 283ms
111ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=b87930aa-1b2b-6d63-1399-0a845ab91c0a&tv=%7Bc:6frncP,pingTime:-2,time:425,type:a,im:%7BpBlk:348,sf:0,pom:1,prf:%7BbeA:143,beZ:145,mfA:477,cmA:477,inA:477,inZ:479,prA:479,prZ:484,si:487,poA:487,bl:492,poZ:492,cmZ:492,mfZ:492,loA:543,loZ:544,ltA:568,ltZ:568%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:343%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:425,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:343,wc:0.0.1600.1200,ac:800.3440.1.1,am:i,cc:800.3440.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B91~0%5D,as:%5B91~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sr2B37Z+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d%7C1e%7C1f.10507%7C1f1%7C1g1%7C1g2%7C1h.10507%7C1h1%7C1h2%7C1i.10507%7C1i1%7C1i2%7C1j.10507%7C1j1%7C1j2%7C1k*.10507%7C1k1%7C1l%7C1m,idMap:1k*,rmeas:1,rend:0,renddet:IMG.us,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_5,google_ads_iframe_/5129/ndm.hwt/home_5__container__,ad-block-728x90-2,newscorpau_ads-168%5D,sinceFw:81,readyFired:true%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Mar 2021 05:16:06 GMT
X-Server-Name: dt44.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 273ms
96ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=e44fa13a-30d2-44db-409c-9944dd146b2b&tv=%7Bc:6frncR,pingTime:-2,time:446,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:292,beZ:294,mfA:661,cmA:661,inA:661,inZ:663,prA:663,prZ:668,si:673,poA:673,poZ:677,cmZ:677,mfZ:677,loA:719,loZ:720,ltA:738,ltZ:738%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:380%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:446,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:379,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B78~0%5D,as:%5B78~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sr2B37Z+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d%7C1e%7C1f*.10507%7C1f1%7C1g1%7C1g2%7C1h.10507%7C1h1%7C1h2%7C1i.10507%7C1i1%7C1i2%7C1j.10507%7C1j1%7C1j2%7C1k.10507%7C1k1%7C1k2%7C1l%7C1m,idMap:1f*,rmeas:1,rend:0,renddet:IMG.us,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_0,google_ads_iframe_/5129/ndm.hwt/home_0__container__,ad-block-728x90-1%5D,sinceFw:65,readyFired:true%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Mar 2021 05:16:06 GMT
X-Server-Name: dt45.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 style.css
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/banner-update-indie/assets/ 969 B
738 B 13ms
13ms Stylesheet
text/css 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/banner-update-indie/assets/style.css

Requested by

Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-206.deploy.static.akamaitechnologies.com

Software

Resource Hash

5b6656e316c03a551cbdeb95f1aed0acdffeb7b3ce743144573475dd3b8133fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: "617866c501ae2baecee3c33975ca8125d4935302e86a88dedf91278f1aec543e"
last-modified: Thu, 04 Mar 2021 00:21:49 GMT
x-timer: S1614817324.882705,VS0,VE269
x-i: true
x-served-by: cache-dca17725-DCA
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=281
date: Mon, 08 Mar 2021 05:16:06 GMT
x-cache-hits: 0
accept-ranges: bytes
content-length: 406
expires: Mon, 08 Mar 2021 05:20:47 GMT

GET
H2 200 main.js Show response
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/banner-update-indie/assets/ 3 KB
2 KB 13ms
13ms Script
text/javascript 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/banner-update-indie/assets/main.js

Requested by

Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-206.deploy.static.akamaitechnologies.com

Software

Resource Hash

386895aeac76b1c5ff9b99ceaf1129828535748e9dd0ff241e8f595ca13b6afb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: "799b8c406ecbbc260dc9ac71c011202326bd9a557b155ba1707af12579eded3c"
last-modified: Thu, 04 Mar 2021 00:21:49 GMT
x-timer: S1614817324.897193,VS0,VE298
x-i: true
x-served-by: cache-dca17749-DCA
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=402
date: Mon, 08 Mar 2021 05:16:06 GMT
x-cache-hits: 0
accept-ranges: bytes
content-length: 1276
expires: Mon, 08 Mar 2021 05:22:48 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 209ms
116ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=df2c7711-f261-8fc6-5d70-e081a45974ae&tv=%7Bc:6frndR,time:506,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:506,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:217,wc:0.0.1600.1200,ac:800.10483.1.1,am:i,cc:800.10483.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B311~0%5D,as:%5B311~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sr2B37Z+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d%7C1e%7C1f.10507%7C1f1%7C1g*.10507%7C1g1%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1j.10507%7C1j1%7C1k.10507%7C1k1%7C1l%7C1m,idMap:1g*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Mar 2021 05:16:06 GMT
X-Server-Name: dt40.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 103ms
99ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=1f2685fc-6b7f-3fb7-63ee-14257bf6cca5&tv=%7Bc:6frne0,time:506,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:506,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:287,wc:0.0.1600.1200,ac:795.10524.10.10,am:i,cc:795.10524.10.10,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B233~0%5D,as:%5B233~10.10%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sr2B37Z+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d%7C1e%7C1f.10507%7C1f1%7C1g1%7C1g2%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1j*.10507%7C1j1%7C1k.10507%7C1k1%7C1l%7C1m,idMap:1j*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Mar 2021 05:16:06 GMT
X-Server-Name: dt35.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 88ms
88ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=3f5e676c-d422-1b77-131a-c629106d2bce&tv=%7Bc:6frne1,time:505,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:505,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:310,wc:0.0.1600.1200,ac:1273.484.1.1,am:i,cc:1273.484.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B208~0%5D,as:%5B208~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sr2B37Z+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d%7C1e%7C1f.10507%7C1f1%7C1g1%7C1g2%7C1h*.10507%7C1h1%7C1i.10507%7C1i1%7C1j.10507%7C1j1%7C1j2%7C1k.10507%7C1k1%7C1l%7C1m,idMap:1h*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Mar 2021 05:16:06 GMT
X-Server-Name: dt37.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 86ms
86ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=c2f89896-c38d-ff4b-27c2-66cb8101e034&tv=%7Bc:6frne2,time:502,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:502,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:327,wc:0.0.1600.1200,ac:1274.9443.1.1,am:i,cc:1274.9443.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B186~0%5D,as:%5B186~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sr2B37Z+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d%7C1e%7C1f.10507%7C1f1%7C1g1%7C1g2%7C1h.10507%7C1h1%7C1h2%7C1i*.10507%7C1i1%7C1j.10507%7C1j1%7C1j2%7C1k.10507%7C1k1%7C1l%7C1m,idMap:1i*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Mar 2021 05:16:06 GMT
X-Server-Name: dt48.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 96ms
95ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=b87930aa-1b2b-6d63-1399-0a845ab91c0a&tv=%7Bc:6frne3,time:501,type:e,im:%7BpWait:6%7D,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:501,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:343,wc:0.0.1600.1200,ac:800.3440.1.1,am:i,cc:800.3440.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B167~0%5D,as:%5B167~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sr2B37Z+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d%7C1e%7C1f.10507%7C1f1%7C1g1%7C1g2%7C1h.10507%7C1h1%7C1h2%7C1i.10507%7C1i1%7C1i2%7C1j.10507%7C1j1%7C1j2%7C1k*.10507%7C1k1%7C1l%7C1m,idMap:1k*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Mar 2021 05:16:06 GMT
X-Server-Name: dt45.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 91ms
91ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=e44fa13a-30d2-44db-409c-9944dd146b2b&tv=%7Bc:6frne3,time:520,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:520,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:379,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B151~0%5D,as:%5B151~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sr2B37Z+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d%7C1e%7C1f*.10507%7C1f1%7C1g1%7C1g2%7C1h.10507%7C1h1%7C1h2%7C1i.10507%7C1i1%7C1i2%7C1j.10507%7C1j1%7C1j2%7C1k.10507%7C1k1%7C1k2%7C1l%7C1m,idMap:1f*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Mar 2021 05:16:06 GMT
X-Server-Name: dt44.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1

