www.heraldsun.com.au Open in urlscan Pro
184.30.20.111 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://info.silobreaker.com/e2t/tc/VW3ZY_1xNv-SW12H5KG7LKpqxW6fpr4J4q-ky7N7TcW1B4Zc_rV3Zsc37CgYckW8fh7lR7PMzSWW4KzQFc6M3tZFN...
Effective URL:
https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f17...
Submission: On April 29 via api (April 29th 2021, 11:20:53 am UTC) from DE

Summary HTTP 195 Redirects Links 49 Behaviour Indicators

Summary

This website contacted 63 IPs in 6 countries across 49 domains to perform 195 HTTP transactions. The main IP is 184.30.20.111, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.heraldsun.com.au.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 25th 2021. Valid for: a year.

This is the only time www.heraldsun.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	199.60.103.254 199.60.103.254	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
5 19	184.30.20.111 184.30.20.111	16625 (AKAMAI-AS) (AKAMAI-AS)
1 9	184.30.20.190 184.30.20.190	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.114.217 151.101.114.217	54113 (FASTLY) (FASTLY)
10	184.30.24.190 184.30.24.190	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.18.234.122 2.18.234.122	16625 (AKAMAI-AS) (AKAMAI-AS)
7	2600:9000:20c... 2600:9000:20c8:a600:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20c... 2600:9000:20c8:de00:4:77d:a0c0:93a1	16509 (AMAZON-02) (AMAZON-02)
7	104.117.204.209 104.117.204.209	16625 (AKAMAI-AS) (AKAMAI-AS)
4	23.79.152.104 23.79.152.104	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.1.195 151.101.1.195	54113 (FASTLY) (FASTLY)
6	2600:9000:20c... 2600:9000:20c8:e200:2:42d9:3100:93a1	16509 (AMAZON-02) (AMAZON-02)
1 3	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20c... 2600:9000:20c8:da00:18:1fcd:34e:d2a1	16509 (AMAZON-02) (AMAZON-02)
13	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1 2	2600:9000:20c... 2600:9000:20c8:2600:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.224.106.86 13.224.106.86	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2	104.111.247.190 104.111.247.190	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:20c... 2600:9000:20c8:2000:2:42d9:3100:93a1	16509 (AMAZON-02) (AMAZON-02)
4 17	54.171.219.200 54.171.219.200	16509 (AMAZON-02) (AMAZON-02)
1	13.224.106.11 13.224.106.11	16509 (AMAZON-02) (AMAZON-02)
2	3.224.220.79 3.224.220.79	14618 (AMAZON-AES) (AMAZON-AES)
7	52.212.39.74 52.212.39.74	16509 (AMAZON-02) (AMAZON-02)
1	34.250.160.147 34.250.160.147	16509 (AMAZON-02) (AMAZON-02)
2	15.237.76.117 15.237.76.117	16509 (AMAZON-02) (AMAZON-02)
1 1	54.171.42.33 54.171.42.33	16509 (AMAZON-02) (AMAZON-02)
1	80.252.91.52 80.252.91.52	15830 (EQUINIX-C...) (EQUINIX-CONNECT)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
2	13.224.114.214 13.224.114.214	16509 (AMAZON-02) (AMAZON-02)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
1	2a02:26f0:6c0... 2a02:26f0:6c00:287::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	151.101.113.108 151.101.113.108	54113 (FASTLY) (FASTLY)
2	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	35.227.202.26 35.227.202.26	15169 (GOOGLE) (GOOGLE)
4 8	185.33.221.13 185.33.221.13	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (TURN) (TURN)
2 2	2620:119:50e1... 2620:119:50e1:101::6cae:b25	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
2	34.254.127.126 34.254.127.126	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1 2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2 2	52.208.69.189 52.208.69.189	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1 1	184.30.24.198 184.30.24.198	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
10	104.244.36.20 104.244.36.20	7415 (ADSAFE-1) (ADSAFE-1)
1 1	199.127.207.182 199.127.207.182	26120 (RHYTHMONE) (RHYTHMONE)
1 1	52.57.150.20 52.57.150.20	16509 (AMAZON-02) (AMAZON-02)
2	52.213.113.49 52.213.113.49	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:bc00:1d:667e:2a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	107.21.231.45 107.21.231.45	14618 (AMAZON-AES) (AMAZON-AES)
1	52.48.18.249 52.48.18.249	16509 (AMAZON-02) (AMAZON-02)
1 1	23.45.99.241 23.45.99.241	16625 (AKAMAI-AS) (AKAMAI-AS)
8 8	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 1	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
1	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
195	63

2 199.60.103.254 (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

info.silobreaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 184.30.20.111 (Frankfurt am Main, Germany) 5 redirects

ASN16625 (AKAMAI-AS, US)

www.heraldsun.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
content.api.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 184.30.20.190 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)

tags.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.speedcurve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 184.30.24.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)

resourcesssl.newscdn.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.122 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-122.deploy.static.akamaitechnologies.com

players.brightcove.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:20c8:a600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c8:de00:4:77d:a0c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.vidora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.117.204.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)

login.newscorpaustralia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.79.152.104 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-152-104.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.195 (United States)

ASN54113 (FASTLY, US)

ts2020-indies-client.web.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:20c8:e200:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
8228261.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c8:da00:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20c8:2600:1e:a43d:b640:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.106.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-106-86.mad50.r.cloudfront.net

au.tags.newscgp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.247.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-247-190.deploy.static.akamaitechnologies.com

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c8:2000:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)

seccdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 54.171.219.200 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.106.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-106-11.mad50.r.cloudfront.net

cdn.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.224.220.79 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-220-79.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.212.39.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.160.147 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-160-147.eu-west-1.compute.amazonaws.com

newscorpau.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.237.76.117 (Paris, France)

ASN16509 (AMAZON-02, US)

metrics.heraldsun.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.42.33 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.252.91.52 (Amsterdam, Netherlands)

ASN15830 (EQUINIX-CONNECT, GB)

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

314136f7d2069e6b08b01259fb3cb15c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.114.214 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-114-214.mad50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:287::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.202.26 (Kansas City, United States)