200
OK

ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame DD05
Redirect Chain

https://ps.eyeota.net/match?bid=6j5b2cv&uid=54537386079071306343636709354180226755&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

42 B
933 B

29ms
29ms

Image
image/gif

52.208.123.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.123.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v089-056892fce.edge-irl1.demdex.com 5.80.6.20210202104731 0ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Error: 303,104
X-TID: NqFSWpmASk4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date: Mon, 08 Mar 2021 05:16:06 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame DD05
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=adobe&id=54537386079071306343636709354180226755
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=54537386079071306343636709354180226755

0
337 B

85ms
27ms

Image
text/plain

54.171.91.151
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=54537386079071306343636709354180226755
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.91.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:06 GMT
cache-control: private, no-cache, no-store
x-request-time: D=32 t=1615180566
x-served-by: beacon-n021-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=54537386079071306343636709354180226755
date: Mon, 08 Mar 2021 05:16:06 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a008-ash-prod.krxd.net

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 96ms
96ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=df2c7711-f261-8fc6-5d70-e081a45974ae&tv=%7Bc:6frnh5,pingTime:-10,time:706,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.1v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS4xdjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS4xdk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC02MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,asp:1615180566359%7C%7C2325d94281f49bd6f6508ea6d16493a9%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7Cabf124b07f59fd5a2fa9fc6e7a6bdbad%7C%7C22012c2ac1921b619e5dd37688335311%7C%7C379c7ecb7ef361a43fa49885ac39f126%7C%7C6b014714d698a11e451dfc72adfd832a%7C%7Ca7e7da56f7e0522047d3067dde3ce641%7C%7C1614879537%7D
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Mar 2021 05:16:06 GMT
X-Server-Name: dt35.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1

200
OK

ibs:dpid=134096&dpuuid=ewLQJx9999eqsWPQ
dpm.demdex.net/ Frame DD05
Redirect Chain

https://tags.bluekai.com/site/43981?id=54537386079071306343636709354180226755&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=ewLQJx9999eqsWPQ

42 B
915 B

30ms
30ms

Image
image/gif

52.208.123.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=134096&dpuuid=ewLQJx9999eqsWPQ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.123.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v089-0419cb970.edge-irl1.demdex.com 5.80.6.20210202104731 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: MmFgxZsrQUo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=134096&dpuuid=ewLQJx9999eqsWPQ
Date: Mon, 08 Mar 2021 05:16:06 GMT
Connection: keep-alive
Content-Length: 0
BK-Server: 9afa
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame DD05
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUVXekZRQUFBRHdQeGdodg==

170 B
213 B

15ms
15ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUVXekZRQUFBRHdQeGdodg==

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:06 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1615180566.496746,VS0,VE0
x-served-by: cache-fra19177-FRA
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUVXekZRQUFBRHdQeGdodg==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 46ms
31ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021030201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c81d663e98916ededb0395ba248f94b7b18e3fa85e47790477ad734f94020bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Mar 2021 05:16:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6523
x-xss-protection: 0

GET
H2 200 c01b03ba5baa679898870de57f263e81
content.api.news/v3/images/bin/ 13 KB
14 KB 24ms
23ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/c01b03ba5baa679898870de57f263e81?width=320
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: d1b0b433181d7f9612818ede624cee8ccdf31d3ff765164ef03dfaba07fd5721

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag: c01b03ba5baa679898870de57f263e81
date: Mon, 08 Mar 2021 05:16:06 GMT
last-modified: Mon, 08 Mar 2021 02:34:56 GMT
server: Akamai Image Manager
etag: c6e4d557949ab07b9cbdba338b0cbd62-c01b03ba5baa679898870de57f263e81-320
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5174356
access-control-allow-headers: x-newsapi-api-key
content-length: 13502
expires: Fri, 07 May 2021 02:35:22 GMT

GET
H2 200 5de06fdb150faebcec1d241c5a318b0f
content.api.news/v3/images/bin/ 25 KB
26 KB 24ms
24ms Image
image/webp 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/5de06fdb150faebcec1d241c5a318b0f?width=320
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 4148ae874fbd97e1524561989f7ff88c863a1a1122783cb89b1a0da08d9cfed2

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag: 5de06fdb150faebcec1d241c5a318b0f
date: Mon, 08 Mar 2021 05:16:06 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 020a01fe5fc8538e0e95a6c3cbed3499-5de06fdb150faebcec1d241c5a318b0f-320
x-serial: 1399
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5171951
last-modified: Mon, 08 Mar 2021 01:55:47 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 25778
expires: Fri, 07 May 2021 01:55:17 GMT

GET
H2 200 e09e078b9cb0d3908af2c38e775005b9
content.api.news/v3/images/bin/ 11 KB
11 KB 34ms
34ms Image
image/webp 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/e09e078b9cb0d3908af2c38e775005b9?width=320
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: d24000dee9786b160005007568f88cc839e36cb3a94ebddaaed7e6d6aa429ba6

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag: e09e078b9cb0d3908af2c38e775005b9
date: Mon, 08 Mar 2021 05:16:06 GMT
last-modified: Mon, 08 Mar 2021 02:10:45 GMT
server: Akamai Image Manager
etag: 6bafd8d09da4a22f742adf412ceb7de7-e09e078b9cb0d3908af2c38e775005b9-320
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5172838
access-control-allow-headers: x-newsapi-api-key
content-length: 11238
expires: Fri, 07 May 2021 02:10:04 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 94ms
93ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=c2f89896-c38d-ff4b-27c2-66cb8101e034&tv=%7Bc:6frnjA,pingTime:-10,time:846,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.1v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS4xdjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS4xdk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC02MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,asp:1615180566359%7C%7C2325d94281f49bd6f6508ea6d16493a9%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7Cabf124b07f59fd5a2fa9fc6e7a6bdbad%7C%7C22012c2ac1921b619e5dd37688335311%7C%7C379c7ecb7ef361a43fa49885ac39f126%7C%7C6b014714d698a11e451dfc72adfd832a%7C%7Ca7e7da56f7e0522047d3067dde3ce641%7C%7C1614879537,sca:%7Bspg:df2c7711-f261-8fc6-5d70-e081a45974ae%7D%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Mar 2021 05:16:06 GMT
X-Server-Name: dt35.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 05:16:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Mon, 08 Mar 2021 05:16:06 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame D41F 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Sun, 07 Mar 2021 17:02:57 GMT
expires: Mon, 07 Mar 2022 17:02:57 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 43989
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 cBiyZrE2vwbFPBS6sT95jOp0NaMCoy8g5L57SNLHBl8.js Show response
pagead2.googlesyndication.com/bg/ Frame D41F 14 KB
6 KB 33ms
20ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cBiyZrE2vwbFPBS6sT95jOp0NaMCoy8g5L57SNLHBl8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7018b266b136bf06c53c14bab13f798cea7435a302a32f20e4be7b48d2c7065f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 20:37:34 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 10:45:00 GMT
server: sffe
age: 117512
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5702
x-xss-protection: 0
expires: Sun, 06 Mar 2022 20:37:34 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame DD05
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YEWzFQAAADwPxghv&expires=90

0
239 B

7ms
6ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YEWzFQAAADwPxghv&expires=90
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:06 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1615180567.582223,VS0,VE0
x-served-by: cache-fra19177-FRA
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YEWzFQAAADwPxghv&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 ea478c9a76e593a637cd94ab840f8769
content.api.news/v3/images/bin/ 23 KB
24 KB 18ms
17ms Image
image/webp 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/ea478c9a76e593a637cd94ab840f8769?width=320
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 78f2b6273d9ffd52a5bbcb42f31658a1f1cac61fce264db20b3bc37522058ec5

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag: ea478c9a76e593a637cd94ab840f8769
date: Mon, 08 Mar 2021 05:16:06 GMT
last-modified: Mon, 08 Mar 2021 00:01:24 GMT
server: Akamai Image Manager
etag: 751a0731c0d84f06903a721030b50f6d-ea478c9a76e593a637cd94ab840f8769-320
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5165204
access-control-allow-headers: x-newsapi-api-key
content-length: 23692
expires: Fri, 07 May 2021 00:02:50 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame DD05
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YEWzFQAAADwPxghv

43 B
883 B

27ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YEWzFQAAADwPxghv
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Mar 2021 05:16:06 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 08 Mar 2021 05:16:06 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:06 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1615180567.690110,VS0,VE0
x-served-by: cache-fra19177-FRA
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YEWzFQAAADwPxghv
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
224 B 15ms
15ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021030201&jk=3422481516947490&bg=!OTqlOnnNAAWsVXnBrDsAKQB2-DxaV_oCYD5SuUG6CmL2PhhpU5z0sTJSKkocXPBT2fed2F0WSGDCAgAAAHJSAAAADmgBBwoBjK4U2DODmk4SUO1OC6y0tzeOsedBYjmk6w0CZIeREMCzIDhwK_2JW85KkkvlZ6gCb7ocWQSL9vVjgPSp30wR0syKMbc-O7tHU5mji0HTKFYm406sW--ppEfCi1A6kCy-0erY6n1rIgrgc2NuKi-asTXVi7V1kRM4JmvJHMpHd54YE-mVNUuXBRhYDQjvVcIF1i901IBLL1x9pR5lb_vp66qSCs3qi7INBnq1hFFnsqpd1z3EJU_1S9SjdoE0bobwgbj1wqs6_jdZ51iLQPUrUGTvOrBPC21fF8vUkNVirBGQVlIKjuT07I7XXENEdpVeYWIlTSdUKENoUpdJnx3PppoOyp2YM2uxqmigCOKO36-J6aCO0sJaIGmXbeExd0RmuAHFXcFNJAtf-cbwAPGpiPTP0PgyHzAgvcQMmhvRK4I8htOtVDK4AufBopfZUvPnBwJIaYcBDXVWxYWxew4hLSTdbdIMfxplf3FgPfVALzuZI9BG-JDB0NWwTgfEhK7hTPVHx51M1hv9214K6JkCBQeiuRXsvpvE9gKBW2W1Yoj0Mp_3BGaJ9T2vGxGG_VurbsI_QZ2Zk3kg5W7XW4NDAHHmh_emEoOob5pkbd57Ui34djoFOVypOv_szM_oawBoxQ-bZM4OFuyULCjYE47N-98OlfHQZuK3b-sh0xID6VJRHn90QmZicyDTj7fw_SXS8u_cCEKouGcTDwHrOwcROQwNJbKgf5ihH_vnt03YNLJYjRH7klvN3sxy6CLKO_UZeEEv12p_iEYEb0mnrYwaGt0yAmqq-6UHVSPryceUT13qmU5YfBrIOYFGkm-XOkVyRuj2A871Jhj7ZBbxcuCbSxauV2wzwaTkvq2fJ8sFaLa8g_VYJ8FOIVhCTs-60fGSRoJ6ykUTNZHgCUKq9SymdaMa6fMSmEgAdaQlNwBXM1lPKcQ1ZY8KSVvWou3MVv40kQzGt_gYfeMnDSWRH3iYueXIFSffaFINQCAzTVEBTXRwBTNPRmeXqv6pqVZ5QhqUXyVyCTz3s3DL4pfxtptXTWzVhNWROJlwxDBgvgOAgje4O1H4lpr6Oj6g6vcREspMLeJ2HOAL22cOsXAHvjUJEtc2mpbtkVXJMjjbXCu2RcD8Q53ot_OlU9MHRwh2ZXrmcj0noqg4NA0m_K1_UNXWsRMwL4zPoKjDKg9YQANCekATEpht6GOTxm3tgK7chKOzc420HEQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 96ms
96ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=e44fa13a-30d2-44db-409c-9944dd146b2b&tv=%7Bc:6frnng,pingTime:-10,time:1091,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.1v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS4xdjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS4xdk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC02MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,asp:1615180566359%7C%7C2325d94281f49bd6f6508ea6d16493a9%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7Cabf124b07f59fd5a2fa9fc6e7a6bdbad%7C%7C22012c2ac1921b619e5dd37688335311%7C%7C379c7ecb7ef361a43fa49885ac39f126%7C%7C6b014714d698a11e451dfc72adfd832a%7C%7Ca7e7da56f7e0522047d3067dde3ce641%7C%7C1614879537,sca:%7Bspg:df2c7711-f261-8fc6-5d70-e081a45974ae%7D%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Mar 2021 05:16:06 GMT
X-Server-Name: dt35.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame DD05
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=YEWzFQAAADwPxghv

43 B
1 KB

10ms
10ms

Image
image/gif

37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=158&code=YEWzFQAAADwPxghv

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Mar 2021 05:16:06 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 535.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.15:80
AN-X-Request-Uuid: 93abadab-9ce0-46a5-bce0-09657c9295ed
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:06 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1615180567.791295,VS0,VE0
x-served-by: cache-fra19177-FRA
x-cache: HIT
location: https://ib.adnxs.com/setuid?entity=158&code=YEWzFQAAADwPxghv
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame DD05
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YEWzFQAAADwPxghv
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YEWzFQAAADwPxghv

43 B
180 B

15ms
14ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YEWzFQAAADwPxghv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.202.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:06 GMT
via: 1.1 google
server: OXGW/16.202.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YEWzFQAAADwPxghv
date: Mon, 08 Mar 2021 05:16:06 GMT
via: 1.1 google
server: OXGW/16.202.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame DD05
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YEWzFQAAADwPxghv