ASN15169 (GOOGLE, US)

au-gmtdmp.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.33.221.13 (Amsterdam, Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e1:101::6cae:b25 (United States) 2 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.127.126 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.208.69.189 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.24.198 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)

image5.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.244.36.20 (United States)

ASN7415 (ADSAFE-1, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.127.207.182 (United States) 1 redirects

ASN26120 (RHYTHMONE, US)

dt.scanscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.150.20 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.213.113.49 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-113-49.eu-west-1.compute.amazonaws.com

secure-dcr.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:bc00:1d:667e:2a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

hd7oagkb7v95ibvhjehgqb6fycmfe1619695233.nuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.21.231.45 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-231-45.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.18.249 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-18-249.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.99.241 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-99-241.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.114.49 (Frankfurt am Main, Germany) 8 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (United States) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.137.44 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	adsafeprotected.com static.adsafeprotected.com cdn.adsafeprotected.com pixel.adsafeprotected.com dt.adsafeprotected.com	297 KB
20	heraldsun.com.au 5 redirects www.heraldsun.com.au metrics.heraldsun.com.au	287 KB
18	demdex.net 4 redirects dpm.demdex.net newscorpau.demdex.net	22 KB
18	googlesyndication.com pagead2.googlesyndication.com 314136f7d2069e6b08b01259fb3cb15c.safeframe.googlesyndication.com tpc.googlesyndication.com	62 KB
17	doubleclick.net 2 redirects ad.doubleclick.net securepubads.g.doubleclick.net googleads4.g.doubleclick.net 8228261.fls.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	153 KB
12	imrworldwide.com 1 redirects cdn-gl.imrworldwide.com secure-gl.imrworldwide.com seccdn-gl.imrworldwide.com secure-dcr.imrworldwide.com hd7oagkb7v95ibvhjehgqb6fycmfe1619695233.nuid.imrworldwide.com	99 KB
10	newscdn.com.au resourcesssl.newscdn.com.au	136 KB
9	adnxs.com 4 redirects acdn.adnxs.com secure.adnxs.com ib.adnxs.com	10 KB
9	everesttech.net 9 redirects cm.everesttech.net sync-tm.everesttech.net	1 KB
9	news.com.au 1 redirects tags.news.com.au	253 KB
7	newscorpaustralia.com login.newscorpaustralia.com	12 KB
6	adsrvr.org 2 redirects js.adsrvr.org insight.adsrvr.org match.adsrvr.org	6 KB
6	google.com adservice.google.com www.google.com	917 B
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
4	googletagservices.com www.googletagservices.com	133 KB
4	crazyegg.com script.crazyegg.com	25 KB
4	tiqcdn.com tags.tiqcdn.com	22 KB
3	google.de www.google.de adservice.google.de	1 KB
3	serving-sys.com secure-ds.serving-sys.com bs.serving-sys.com	21 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	openx.net 1 redirects us-u.openx.net	330 B
2	krxd.net 1 redirects usermatch.krxd.net beacon.krxd.net	527 B
2	casalemedia.com 1 redirects ssum.casalemedia.com dsum-sec.casalemedia.com	2 KB
2	pubmatic.com 1 redirects image5.pubmatic.com image2.pubmatic.com	2 KB
2	rubiconproject.com token.rubiconproject.com pixel.rubiconproject.com	453 B
2	googleadservices.com www.googleadservices.com	30 KB
2	chartbeat.net ping.chartbeat.net	337 B
2	silobreaker.com 1 redirects info.silobreaker.com	4 KB
1	1rx.io sync.1rx.io	107 B
1	taboola.com 1 redirects trc.taboola.com	265 B
1	facebook.com www.facebook.com	215 B
1	bluekai.com 1 redirects tags.bluekai.com	836 B
1	eyeota.net 1 redirects ps.eyeota.net	418 B
1	scanscout.com 1 redirects dt.scanscout.com	692 B
1	t.co t.co	457 B
1	twitter.com analytics.twitter.com	652 B
1	turn.com 1 redirects d.turn.com	402 B
1	mookie1.com au-gmtdmp.mookie1.com	609 B
1	googletagmanager.com www.googletagmanager.com	33 KB
1	licdn.com snap.licdn.com	2 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	google.nl adservice.google.nl	122 B
1	newscgp.com au.tags.newscgp.com	48 KB
1	chartbeat.com static.chartbeat.com	23 KB
1	web.app ts2020-indies-client.web.app	3 KB
1	vidora.com assets.vidora.com	4 KB
1	brightcove.net players.brightcove.net	235 KB
1	api.news content.api.news	56 KB
1	speedcurve.com cdn.speedcurve.com	7 KB
195	49