1 B
1013 B

111ms
25ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YEWzFQAAADwPxghv
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Mon, 08 Mar 2021 05:16:05 GMT
X-lat: Pug23034:0:262
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:06 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1615180567.993388,VS0,VE0
x-served-by: cache-fra19177-FRA
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YEWzFQAAADwPxghv
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 101ms
100ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=3f5e676c-d422-1b77-131a-c629106d2bce&tv=%7Bc:6frnrN,pingTime:-10,time:1359,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.1v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS4xdjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS4xdk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC02MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,asp:1615180566359%7C%7C2325d94281f49bd6f6508ea6d16493a9%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7Cabf124b07f59fd5a2fa9fc6e7a6bdbad%7C%7C22012c2ac1921b619e5dd37688335311%7C%7C379c7ecb7ef361a43fa49885ac39f126%7C%7C6b014714d698a11e451dfc72adfd832a%7C%7Ca7e7da56f7e0522047d3067dde3ce641%7C%7C1614879537,sca:%7Bspg:df2c7711-f261-8fc6-5d70-e081a45974ae%7D%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Mar 2021 05:16:07 GMT
X-Server-Name: dt35.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 92ms
92ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=b87930aa-1b2b-6d63-1399-0a845ab91c0a&tv=%7Bc:6frnsS,pingTime:-10,time:1420,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.1v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS4xdjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS4xdk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC02MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,asp:1615180566359%7C%7C2325d94281f49bd6f6508ea6d16493a9%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7Cabf124b07f59fd5a2fa9fc6e7a6bdbad%7C%7C22012c2ac1921b619e5dd37688335311%7C%7C379c7ecb7ef361a43fa49885ac39f126%7C%7C6b014714d698a11e451dfc72adfd832a%7C%7Ca7e7da56f7e0522047d3067dde3ce641%7C%7C1614879537,sca:%7Bspg:df2c7711-f261-8fc6-5d70-e081a45974ae%7D%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Mar 2021 05:16:07 GMT
X-Server-Name: dt44.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame DD05
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YEWzFQAAADwPxghv&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YEWzFQAAADwPxghv&img=1&__user_check__=1&sync_id=630c61da-7fcd-11eb-b9b9-182a6e994506

43 B
548 B

23ms
23ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YEWzFQAAADwPxghv&img=1&__user_check__=1&sync_id=630c61da-7fcd-11eb-b9b9-182a6e994506
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.125 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 08 Mar 2021 05:16:07 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 57
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Mon, 08 Mar 2021 05:16:07 GMT
Server: nginx
Location: /partner?adv_id=6409&uid=YEWzFQAAADwPxghv&img=1&__user_check__=1&sync_id=630c61da-7fcd-11eb-b9b9-182a6e994506
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 133
Connection: keep-alive
Content-Length: 0

GET
H2

200

b.php
www.facebook.com/fr/ Frame DD05
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YEWzFQAAADwPxghv&t=2592000&o=0

43 B
246 B

30ms
30ms

Image
image/gif

2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=YEWzFQAAADwPxghv&t=2592000&o=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 21:16:07 PST
content-encoding: br
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: Rrfdu5U/ulQCkIIPv2JiOJxafzoQNjoGki5fpPr41KiKwilLmBxwU0vcClxNybL6vCJ4bLfu0nBQ7NaxEPEfDw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
strict-transport-security: max-age=15552000; preload
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=0
priority: u=3,i
expires: Sun, 07 Mar 2021 21:16:07 PST

Redirect headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:07 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1615180567.196888,VS0,VE0
x-served-by: cache-fra19177-FRA
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=YEWzFQAAADwPxghv&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 86ms
86ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=3f5e676c-d422-1b77-131a-c629106d2bce&tv=%7Bc:6frnuA,time:1532,type:e,env:%7Bnr_p:1,nr_publ1:1,nr_grpm1:1%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1532,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:310,wc:0.0.1600.1200,ac:1273.484.1.1,am:i,cc:1273.484.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1236~0%5D,as:%5B1236~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:102,fm:sr2B37Z+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d%7C1e%7C1f.10507%7C1f1%7C1g1%7C1g2%7C1h*.10507%7C1h1%7C1i.10507%7C1i1%7C1j.10507%7C1j1%7C1j2%7C1k.10507%7C1k1%7C1l%7C1m,idMap:1h*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Mar 2021 05:16:07 GMT
X-Server-Name: dt44.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 101ms
100ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=1f2685fc-6b7f-3fb7-63ee-14257bf6cca5&tv=%7Bc:6frnuT,pingTime:-10,time:1553,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.1v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS4xdjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS4xdk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC02MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,asp:1615180566359%7C%7C2325d94281f49bd6f6508ea6d16493a9%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7Cabf124b07f59fd5a2fa9fc6e7a6bdbad%7C%7C22012c2ac1921b619e5dd37688335311%7C%7C379c7ecb7ef361a43fa49885ac39f126%7C%7C6b014714d698a11e451dfc72adfd832a%7C%7Ca7e7da56f7e0522047d3067dde3ce641%7C%7C1614879537,sca:%7Bspg:df2c7711-f261-8fc6-5d70-e081a45974ae%7D%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Mar 2021 05:16:07 GMT
X-Server-Name: dt35.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 96ms
95ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=e44fa13a-30d2-44db-409c-9944dd146b2b&tv=%7Bc:6frnuZ,time:1570,type:e,env:%7Bnr_p:1,nr_publ1:1,nr_grpm1:1%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1570,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:379,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1201~0%5D,as:%5B1201~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:97,fm:sr2B37Z+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d%7C1e%7C1f*.10507%7C1f1%7C1g1%7C1g2%7C1h.10507%7C1h1%7C1h2%7C1i.10507%7C1i1%7C1i2%7C1j.10507%7C1j1%7C1j2%7C1k.10507%7C1k1%7C1k2%7C1l%7C1m,idMap:1f*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Mar 2021 05:16:07 GMT
X-Server-Name: dt45.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1

200
OK

ibs:dpid=147592
dpm.demdex.net/ Frame DD05
Redirect Chain

https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=147592?dpuuid=603a0525-4dba-40f3-b313-4fb6296d7a37-tuct73f3894

42 B
915 B

29ms
29ms

Image
image/gif

52.208.123.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=147592?dpuuid=603a0525-4dba-40f3-b313-4fb6296d7a37-tuct73f3894

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.123.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v089-0f228079d.edge-irl1.demdex.com 5.80.6.20210202104731 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: FMQgBW/gSbM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

x-vcl-time-ms: 9
date: Mon, 08 Mar 2021 05:16:07 GMT
via: 1.1 varnish
server: nginx
x-timer: S1615180567.296284,VS0,VE9
x-cache: MISS
location: https://dpm.demdex.net/ibs:dpid=147592?dpuuid=603a0525-4dba-40f3-b313-4fb6296d7a37-tuct73f3894
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19149-FRA

GET
H/1.1

200
OK

ibs:dpid=461447&dpuuid=RX-97f1d345-ca9e-4657-8741-3aa23e3f9320-003
dpm.demdex.net/ Frame DD05
Redirect Chain

https://sync.1rx.io/usersync/adobe/0?dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync/adobe/0?zcc=1&dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D&cb=1615180567440
https://sync.targeting.unrulymedia.com/csync/RX-97f1d345-ca9e-4657-8741-3aa23e3f9320-003?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3DRX-97f1d345-ca9e-4657-8741-3aa23e3f9320-003
https://dpm.demdex.net/ibs:dpid=461447&dpuuid=RX-97f1d345-ca9e-4657-8741-3aa23e3f9320-003

42 B
915 B

29ms
29ms

Image
image/gif

52.208.123.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=461447&dpuuid=RX-97f1d345-ca9e-4657-8741-3aa23e3f9320-003

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.123.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v089-0b885c983.edge-irl1.demdex.com 5.80.6.20210202104731 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: lGOQrjXDQsU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Mon, 08 Mar 2021 05:16:07 GMT
Server: Tengine
ETag: RX97f1d345ca9e465787413aa23e3f9320003
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location: https://dpm.demdex.net/ibs:dpid=461447&dpuuid=RX-97f1d345-ca9e-4657-8741-3aa23e3f9320-003
Connection: keep-alive
Content-Type: text/html

GET
H2 200 gn
secure-dcr.imrworldwide.com/cgi-bin/ 44 B
336 B 34ms
33ms Image
image/gif 54.246.196.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_b04_homepage_S&asn=homepage&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&devmodel=&manuf=&sysname=&sysversion=&sessionId=pnoalycbxgwqwvvpo0nekqvy45e6k1615180565&prv=1&c6=vc,b04&ca=NA&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&c32=segA,NA&c33=segB,NA&c34=segC,DSK-OTT-WinPhn-OtherBrowser&c15=apn,heraldsun&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,999&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16151805652446882&c30=bldv,6.0.0.582&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&devtypid=&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1615180564907&c3=st,c&c64=starttm,1615180567&adid=1615180564907&c58=isLive,false&c59=sesid,&c61=createtm,1615180566&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&c66=mediaurl,&c62=sendTime,1615180566&rnd=67941
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.196.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:07 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 96ms
95ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=3f5e676c-d422-1b77-131a-c629106d2bce&tv=%7Bc:6frox9,time:5535,type:e,env:%7Bnr_p:5%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:5535,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:310,wc:0.0.1600.1200,ac:1273.484.1.1,am:i,cc:1273.484.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B5238~0%5D,as:%5B5238~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:88,fm:sr2B37Z+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d%7C1e%7C1f.10507%7C1f1%7C1g1%7C1g2%7C1h*.10507%7C1h1%7C1i.10507%7C1i1%7C1j.10507%7C1j1%7C1j2%7C1k.10507%7C1k1%7C1l%7C1m,idMap:1h*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Mar 2021 05:16:11 GMT
X-Server-Name: dt45.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 96ms
95ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=e44fa13a-30d2-44db-409c-9944dd146b2b&tv=%7Bc:6froxA,time:5575,type:e,env:%7Bnr_p:5%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:5575,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:379,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B5206~0%5D,as:%5B5206~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:98,fm:sr2B37Z+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d%7C1e%7C1f*.10507%7C1f1%7C1g1%7C1g2%7C1h.10507%7C1h1%7C1h2%7C1i.10507%7C1i1%7C1i2%7C1j.10507%7C1j1%7C1j2%7C1k.10507%7C1k1%7C1k2%7C1l%7C1m,idMap:1f*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Mar 2021 05:16:11 GMT
X-Server-Name: dt35.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 88ms
87ms Image
image/gif 52.4.50.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2F&u=Bf7-VdIzKCJCeWLXO&d=heraldsun.com.au&g=36976&g0=home%2Chomepage%2Cno_video&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=11208&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=3580&t=DVA8VVTNzihDA1-lzDKc1Mpv38jn&V=122&tz=-60&_acct=anon&sn=2&sv=C1iRFDmcK4oMJGnYCk_gJ_DKoz-G&sd=1&im=06030402&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.50.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 05:16:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 94ms
94ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=3f5e676c-d422-1b77-131a-c629106d2bce&tv=%7Bc:6frr8r,time:15535,type:e,env:%7Bnr_p:15%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:15535,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:310,wc:0.0.1600.1200,ac:1273.484.1.1,am:i,cc:1273.484.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B15238~0%5D,as:%5B15238~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:98,fm:sr2B37Z+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d%7C1e%7C1f.10507%7C1f1%7C1g1%7C1g2%7C1h*.10507%7C1h1%7C1i.10507%7C1i1%7C1j.10507%7C1j1%7C1j2%7C1k.10507%7C1k1%7C1l%7C1m,idMap:1h*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Mar 2021 05:16:21 GMT
X-Server-Name: dt35.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 167ms
98ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=e44fa13a-30d2-44db-409c-9944dd146b2b&tv=%7Bc:6frr8S,time:15575,type:e,env:%7Bnr_p:15%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:15575,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:379,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B15206~0%5D,as:%5B15206~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:98,fm:sr2B37Z+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a1%7C1b%7C1c%7C1d%7C1e%7C1f*.10507%7C1f1%7C1g1%7C1g2%7C1h.10507%7C1h1%7C1h2%7C1i.10507%7C1i1%7C1i2%7C1j.10507%7C1j1%7C1j2%7C1k.10507%7C1k1%7C1k2%7C1l%7C1m,idMap:1f*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Mar 2021 05:16:21 GMT
X-Server-Name: dt35.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: loadus.exelator.com
URL: https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F103%2F1%2F7.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D

Domain: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/akam/11/279daaa0

Domain: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/staticweb/bf6d92c397dti17991ecfa342459f501b