	Domain	Requested by
18	www.heraldsun.com.au	5 redirects info.silobreaker.com www.heraldsun.com.au tags.tiqcdn.com
17	dpm.demdex.net	4 redirects www.heraldsun.com.au tags.news.com.au
12	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
10	dt.adsafeprotected.com	www.heraldsun.com.au
10	resourcesssl.newscdn.com.au	www.heraldsun.com.au resourcesssl.newscdn.com.au ts2020-indies-client.web.app
9	securepubads.g.doubleclick.net	tags.tiqcdn.com securepubads.g.doubleclick.net info.silobreaker.com www.googletagservices.com
9	tags.news.com.au	1 redirects resourcesssl.newscdn.com.au tags.tiqcdn.com au.tags.newscgp.com
8	sync-tm.everesttech.net	8 redirects
7	pixel.adsafeprotected.com	cdn.adsafeprotected.com www.heraldsun.com.au
7	login.newscorpaustralia.com	www.heraldsun.com.au login.newscorpaustralia.com
7	static.adsafeprotected.com	resourcesssl.newscdn.com.au pixel.adsafeprotected.com www.heraldsun.com.au
6	cdn-gl.imrworldwide.com	resourcesssl.newscdn.com.au www.heraldsun.com.au seccdn-gl.imrworldwide.com cdn-gl.imrworldwide.com
5	pagead2.googlesyndication.com	ad.doubleclick.net securepubads.g.doubleclick.net tpc.googlesyndication.com
4	ib.adnxs.com	2 redirects www.heraldsun.com.au
4	secure.adnxs.com	2 redirects www.heraldsun.com.au
4	www.google.com	securepubads.g.doubleclick.net www.heraldsun.com.au
4	www.googletagservices.com	securepubads.g.doubleclick.net
4	script.crazyegg.com	tags.tiqcdn.com script.crazyegg.com
4	tags.tiqcdn.com	www.heraldsun.com.au tags.tiqcdn.com
2	sync.search.spotxchange.com	1 redirects
2	us-u.openx.net	1 redirects
2	secure-dcr.imrworldwide.com	www.heraldsun.com.au
2	match.adsrvr.org	2 redirects
2	www.google.de	www.heraldsun.com.au
2	cm.g.doubleclick.net	1 redirects www.heraldsun.com.au
2	insight.adsrvr.org	js.adsrvr.org
2	px.ads.linkedin.com	2 redirects
2	googleads.g.doubleclick.net	www.googleadservices.com
2	www.googleadservices.com	secure-ds.serving-sys.com www.googletagmanager.com
2	8228261.fls.doubleclick.net	1 redirects info.silobreaker.com
2	js.adsrvr.org	secure-ds.serving-sys.com
2	adservice.google.com	securepubads.g.doubleclick.net 8228261.fls.doubleclick.net
2	metrics.heraldsun.com.au	tags.news.com.au www.heraldsun.com.au
2	ping.chartbeat.net	www.heraldsun.com.au
2	secure-ds.serving-sys.com	tags.tiqcdn.com secure-ds.serving-sys.com
2	secure-gl.imrworldwide.com	1 redirects www.heraldsun.com.au
2	info.silobreaker.com	1 redirects
1	sync.1rx.io
1	trc.taboola.com	1 redirects
1	www.facebook.com
1	image2.pubmatic.com
1	dsum-sec.casalemedia.com
1	pixel.rubiconproject.com
1	tags.bluekai.com	1 redirects
1	beacon.krxd.net	www.heraldsun.com.au
1	usermatch.krxd.net	1 redirects
1	hd7oagkb7v95ibvhjehgqb6fycmfe1619695233.nuid.imrworldwide.com	www.heraldsun.com.au
1	ps.eyeota.net	1 redirects
1	dt.scanscout.com	1 redirects
1	ssum.casalemedia.com	1 redirects
1	image5.pubmatic.com	1 redirects
1	adservice.google.de	adservice.google.com
1	t.co	www.heraldsun.com.au
1	analytics.twitter.com	static.ads-twitter.com
1	token.rubiconproject.com	www.heraldsun.com.au
1	px4.ads.linkedin.com	www.heraldsun.com.au
1	www.linkedin.com	1 redirects
1	d.turn.com	1 redirects
1	au-gmtdmp.mookie1.com	www.heraldsun.com.au
1	acdn.adnxs.com	info.silobreaker.com
1	www.googletagmanager.com	secure-ds.serving-sys.com
1	snap.licdn.com	info.silobreaker.com
1	static.ads-twitter.com	info.silobreaker.com
1	314136f7d2069e6b08b01259fb3cb15c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.nl	securepubads.g.doubleclick.net
1	bs.serving-sys.com	secure-ds.serving-sys.com
1	cm.everesttech.net	1 redirects
1	newscorpau.demdex.net	tags.news.com.au
1	cdn.adsafeprotected.com	tags.news.com.au
1	seccdn-gl.imrworldwide.com	tags.news.com.au
1	googleads4.g.doubleclick.net	ad.doubleclick.net
1	au.tags.newscgp.com	tags.tiqcdn.com
1	static.chartbeat.com	tags.tiqcdn.com
1	ad.doubleclick.net	tags.tiqcdn.com
1	ts2020-indies-client.web.app	www.heraldsun.com.au
1	assets.vidora.com	resourcesssl.newscdn.com.au
1	players.brightcove.net	resourcesssl.newscdn.com.au
1	content.api.news	www.heraldsun.com.au
1	cdn.speedcurve.com	www.heraldsun.com.au
195	79

This site contains links to these domains. Also see Links.

Domain
www.plusrewards.com.au
myaccount.heraldsun.com.au
www.escape.com.au
supercoach.com.au
tips.com.au
supercoach.heraldsun.com.au
www.facebook.com
www.twitter.com
www.instagram.com
heraldsun.com.au
myaccount.news.com.au
www.newsletters.news.com.au
www.mytributes.com.au
www.newscorpaustralia.com
www.newsphotos.com.au
www.newsconcierge.com.au
www.dailytelegraph.com.au
www.couriermail.com.au
www.adelaidenow.com.au
www.news.com.au
www.theaustralian.com.au
www.themercury.com.au
www.geelongadvertiser.com.au
www.cairnspost.com.au
www.goldcoastbulletin.com.au
www.townsvillebulletin.com.au
www.thechronicle.com.au
www.ntnews.com.au
www.weeklytimesnow.com.au
www.buysearchsell.com.au
leader.local.heraldsun.com.au
www.foxsports.com.au
www.foxtel.com.au
hipages.com.au
kayosports.com.au
www.punters.com.au
www.odds.com.au
www.racenet.com.au
apps.apple.com
play.google.com
preferences.news.com.au
vip.wordpress.com

Subject Issuer	Validity	Valid
info.silobreaker.com Cloudflare Inc ECC CA-3	`2020-06-30` - `2021-06-30`	a year	crt.sh
news.com.au DigiCert SHA2 Secure Server CA	`2021-02-25` - `2022-02-28`	a year	crt.sh
*.speedcurve.com GlobalSign Atlas R3 DV TLS CA 2020	`2020-12-09` - `2022-01-10`	a year	crt.sh
players.brightcove.net DigiCert SHA2 Secure Server CA	`2020-09-03` - `2021-10-03`	a year	crt.sh
static.adsafeprotected.com Amazon	`2020-10-03` - `2021-11-03`	a year	crt.sh
*.vidora.com Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2021-04-19` - `2022-04-27`	a year	crt.sh
web.app GTS CA 1D4	`2021-03-17` - `2021-06-15`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-28` - `2022-02-01`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2020-06-01` - `2021-06-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
au.tags.newscgp.com Amazon	`2021-01-25` - `2022-02-22`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-06-09` - `2021-06-09`	a year	crt.sh
secure-ds.serving-sys.com DigiCert SHA2 Secure Server CA	`2021-03-17` - `2022-03-22`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
*.adsafeprotected.com Amazon	`2020-08-19` - `2021-09-18`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
fw.adsafeprotected.com Amazon	`2020-09-09` - `2021-10-09`	a year	crt.sh
metrics.heraldsun.com.au DigiCert SHA2 High Assurance Server CA	`2020-04-13` - `2021-07-15`	a year	crt.sh
bs.serving-sys.com Go Daddy Secure Certificate Authority - G2	`2020-01-07` - `2022-03-08`	2 years	crt.sh
*.google.nl GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2021-03-16` - `2022-03-17`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-04-15` - `2021-10-15`	6 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
www.google.de GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.nuid.imrworldwide.com Amazon	`2020-06-26` - `2021-07-26`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2021-04-08` - `2022-05-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2019-06-28` - `2021-06-27`	2 years	crt.sh