Verdicts & Comments Add Verdict or Comment

270 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.adsrvr.org/	1970-01-20 01:25:16	Name: TDCPM Value: CAESEgoDYWFtEgsIpN_M6un-sDkQBRgBIAEoAjILCKTXz5eA_7A5EAU4AVoDYWFtYAI.
.heraldsun.com.au/	1969-12-31 23:59:59	Name: tp Value: 11208
.demdex.net/	1970-01-19 20:58:52	Name: dextp Value: 358-1-1615180564896\|470-1-1615180565030\|481-1-1615180565201\|771-1-1615180565533\|903-1-1615180565656\|19566-1-1615180565757\|23728-1-1615180565906\|30432-1-1615180566071\|30064-1-1615180566174\|66757-1-1615180566275\|134096-1-1615180566377\|144230-1-1615180566478
.heraldsun.com.au/	1969-12-31 23:59:59	Name: s_cc Value: true
.heraldsun.com.au/	1970-01-19 16:39:42	Name: s_ppn Value: no%20value
.heraldsun.com.au/	1970-01-19 16:39:42	Name: _ncg_sp_ses.ff50 Value: *
.heraldsun.com.au/	1970-01-19 16:39:42	Name: s_gdslv_s Value: First%20Visit
.heraldsun.com.au/	1970-01-20 18:56:28	Name: s_gdslv Value: 1615180564832
.heraldsun.com.au/	1970-01-19 17:22:52	Name: s_nr Value: 1615180564831-New
.heraldsun.com.au/	1970-01-20 10:10:52	Name: AMCV_5FE61C8B533204850A490D4D%40AdobeOrg Value: -637568504%7CMCIDTS%7C18695%7CMCMID%7C54513600706862192803634583741145546713%7CMCAAMLH-1615785364%7C6%7CMCAAMB-1615785364%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCCIDH%7C-1892031822%7CMCOPTOUT-1615187764s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18702%7CvVersion%7C5.1.1
.doubleclick.net/	1970-01-20 02:01:16	Name: IDE Value: AHWqTUmb-Ul_VLHXZB6Hm8rmvbB8rQ2fJ11G7zQgmZVXTDNvGt-PMon4u0YvkiVcqG0
.imrworldwide.com/	1970-01-20 02:01:16	Name: IMRID Value: 623e5ed1-7fcd-11eb-9773-559589faa8d2
.heraldsun.com.au/	1970-01-20 10:10:52	Name: s_ecid Value: MCMID%7C54513600706862192803634583741145546713
www.heraldsun.com.au/	1970-01-19 16:39:42	Name: _cb_svref Value: null
.demdex.net/	1970-01-19 20:58:52	Name: demdex Value: 54537386079071306343636709354180226755
www.heraldsun.com.au/	1970-01-23 08:15:40	Name: _ncg_marketingCloudVisitorId Value: 54513600706862192803634583741145546713
.imrworldwide.com/	1970-01-20 02:01:16	Name: SSCVER Value: v1
.heraldsun.com.au/	1970-01-20 10:10:52	Name: _ncg_sp_id.ff50 Value: 47cd3007-a54b-40e0-af44-cef15c55ad0e.1615180565.1.1615180565.1615180565.e024f1b4-5acb-41f0-af61-72d390c60452
www.heraldsun.com.au/	1970-01-20 02:08:28	Name: _chartbeat2 Value: .1615180564537.1615180564537.1.C1iRFDmcK4oMJGnYCk_gJ_DKoz-G.1
.heraldsun.com.au/	1969-12-31 23:59:59	Name: s_ppv Value: https%253A%2F%2Fwww.heraldsun.com.au%2F%2C11%2C11%2C1200
.heraldsun.com.au/	1970-01-20 01:25:16	Name: nc_eu Value: y
www.heraldsun.com.au/	1970-01-20 01:25:16	Name: trc_cookie_storage Value: newscorpau-aud-heraldsun%253Asession-data%3Dv2_39939c533cb3fc2608920a134c78ae0a_603a0525-4dba-40f3-b313-4fb6296d7a37-tuct73f3894_1615180564_1615180564_CIi3jgYQgPNHGLaMjoKBLyABKAEwODib4wlAgooQSMzK2QNQpewQWABgAGixr-m1yv33zq0B%7Ctaboola%2520global%253Alocal-storage-keys%3D%255B%2522newscorpau-aud-heraldsun%253Asession-data%2522%252C%2522taboola%2520global%253Alspb%2522%252C%2522taboola%2520global%253Auser-id%2522%255D%7Ctaboola%2520global%253Alspb%3DCwsIQhDc4WYMCwiJARDc4WYMCwiRARDc4WYMCwggENzhZgwLCKEBENzhZgwLCKIBENzhZgwLCCQQ3OFmDAsIJxDc4WYMCwirARDc4WYMCwitARDc4WYMCwiuARDc4WYMCwivARDc4WYMCwiwARDc4WYMCwiyARDc4WYMCwi1ARDc4WYMCwi2ARDc4WYMCwg7ENzhZgwLCD0Q_ZJmDAsIPxCcy2YMDBMU%7Ctaboola%2520global%253Auser-id%3D603a0525-4dba-40f3-b313-4fb6296d7a37-tuct73f3894
www.heraldsun.com.au/	1970-01-20 02:08:28	Name: _cb Value: Bf7-VdIzKCJCeWLXO
www.heraldsun.com.au/	1970-01-19 17:24:18	Name: ad_site_view_t Value: 2021-3-8
.adsrvr.org/	1970-01-20 01:25:16	Name: TDID Value: 5697664b-3c46-476e-ba6b-6507bb7241bf
www.heraldsun.com.au/	1970-01-19 17:24:18	Name: ad_site_view Value: 1
.heraldsun.com.au/	1969-12-31 23:59:59	Name: AMCVS_5FE61C8B533204850A490D4D%40AdobeOrg Value: 1
www.heraldsun.com.au/	1970-01-20 02:08:28	Name: _cb_ls Value: 1

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js(Line 18) Message: UTRACK loaded (from tealium)
console-api	log	URL: https://cdn.taboola.com/libtrc/impl.20210303-1-RELEASE.js(Line 3) Message: Exit TRCRBox.loadScriptCallback(retry=0): no items in response - thumbnails-midrail-native
console-api	log	URL: https://tags.news.com.au/prod/tad/tad.js(Line 6) Message: AD CORE ERROR: TypeError: Cannot read property 'disc.segments' of null
console-api	log	URL: https://tags.news.com.au/prod/tad/tad.js(Line 6) Message: AD CORE ERROR: 18 function(e,a){var d=e.localStorage;d["disc.segments"]&&(a.ad_audi_segs=d["disc.segments"].split(",")\|\|[])}
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.5.1.js(Line 32) Message: a: 0.002197265625 ms