This page contains 31 frames:

Primary Page: https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A&nk=3666cdfc7660594aef65df7a3139405a-1619695222
Frame ID: 1DEB9A100FD4302FAFADD2D9B3D8879E
Requests: 102 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=yvV1g4Il8A9Nvr1v1jYdVnsFfCdA4VTw&nonce=iX5h8F_M~AtbOqO-X1wVNcdSJ48Nn89w&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
Frame ID: 372A1ADB788EBCB5C40FB0701B5ABC49
Requests: 3 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=Mw7e3ekr8FEjMxpZ7QHh92CEfn.Thk4M&nonce=xS8k_1SfHVK4BgEac-Ym9rNN9iEwGrrQ&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
Frame ID: 6EFD1C5CC1713374AE23B7AF85FBFE3D
Requests: 3 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=2Jlq2szEYMbvVCR3-XMi85FrE~4hu2hX&nonce=CB4VkGmwyxtHJa4Oduw6qr5SpVTezal4&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
Frame ID: 9519EFCAC20326AC95EF679DF2E4B355
Requests: 3 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=RYqPFL3L5FrEVmgUa6wlC_Too7wL19sw&nonce=SFB_hynRjE3dt69eCB~fmxNqhk59pwM0&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
Frame ID: F0394312A8D901CE5FA7CBA333E2E369
Requests: 3 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: 3B78D46B4F5681C6A87E62BEB0C1BBE0
Requests: 22 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv8-8Rd-co5Z74Ot5tiVfvkqKg9Bf893Ri_mCA9hxvAibLuFhJp9UvRCas5Pc3nvvFmMr1R8Egmnj8QVT9YhoNLd9iF5zw6uuLk779lNCWKumtCaUNp8GKPcDnheEXQkapUFzNYXYiOwNiQi4fpu5JDkahW6y6SH-6h2jJFcDyTzcYsj2Nk_T_kWduQelhoVkdZC0WGj4U2MoIiL1yvCR36V0kJzIqryA5nf9Y9bTzthSlOhM76YGgOUiWLMLZK2mTfhlXjJ9X24MOs1x5FjlZg4N1ILo4Lj1n8yTRpKmr61-PgUtyU4udkVA&sai=AMfl-YQ23Q22Th9eRFewgSMY8w4oR3e92YCowPMrGCp0tx0JYVMtGQNH5ziABlEf-BLTLulNBR5Mb1pPXHfG&sig=Cg0ArKJSzCbG7mfo3J8REAE&adurl=
Frame ID: 92C3504C499E1DDE89E742BAB6B3D281
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuMgmKI5Sz7XqllvH-snejxOycp4fB_YTi-Yw2wWTYGBSkc4IEVJDS4HXFZVcQ8hUS-_3-3iIMrkQnGHi-JDox5ZWAxCXrnxxBMwP0TI7buOI42jtX0UODFl-c8hr7Lr1UEsO_QlRPC0foX-yTw4Y4qnZvkgs134xLmvSkBpjs16KT92zyqsM8fDishLauVA36R53VTkLqd5yQY2HMDMUIQbhagVCxdEZ5omLFUF43wLpdCIE4cMrCXKCEW4G1qcqeqtds1ZS-3WGbUQbOXNvDFPXqzLJDlktptc1tFofkFEac0nFcJ4xFiCg&sai=AMfl-YQ0tzHy8pUd7SsG9khuFcVsabDXTJDppout4U4TIboRnV_3ElBClhVAuEaUXYxXcd0VTQ-QBmMNL6pP&sig=Cg0ArKJSzIhMfugMN9QqEAE&adurl=
Frame ID: DEDF1A252808B5C83A27F5D1A2880B6A
Requests: 8 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: 2BB07FA63EFE7E0B48676088E548E709
Requests: 1 HTTP requests in this frame

Frame: https://static.ads-twitter.com/uwt.js
Frame ID: 8BA355CD7CCFCA45B2397238AB5C4F1C
Requests: 3 HTTP requests in this frame

Frame: https://snap.licdn.com/li.lms-analytics/insight.min.js
Frame ID: E6E5A7C8E64CE53690133E1A5E913634
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Frame ID: ADCF38E05D5342EA6B5413569A2D6D81
Requests: 5 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: B16B63E2A41CD53C79D216D3BFAD4525
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/up/pixie.js
Frame ID: 0CE893BAEC9B2960848FB2E11853F8EE
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=COyrn_eqo_ACFVq3ewodHrsDBQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1027107831137.0508
Frame ID: D466632C5A0C7378FB6CC505ECDA4712
Requests: 1 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/conversion.js
Frame ID: B4515F49241E2618B58888F9A800023B
Requests: 4 HTTP requests in this frame

Frame: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296557&src.rand=[timestamp]
Frame ID: BC3FDAE034D70AFFDC7962262BE083F7
Requests: 1 HTTP requests in this frame

Frame: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Frame ID: 9767616DD9C91A30A46813895A10CB47
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstW7oBSBkfulKOxYI_B8ULOz65TojW94pxlFpyZOkxEe6pDjem4hYhfKTAKlMChI9nB2lbvt2RGouyIh0Nci4FexZ5PCzdcpiXerxYxfvsGvH5yC93U60L0mJoEgPRODpNK-DXZ-1bfNFqXnXlKt-RAFx85zHzIbvoBhsWG7fpXizak7fdwxvTuLktKheHuiz3i9ALpEeR7k9Umth4gbrjrmZFwljxCeokjgJqeOVUDmS4tmN1xBUNwU5f83Cq4IOcDErRHQJUdRHd3ueC-JsARHOYPSMkkCfii3tpjCbZ9tkdovPWYT7pKUw&sai=AMfl-YTzj6eLaJJORj5ee53tre74WqUJW4ULyvZ0ZnRawSMhzmvww29HPuBJ092FF6cPHjrAP2kxNtONvfF_&sig=Cg0ArKJSzOv9cHBj0IQMEAE&adurl=
Frame ID: 1DE58628F6C47CBA8D48D0DA254A3821
Requests: 8 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171498431&placementId=4682990628&pubCreative=138234025461&pubOrder=305536031&cb=820883257&custom=video&custom3=168400391&adsafe_par&impId=e7f92b7b-a8dc-11eb-b065-06d8cca89c2a
Frame ID: F1A9E04A5DE60F2F6E4856649BF7F732
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171498431&placementId=4682990628&pubCreative=138234025560&pubOrder=305536031&cb=1149968877&custom=video&custom3=168400391&adsafe_par&impId=e7f92b7c-a8dc-11eb-b065-06d8cca89c2a
Frame ID: 14BBD56387F3B9A91EA1F21D6233A66B
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=171498431&placementId=4682990628&pubCreative=138234082178&pubOrder=305536031&cb=1386412407&custom=video&custom3=168400391&adsafe_par&impId=e7f92b7d-a8dc-11eb-b065-06d8cca89c2a
Frame ID: C42E1A8F816935A8D06C7183FA0D9591
Requests: 2 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fworld%2Fflight-ban-loophole-stranded-australians-could-return-from-india-via-china%2Fvideo%2F7f175ae8351e9890b5f064c5486dee57%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A&upid=trk7f24&upv=1.1.0
Frame ID: CAF85E6984FC7A90539DFF01DB4E381D
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=COyrn_eqo_ACFVq3ewodHrsDBQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1027107831137.0508;~oref=https://www.heraldsun.com.au/
Frame ID: 6B8AC0A4B7438F0F3F7C0AB5CBA5E5DA
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fworld%2Fflight-ban-loophole-stranded-australians-could-return-from-india-via-china%2Fvideo%2F7f175ae8351e9890b5f064c5486dee57%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A&upid=ekg5qxt&upv=1.1.0
Frame ID: AECC06FDDB2D80D7DB0BB2E973AEA3A0
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=COyrn_eqo_ACFVq3ewodHrsDBQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1027107831137.0508;~oref=https://www.heraldsun.com.au/
Frame ID: 880DDFC5801C1D7E3242DA390ADF8267
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: BBF8CBA7BC760F3316941C1BBAEE5391
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: 5CD16165E88270ED90D631E39A9EB44F
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: B7CD92ADB1B8142C6660D9B571D4447E
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: C1AE2743E9DFCFA3CC992BDCA3E81D0F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 07D0E475BFE45A08F5500311D45DF533
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://info.silobreaker.com/e2t/tc/VW3ZY_1xNv-SW12H5KG7LKpqxW6fpr4J4q-ky7N7TcW1B4Zc_rV3Zsc37CgYckW8fh7lR... Page URL
https://info.silobreaker.com/events/public/v1/track/tc/VW3ZY_1xNv-SW12H5KG7LKpqxW6fpr4J4q-ky7N7TcW1B4Zc_r... HTTP 307
https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-... HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fwor... HTTP 302
https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-... HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fnews... HTTP 302
https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

195
Requests

95 %
HTTPS

31 %
IPv6

49
Domains

79
Subdomains

63
IPs

6
Countries

1977 kB
Transfer

6305 kB
Size

9
Cookies

49 Outgoing links

These are links going to different origins than the main page.

URL: https://www.plusrewards.com.au/heraldsun/offers
Title: Rewards

Search URL Search Domain Scan URL

URL: https://myaccount.heraldsun.com.au/s
Title: My account

Search URL Search Domain Scan URL

URL: https://www.escape.com.au/
Title: Travel

Search URL Search Domain Scan URL

URL: https://supercoach.com.au/
Title: SuperCoach

Search URL Search Domain Scan URL

URL: http://tips.com.au/afl/?source_code=HSWEB_TIP1271
Title: tips.com.au

Search URL Search Domain Scan URL

URL: https://supercoach.heraldsun.com.au/racing
Title: SuperCoach

Search URL Search Domain Scan URL

URL: https://supercoach.heraldsun.com.au/nrl
Title: SuperCoach

Search URL Search Domain Scan URL

URL: https://tips.com.au/nrl/
Title: tips.com.au

Search URL Search Domain Scan URL

URL: https://www.facebook.com/heraldsun

Search URL Search Domain Scan URL

URL: https://www.twitter.com/theheraldsun

Search URL Search Domain Scan URL

URL: https://www.instagram.com/heraldsunphoto

Search URL Search Domain Scan URL

URL: http://heraldsun.com.au/help-rss

Search URL Search Domain Scan URL

URL: https://myaccount.news.com.au/heraldsun/help/subscriptionTerms?pkgDef=HS_GCRACA_W52&hideRegistrationTnC=true
Title: Group/Corporate subscriptions

Search URL Search Domain Scan URL

URL: https://www.newsletters.news.com.au/heraldsun
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://www.mytributes.com.au/
Title: My Tributes

Search URL Search Domain Scan URL

URL: http://www.newscorpaustralia.com/careers
Title: Job Opportunities

Search URL Search Domain Scan URL

URL: https://myaccount.news.com.au/heraldsun/help/subscriptionTerms?pkgDef=HS_SDO_SDO5A_M01
Title: Subscription terms

Search URL Search Domain Scan URL

URL: https://myaccount.news.com.au/heraldsun/help/subscriptionTerms?pkgDef=HS_LAPP_17A_W04#subscribe
Title: App only subscription terms