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8228261.fls.doubleclick.net
98556657706bc6f7d2f73bcf07ab4e7f.safeframe.googlesyndication.com
acdn.adnxs.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
analytics.twitter.com
assets.vidora.com
au-gmtdmp.mookie1.com
au.tags.newscgp.com
beacon.krxd.net
bh.contextweb.com
bs.serving-sys.com
bttrack.com
cdn-gl.imrworldwide.com
cdn.adsafeprotected.com
cdn.speedcurve.com
cdn.taboola.com
cds.taboola.com
ce.lijit.com
cm.everesttech.net
cm.g.doubleclick.net
content.api.news
d.turn.com
dis.criteo.com
dpm.demdex.net
dsp.adkernel.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
dt.scanscout.com
e1.emxdgt.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
image2.pubmatic.com
image5.pubmatic.com
insight.adsrvr.org
js.adsrvr.org
loadus.exelator.com
login.newscorpaustralia.com
match.adsrvr.org
match.taboola.com
metrics.heraldsun.com.au
mhr.talk.news.com.au
news-networkeditorial.s3-ap-southeast-2.amazonaws.com
newscorpau.demdex.net
origin.go.heraldsun.com.au
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.adsafeprotected.com
pixel.rubiconproject.com
pnoalycbxgwqwvvpo0nekqvy45e6k1615180565.nuid.imrworldwide.com
ps.eyeota.net
px.ads.linkedin.com
resourcesssl.newscdn.com.au
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
s.c.appier.net
s1.rui.au.reastatic.net
s3-ap-southeast-2.amazonaws.com
sb.scorecardresearch.com
seccdn-gl.imrworldwide.com
secure-dcr.imrworldwide.com
secure-ds.serving-sys.com
secure-gl.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
snap.licdn.com
ssum.casalemedia.com
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.search.spotxchange.com
sync.taboola.com
sync.targeting.unrulymedia.com
t.co
tags.bluekai.com
tags.news.com.au
tags.tiqcdn.com
token.rubiconproject.com
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
ts2020-indies-client.web.app
uconnect.tealiumiq.com
us-u.openx.net
use.fontawesome.com
usermatch.krxd.net
widget.perfectmarket.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.heraldsun.com.au
www.linkedin.com
x.bidswitch.net
loadus.exelator.com
login.newscorpaustralia.com
104.108.41.56
104.108.60.35
104.108.64.33
104.244.36.20
104.244.42.5
104.244.42.67
104.75.88.206
13.226.146.155
13.226.159.6
141.226.224.32
141.226.228.48
142.250.185.226
142.250.186.130
142.250.186.166
142.250.186.98
15.237.76.117
151.101.1.181
151.101.13.108
151.101.13.44
151.101.14.217
151.101.14.49
151.101.65.195
172.105.235.90
172.217.23.98
174.137.133.49
178.250.0.163
18.195.155.181
18.195.240.234
18.213.190.7
184.24.9.204
185.33.221.89
185.64.189.110
185.64.190.80
185.86.137.132
185.94.180.125
192.132.33.46
198.148.27.139
199.127.207.182
199.232.136.157
199.232.137.44
2.18.233.169
2.18.233.180
2.18.233.28
2.18.234.21
213.19.147.150
216.52.2.39
23.111.9.35
23.79.147.42
2600:9000:20d7:3200:1d:667e:2a40:93a1
2600:9000:20d7:5200:2:42d9:3100:93a1
2600:9000:20d7:6000:18:1fcd:34e:d2a1
2600:9000:20d7:7e00:4:77d:a0c0:93a1
2600:9000:20d7:ca00:1e:c291:240:93a1
2600:9000:21f3:f000:1e:a43d:b640:93a1
2620:119:50e3:101::6cae:b45
2620:1ec:21::14
2a00:1450:4001:801::2002
2a00:1450:4001:809::2008
2a00:1450:4001:80f::2004
2a00:1450:4001:812::2002
2a00:1450:4001:813::2008
2a00:1450:4001:827::2003
2a00:1450:4001:828::2001
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a02:26f0:6c00:296::25ea
2a03:2880:f145:82:face:b00c:0:25de
2a04:fa87:fffd::c000:42d0
3.125.70.222
34.250.153.194
35.157.13.124
35.227.202.26
35.244.159.8
37.252.173.62
46.228.164.13
52.208.123.229
52.208.139.62
52.29.60.203
52.4.50.244
52.50.124.20
52.50.156.162
52.95.128.2
52.95.132.207
54.171.91.151
54.220.184.54
54.246.196.56
65.9.187.22
69.173.144.139
69.173.144.165
80.252.91.53
99.80.67.138
00344f0a12335ead13e3327151a920767f84543e117a63cebfc6dbdaf6e99de3
009fb91f4a5075ec0884093d5e45585412822d0247e99ecf233a9f2041cd757e
00e643efe7a5f076aeea9a01d1e6629ee3444d309217dc571db49c0325f9bb6c
01b15de5e56b59d568f4dee2178389cbc08d959f665f8d8860f21fd844001201
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f
07ae834bb5a865ceb2fa1ee435f4ca0dac67f034575bafc6ed7dbe7ae5cfbc89
07e67598714a0c4563e38e21462f805842803eea1954787eb593acafbe8e9740
07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c
08052c2c99dd94a7e638999360264f21fd6ea6c6e7f0c9fbaf55e11cd4fe314f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d0964cc683d262090d8a5805c87add21e558bb6b52620d87128c2e507113ed0
104ff1abbbad8a44885817c01d09b1454d44dfef30c991f25712feb21ffea675
1136fd8d6ff6f21847aab9abfab903a5a0e2f26a6f621f34af563def44ceb81c
134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971
222bc2150382a10030b846ad56ed3d2d4cb14a0c2e02fadf4b7b603519e0d4d6
23751878df63b572596a780f83ae1d2b03655928e07fb8d380c166d05293a88e
27856bb0abbe3c6d17d91b923fe4cfe283441dd6d3c915cd40b79499e2f78c87
2a87453753b5611e7806718ec99a837dc8068d9eb20b4b6b3bb0d38ee2bd84d4
2b42c7ab057eeac2b8d6a4cd2b5510e96a8eb48a2e871f2dbd32e4101003b394
2e49c0863664e2feca9ee0b1da20a079fd9a2dd3c70d7653463349fa6ea7ac57
34d7e05910aac6f533cb31a9dffc4e37213c93c3b90a545b4f3bcedea3e6d03c
37839f90f9c430af4b063874e26d8986b8ceb01ebcdad7eedb4977c833116693
386895aeac76b1c5ff9b99ceaf1129828535748e9dd0ff241e8f595ca13b6afb
3883ff2a5b46193da5464f5ae5fb94169d1361cfecedbd187439d459dc669f31
3c9003d318abcaf3594c0cc2d2e7eb8ef869f6be7fcb4c95d4b6d01d4d2e9b7a
41268fc4402bc88b16329c06e5dd352b4f29f25041d397f9f4481d6d73ac52a0
4138e902d37a62be263be0c92fe2b277b4db7c86c7a2b78f74ac01cc191c929a
4148ae874fbd97e1524561989f7ff88c863a1a1122783cb89b1a0da08d9cfed2
426b2ee88627465952794353774d99f6156fe68dfe1dc6564ec4632f1805f6d2
429ba3095ea6a5e97e629663aeab1cc2ded714ae30a86bbd9356d2b25d553d73
4578c19c9c34c57fbb97b3547a613cc2435655f96bf40f4e1146f317ef1af1dc
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
495626cc0acb26bfd87d6f78ec83a176357ff6eb44674d47ad0101b7c25d70bb
49a5cf4c91647235c1046326e5d81fba4ae0bef20070afb895a014e2967659da
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53359eccb6aa442ab24dfb0da86e7cd95b1a00e12367e34a9cd5110328c09516
54138d578ed166d5381db70b3dd14a16830233553b6e4213402bae2fdb0564b4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5514d947731975e9596cb43f290f30e75286925c8505d5f00ed32552eb776ccd
560ff2564fbf2bef305cf0e9533c4db2671c96297d978fd31ac0310727fe455f
581682c3450c29ef4e8d493d1cb2986eb093f9f5250bebf1f80d0b9ceac4defe