Search URL Search Domain Scan URL

URL: http://www.newsphotos.com.au/C.aspx?VP3=CMS3&VF=Home
Title: Photo Sales

Search URL Search Domain Scan URL

URL: https://www.newsconcierge.com.au/
Title: Advertise with us

Search URL Search Domain Scan URL

URL: https://www.dailytelegraph.com.au/
Title: The Daily Telegraph

Search URL Search Domain Scan URL

URL: https://www.couriermail.com.au/
Title: Courier Mail

Search URL Search Domain Scan URL

URL: http://www.adelaidenow.com.au/
Title: The Advertiser

Search URL Search Domain Scan URL

URL: https://www.news.com.au/
Title: news.com.au

Search URL Search Domain Scan URL

URL: https://www.theaustralian.com.au/
Title: The Australian

Search URL Search Domain Scan URL

URL: https://www.themercury.com.au/
Title: The Mercury

Search URL Search Domain Scan URL

URL: https://www.geelongadvertiser.com.au/
Title: Geelong Advertiser

Search URL Search Domain Scan URL

URL: https://www.cairnspost.com.au/
Title: The Cairns Post

Search URL Search Domain Scan URL

URL: https://www.goldcoastbulletin.com.au/
Title: Gold Coast Bulletin

Search URL Search Domain Scan URL

URL: https://www.townsvillebulletin.com.au/
Title: Townsville Bulletin

Search URL Search Domain Scan URL

URL: https://www.thechronicle.com.au/
Title: The Chronicle

Search URL Search Domain Scan URL

URL: https://www.ntnews.com.au/
Title: NT News

Search URL Search Domain Scan URL

URL: https://www.weeklytimesnow.com.au/
Title: The Weekly Times

Search URL Search Domain Scan URL

URL: https://www.buysearchsell.com.au/
Title: Buy Search Sell

Search URL Search Domain Scan URL

URL: http://leader.local.heraldsun.com.au/
Title: Find Your Local

Search URL Search Domain Scan URL

URL: http://www.foxsports.com.au/
Title: Foxsports

Search URL Search Domain Scan URL

URL: https://www.foxtel.com.au/index.html
Title: Foxtel

Search URL Search Domain Scan URL

URL: https://hipages.com.au/
Title: Hipages

Search URL Search Domain Scan URL

URL: https://kayosports.com.au/
Title: Kayo

Search URL Search Domain Scan URL

URL: https://www.punters.com.au/
Title: Punters

Search URL Search Domain Scan URL

URL: https://www.odds.com.au/
Title: odds.com.au

Search URL Search Domain Scan URL

URL: https://www.racenet.com.au/
Title: racenet.com.au

Search URL Search Domain Scan URL

URL: https://apps.apple.com/au/app/herald-sun/id392582225

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.newscorp.heraldsun

Search URL Search Domain Scan URL

URL: https://preferences.news.com.au/##collect
Title: Find out more about our policy and your choices, including how to opt-out.

Search URL Search Domain Scan URL

URL: https://preferences.news.com.au/
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://preferences.news.com.au/##optout
Title: Relevant ads opt-out

Search URL Search Domain Scan URL

URL: https://preferences.news.com.au/cookies
Title: Cookie policy

Search URL Search Domain Scan URL

URL: https://vip.wordpress.com/
Title: WordPress.com VIP

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://info.silobreaker.com/e2t/tc/VW3ZY_1xNv-SW12H5KG7LKpqxW6fpr4J4q-ky7N7TcW1B4Zc_rV3Zsc37CgYckW8fh7lR7PMzSWW4KzQFc6M3tZFN1zcNW2GSq4pW4J0FNF5rfb2cVLgW6g9jwnYVW8nZzwX1V9-jJW8b18YD4Wd7-JV7SLb01X3HqzW15M_-75XDkjvW7z44Zb8tD4V6W3F00XG8Rhx0lV8165D7_21QBW7T4vh241mz43W4mbhQn5NLwrCW3C0Cgm1fR_NqW1FfM8h6nQWQ1N3zbjZnvJ-3JW7DBwnY1nFVTqW4-LzcX3XV8-8V3kSMk6pW3jcW9dhHb55-n_JdW5w61T73yDptsW28CkSL1_gZpVW1JvQfV17LXrcVp7n0M3CfRJpW93ZRhd6jK19sW3KBkv86Hm5VQW88x6vZ5fTyGYW7s97rB98NG-0W32yc8R8n-x0vW4d37Yg5WXFL3W4X6R4k3gcx4kW14TphH6Qt9BqW8DXZN65VMywM3hRk1 Page URL
https://info.silobreaker.com/events/public/v1/track/tc/VW3ZY_1xNv-SW12H5KG7LKpqxW6fpr4J4q-ky7N7TcW1B4Zc_rV3Zsc37CgYckW8fh7lR7PMzSWW4KzQFc6M3tZFN1zcNW2GSq4pW4J0FNF5rfb2cVLgW6g9jwnYVW8nZzwX1V9-jJW8b18YD4Wd7-JV7SLb01X3HqzW15M_-75XDkjvW7z44Zb8tD4V6W3F00XG8Rhx0lV8165D7_21QBW7T4vh241mz43W4mbhQn5NLwrCW3C0Cgm1fR_NqW1FfM8h6nQWQ1N3zbjZnvJ-3JW7DBwnY1nFVTqW4-LzcX3XV8-8V3kSMk6pW3jcW9dhHb55-n_JdW5w61T73yDptsW28CkSL1_gZpVW1JvQfV17LXrcVp7n0M3CfRJpW93ZRhd6jK19sW3KBkv86Hm5VQW88x6vZ5fTyGYW7s97rB98NG-0W32yc8R8n-x0vW4d37Yg5WXFL3W4X6R4k3gcx4kW14TphH6Qt9BqW8DXZN65VMywM3hRk1?_ud=b5db8871-1bce-4889-93ae-b20649717bcf&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fworld%2fflight-ban-loophole-stranded-australians-could-return-from-india-via-china%2fvideo%2f7f175ae8351e9890b5f064c5486dee57%3f_hsmi%3d88974744%26_hsenc%3dp2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A HTTP 302
https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fworld%2fflight-ban-loophole-stranded-australians-could-return-from-india-via-china%2fvideo%2f7f175ae8351e9890b5f064c5486dee57%3f_hsmi%3d88974744%26_hsenc%3dp2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A&1619695222625590853 HTTP 302
https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A&nk=3666cdfc7660594aef65df7a3139405a-1619695222 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A&nk=3666cdfc7660594aef65df7a3139405a-1619695222 HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fworld%2fflight-ban-loophole-stranded-australians-could-return-from-india-via-china%2fvideo%2f7f175ae8351e9890b5f064c5486dee57%3f_hsmi%3d88974744%26_hsenc%3dp2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A%26nk%3d3666cdfc7660594aef65df7a3139405a-1619695222 HTTP 302
https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A&nk=3666cdfc7660594aef65df7a3139405a-1619695222