595a1e280582bf8f57914d0a9be4e1bbae91f272bebcd6576bc895f7a65c3825
5b6656e316c03a551cbdeb95f1aed0acdffeb7b3ce743144573475dd3b8133fe
5df44de896d25576e570ac24051479b357cde2e4786c72fb7dad521ad2f531f4
5e7b471a7b5dcd0107a7a7d6e057c7a6377f258a3bf28087ce83711e0ae4826a
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
624a83e486577c1c436ed5a738d99c8ae222085f5e71b776c72174243f104a85
627f624619aff030ba3563ff816f50a9183c8875698ef101ae4da41346ea3b18
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf
697897d5fb1e297e79a517f84e46e0d952318a1f919b708f710addd5f2865a77
6a0de374c8127a8d791479a09896f0d545882dca5aaeeec1c3b70e069cbe4f64
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d78f4e1764e299379823a553d120f41eee82f176d1207028d7a81bc275544a8
6dd6937c4700ac40617632b7b4ade7cb36ea3dfe32c9c4c2b5b1a29b097ae6d6
6ff94a1a9432c4acff10b51791409428a3f3941d764f07856c72db5664c77d81
7018b266b136bf06c53c14bab13f798cea7435a302a32f20e4be7b48d2c7065f
71e04fd0522c91e2a30cbca7835e1c063930abc885e8d1c69fb7bc48ae643934
73055c10a6abf7d53102695e042a76c76b572b5714874a8b69b66a729374121f
745cb1f03ce925e9dae7454a87e38299d8f661f8f556e1f484ac1bf2b8ea33c9
75481bc06d1b02e50fd1cc921a7838e3af6caa9b8c0745b50182ebf29f195e20
75c7de0d84c08047b8cccae6b50ba49982047ace5fc728733af709b2d8ddd286
7831aea48fb03190080aa5c30dc644a362257f1e7f8d2cdae3a1e98587ea3e02
78f2b6273d9ffd52a5bbcb42f31658a1f1cac61fce264db20b3bc37522058ec5
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7d1aacd4a9b86c4f956219e1f4943eee38fde67b0077bb01f98255f28031d6d8
7dd66009439299c670cb42a2091585ebc407935a3ba1a033bada2e87eb3d8176
840d612af2b90c44ae52d2fd60e4610f5ce644cf5bc50da70324022b49eee37d
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
8984385958edc733f9d31c24a0d520f7ec2d30374716921e57beca558224d867
89868194e8809928df37974211d2477ad0723d6aee71386fb438b3e939eb5bce
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8e0cf75c2cfcb35edbce8e01875f1690dc3ffbfbb3eff4f3e02f69da5a5d6846
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
9c81d663e98916ededb0395ba248f94b7b18e3fa85e47790477ad734f94020bd
a063f0bf7f2d94f3a0512ce6d3119d2c18510243dee5631cdda531be5d38217f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3aaaf42bf0ebf882980b8bcfcdbe9a4662fb93015d64fbc4d63fdbd2fff5b3e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
aad9d0793ca00bde7bdc134dde38f88f9b0054a4cf96176cd419233285a7c092
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4566b601edd1615054b8c509226aafe9f03e9f0c301fdab2d0c8ba006ac95fc
b48b43bd92622fd847ada28161e662791bebd5b2cc04144d0a5ce7447b907b82
b4e7bab4b62bae4aafc76989104f2bf7ca8671638163d5698fbc8654006025e4
b57eca495e606d6a5b71d039f54b48f95b24ecfab0e885f0834df9647988211f
b651f39c8d676a6f13c2d1296e59c09f2339469edc1785afd10c581d3c82895c
ba29aea895a9591a10200f777cb603b6358225fc081852c6ca18ac9beac39353
bef3a7c91c8e137c5d6389a78026c89ff43656b258ee8ef2cf013a4a9438e039
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
c1c4d89b64041d90152614201d89b44d98cf3138cee6848965accda2a95fbab4
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c1dc3cfad3f3b95151a0d26208e45c2119aa8e5440a4f076f7c999f7810fb222
c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9
c490a90e70edad9a18b327427e3d2d4e315d7824d0fecac3787fb4723c00305d
c6b30be9e2ecab19294bbf313c1b95df4ef35c8299bbabfd6e4ec67d95a12376
c7e5c94584c7a69b7da90a656c5b4f6af46beeb35d66ef255f7f0705ef6b1bf5
c8ae74e20ddba0d65b6b32cfa0d1d646c1e55552656cddbd0e3d8fa025200eb2
c8b6b13c6a99536a5c485723eda213256a782ef1116de8dd2742465e531db040
c8c85d9d65df950ee2f1167a03456479f2eba326c5506cf00b4eb9140bd0f0cc
cd482357c0415690fe23972a4b6c62f0cdeebaa29f66bf2851bbeaed4450b982
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d1b0b433181d7f9612818ede624cee8ccdf31d3ff765164ef03dfaba07fd5721
d1bcc188f481bacf1d9ab4df424b1e041f10f45c85183d38bd2c079f0566dbda
d22eb69386867352f1f14642641c7def58e6a3a39392ea5fa6de5bbeac606dbd
d24000dee9786b160005007568f88cc839e36cb3a94ebddaaed7e6d6aa429ba6
d368324b83fc24ffbd2d8c8fbde402f5636178f9725b400dcfd2e40eac0585c2
d3a8e2711ae9df0bf20b735925c9dc075ca885ffe01509ed0f5c21de324a68b6
d5ba954163b526260314b95b75779981e8bc6645c4b3a7bd40cede3ba2799c80
d5cf5fd859bb5721d9be0446a12f5b3b69386d5bf1c6a4f5a9de89d34f3ddba1
d720213de91fe0038983a3252627bebe51c76cd9bb60361aeb33cc0b9327b58c
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0
dbab728b301552419d058ae42f7fd343228edab6c1e793f75159fef31757d85e
de71a807d7bbb443f740c3efc8e6017443b311443fe01607e0a15f55120e0454
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e04775740ec8b9db7622970f707a9bf458ebb5385fc1d6a414312447f8e71ab7
e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e53e984a14ce0011d32ab5a28e9bd9e83d2d16be2dd3467517439fbf815dbe69
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e61acdc6a534c76aeeb5b74d229a1699e6637ff707360a1ab9f997d3a56ea32b
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596
e82c5192eb8fcbd23a6aeda613780e56d460913f57548f987edb49e70aa350dd
e831b990e99ee246fa3bcac65989f1c1435cd7850565876421fa46a8696b80d0
e94f4426e2a0165d50a9b25f375357ef06922ad522ca096a5ed3f83efd5b4e98
e9dea41b08c540db79054b5440e3312cc8cb429c40b9f78dd2abbffd277a05f4
ebaf330ad588600b4b748410b4f77f3cd9c4abc18e3a240156bc6ac9814cf896
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f0cd947c8a99251e6733f8e69f8cdee94d49521522d54f19e350b236f2ca94af
f15c7fc7c53dc4350f1f5ac6fff6228cfa0877b7d7531a5d878862c5d8bf5bb2
f1e2e60c71fd14eae5445faaeeca5617296e5b4c8c8f4d922c3187816267c95a
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d
f6f9b28ce46bc46d6dc12b7a3e09437e46b159144cf7ea835cfd4702cad05ad8
fe7bcc1f592c41746b64164abd5ca1d42487ae98359be863ee955ac955f57305

www.heraldsun.com.au Open in urlscan Pro 2.18.233.28 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

295 Requests

97 %HTTPS

25 %IPv6

63 Domains

102 Subdomains

82 IPs

8 Countries

2940 kBTransfer

8008 kBSize

28 Cookies

54 Outgoing links

Page URL History

Redirected requests

295 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.heraldsun.com.au Open in urlscan Pro
2.18.233.28 Public Scan

Screenshot
Live screenshot

Full Image

295
Requests

97 %
HTTPS

25 %
IPv6

63
Domains

102
Subdomains

82
IPs

8
Countries

2940 kB
Transfer

8008 kB
Size

28
Cookies

295 HTTP transactions
0 data transactions