Request Chain 49

https://secure-gl.imrworldwide.com/v60.js HTTP 301
https://cdn-gl.imrworldwide.com/v60.js

Request Chain 63

https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1619695229081 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1619695229081

Request Chain 78

https://cm.everesttech.net/cm/dd?d_uuid=62712787246089695341903357176415147018 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YIqWfgAAAGryFh0T

Request Chain 108

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1027107831137.0508 HTTP 302
https://8228261.fls.doubleclick.net/activityi;dc_pre=COyrn_eqo_ACFVq3ewodHrsDBQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1027107831137.0508

Request Chain 111

https://secure.adnxs.com/px?id=879166&seg=9702347&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2

Request Chain 112

https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1

Request Chain 113

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
https://dpm.demdex.net/ibs:dpid=358&dpuuid=3293681495049358646 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=358&dpuuid=3293681495049358646

Request Chain 127

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=470&dpuuid=7111809016972781329

Request Chain 130

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1619695232186&url=https%3A%2F%2Fwww.heraldsun.com.au%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26time%3D1619695232186%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1619695232186&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1619695232186&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&liSync=true&e_ipv6=AQIj6McL87RwTgAAAXkdW-7aokxAQnzhmlkABzivp0oB8mSX5hq17T8wuRprWQ5pHB6yXzj8

Request Chain 145

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NjI3MTI3ODcyNDYwODk2OTUzNDE5MDMzNTcxNzY0MTUxNDcwMTg= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPR5b4J9XH7cshcDGm-UrrU&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 151

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=f80e131e-eb10-4238-83cd-d7e01eeccd83 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=f80e131e-eb10-4238-83cd-d7e01eeccd83

Request Chain 154

https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID HTTP 302
https://dpm.demdex.net/ibs:dpid=19566&dpuuid=6859BF47-8905-43EF-BD30-FB8DBD6B37EF HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=19566&dpuuid=6859BF47-8905-43EF-BD30-FB8DBD6B37EF

Request Chain 160

https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__ HTTP 302
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YIqWgaRA66YzFqnsvtbyvgAA%261212

Request Chain 167

https://dt.scanscout.com/ssframework/uid?UIAA=62712787246089695341903357176415147018&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D HTTP 302
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-0a230d701061c3a6ba95f84a11145a07

Request Chain 168

https://ps.eyeota.net/match?bid=6j5b2cv&uid=62712787246089695341903357176415147018&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Request Chain 172

https://usermatch.krxd.net/um/v2?partner=adobe&id=62712787246089695341903357176415147018 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=62712787246089695341903357176415147018

Request Chain 174

https://tags.bluekai.com/site/43981?id=62712787246089695341903357176415147018&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID HTTP 302
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=%2BhTswx9999OJwRoQ

Request Chain 178

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUlxV2dnQUFpc0ItMndCZw==

Request Chain 179

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YIqWggAAisB-2wBg&expires=90

Request Chain 181

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YIqWggAAisB-2wBg

Request Chain 184

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=YIqWggAAisB-2wBg

Request Chain 186

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YIqWggAAisB-2wBg HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YIqWggAAisB-2wBg

Request Chain 190

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YIqWggAAisB-2wBg

Request Chain 191

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YIqWggAAisB-2wBg&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YIqWggAAisB-2wBg&img=1&__user_check__=1&sync_id=ebd6cb61-a8dc-11eb-aa32-1644f9a80106

Request Chain 192

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YIqWggAAisB-2wBg&t=2592000&o=0

Request Chain 193

https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=147592?dpuuid=107ecd3e-5573-490b-a9f8-c079615af279-tuct7841c02

195 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VW3ZY_1xNv-SW12H5KG7LKpqxW6fpr4J4q-ky7N7TcW1B4Zc_rV3Zsc37CgYckW8fh7lR7PMzSWW4KzQFc6M3tZFN1zcNW2GSq4pW4J0FNF5rfb2cVLgW6g9jwnYVW8nZzwX1V9-jJW8b18YD4Wd7-JV7SLb01X3HqzW15M_-75XDkjvW7z44Zb8tD4V6W3F00XG8...
info.silobreaker.com/e2t/tc/ 10 KB
3 KB 180ms
177ms Document
text/html 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://info.silobreaker.com/e2t/tc/VW3ZY_1xNv-SW12H5KG7LKpqxW6fpr4J4q-ky7N7TcW1B4Zc_rV3Zsc37CgYckW8fh7lR7PMzSWW4KzQFc6M3tZFN1zcNW2GSq4pW4J0FNF5rfb2cVLgW6g9jwnYVW8nZzwX1V9-jJW8b18YD4Wd7-JV7SLb01X3HqzW15M_-75XDkjvW7z44Zb8tD4V6W3F00XG8Rhx0lV8165D7_21QBW7T4vh241mz43W4mbhQn5NLwrCW3C0Cgm1fR_NqW1FfM8h6nQWQ1N3zbjZnvJ-3JW7DBwnY1nFVTqW4-LzcX3XV8-8V3kSMk6pW3jcW9dhHb55-n_JdW5w61T73yDptsW28CkSL1_gZpVW1JvQfV17LXrcVp7n0M3CfRJpW93ZRhd6jK19sW3KBkv86Hm5VQW88x6vZ5fTyGYW7s97rB98NG-0W32yc8R8n-x0vW4d37Yg5WXFL3W4X6R4k3gcx4kW14TphH6Qt9BqW8DXZN65VMywM3hRk1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: info.silobreaker.com
:scheme: https
:path: /e2t/tc/VW3ZY_1xNv-SW12H5KG7LKpqxW6fpr4J4q-ky7N7TcW1B4Zc_rV3Zsc37CgYckW8fh7lR7PMzSWW4KzQFc6M3tZFN1zcNW2GSq4pW4J0FNF5rfb2cVLgW6g9jwnYVW8nZzwX1V9-jJW8b18YD4Wd7-JV7SLb01X3HqzW15M_-75XDkjvW7z44Zb8tD4V6W3F00XG8Rhx0lV8165D7_21QBW7T4vh241mz43W4mbhQn5NLwrCW3C0Cgm1fR_NqW1FfM8h6nQWQ1N3zbjZnvJ-3JW7DBwnY1nFVTqW4-LzcX3XV8-8V3kSMk6pW3jcW9dhHb55-n_JdW5w61T73yDptsW28CkSL1_gZpVW1JvQfV17LXrcVp7n0M3CfRJpW93ZRhd6jK19sW3KBkv86Hm5VQW88x6vZ5fTyGYW7s97rB98NG-0W32yc8R8n-x0vW4d37Yg5WXFL3W4X6R4k3gcx4kW14TphH6Qt9BqW8DXZN65VMywM3hRk1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:21 GMT
content-type: text/html;charset=utf-8
set-cookie: __cfduid=dbdb1a9176091f377c6eae9a2e4d8e7ce1619695221; expires=Sat, 29-May-21 11:20:21 GMT; path=/; domain=.info.silobreaker.com; HttpOnly; SameSite=Lax __cfruid=8c4d33b4e8a5cca350512c770d20576d2f51db99-1619695221; path=/; domain=.info.silobreaker.com; HttpOnly; Secure; SameSite=None
cf-ray: 647823ffe91cfa34-AMS
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 09bef4d3f30000fa3414ac1000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: fd8e303c-6c35-44fa-a3d2-11f03af546d1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qP2XOFLFnwykt%2B%2BCwdlwCa9fjBRoNHBvS7iNGdWYVWIHPJ6iHPQLSJM%2BmM5OyC1H2%2Bf7rolVyzQ5TtydyvPjsJTRzw5FN8OQF0ejBEzg70jG7x%2F2Pw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br

GET
H2

200

Primary Request 7f175ae8351e9890b5f064c5486dee57 Show response
www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/
Redirect Chain

https://info.silobreaker.com/events/public/v1/track/tc/VW3ZY_1xNv-SW12H5KG7LKpqxW6fpr4J4q-ky7N7TcW1B4Zc_rV3Zsc37CgYckW8fh7lR7PMzSWW4KzQFc6M3tZFN1zcNW2GSq4pW4J0FNF5rfb2cVLgW6g9jwnYVW8nZzwX1V9-jJW8b1...
https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAH...
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fworld%2fflight-ban-loophole-stranded-australians-could-return-from-india-via-china%2fvideo%2f7f...
https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAH...
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fworld%2fflight-ban-loophole-stranded-australians-could-return-from-india-via-china%2fvideo%2f...
https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAH...

221 KB
46 KB

2931ms
2924ms

Document
text/html

184.30.20.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A&nk=3666cdfc7660594aef65df7a3139405a-1619695222

Requested by

Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VW3ZY_1xNv-SW12H5KG7LKpqxW6fpr4J4q-ky7N7TcW1B4Zc_rV3Zsc37CgYckW8fh7lR7PMzSWW4KzQFc6M3tZFN1zcNW2GSq4pW4J0FNF5rfb2cVLgW6g9jwnYVW8nZzwX1V9-jJW8b18YD4Wd7-JV7SLb01X3HqzW15M_-75XDkjvW7z44Zb8tD4V6W3F00XG8Rhx0lV8165D7_21QBW7T4vh241mz43W4mbhQn5NLwrCW3C0Cgm1fR_NqW1FfM8h6nQWQ1N3zbjZnvJ-3JW7DBwnY1nFVTqW4-LzcX3XV8-8V3kSMk6pW3jcW9dhHb55-n_JdW5w61T73yDptsW28CkSL1_gZpVW1JvQfV17LXrcVp7n0M3CfRJpW93ZRhd6jK19sW3KBkv86Hm5VQW88x6vZ5fTyGYW7s97rB98NG-0W32yc8R8n-x0vW4d37Yg5WXFL3W4X6R4k3gcx4kW14TphH6Qt9BqW8DXZN65VMywM3hRk1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

409ca4d2c459d1e8d299be9a05ff91451d260274dd4dd22e3b290696539958aa

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

:method: GET
:authority: www.heraldsun.com.au
:scheme: https
:path: /news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A&nk=3666cdfc7660594aef65df7a3139405a-1619695222
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: n_regis=123456789
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://info.silobreaker.com/e2t/tc/VW3ZY_1xNv-SW12H5KG7LKpqxW6fpr4J4q-ky7N7TcW1B4Zc_rV3Zsc37CgYckW8fh7lR7PMzSWW4KzQFc6M3tZFN1zcNW2GSq4pW4J0FNF5rfb2cVLgW6g9jwnYVW8nZzwX1V9-jJW8b18YD4Wd7-JV7SLb01X3HqzW15M_-75XDkjvW7z44Zb8tD4V6W3F00XG8Rhx0lV8165D7_21QBW7T4vh241mz43W4mbhQn5NLwrCW3C0Cgm1fR_NqW1FfM8h6nQWQ1N3zbjZnvJ-3JW7DBwnY1nFVTqW4-LzcX3XV8-8V3kSMk6pW3jcW9dhHb55-n_JdW5w61T73yDptsW28CkSL1_gZpVW1JvQfV17LXrcVp7n0M3CfRJpW93ZRhd6jK19sW3KBkv86Hm5VQW88x6vZ5fTyGYW7s97rB98NG-0W32yc8R8n-x0vW4d37Yg5WXFL3W4X6R4k3gcx4kW14TphH6Qt9BqW8DXZN65VMywM3hRk1

Response headers

server: nginx
content-type: text/html; charset=UTF-8
set-cookie: AWSALB=Z7y8EvjhW3rdZXFNzn1Guy6Ap5QnGIY0wvblIs8FQdSeG34pHa/9VWmNmAwrYjygMT5XTGQczKgBJCTvq1J9y7LBAVV0EqrGUYYqS/OID/cIgJcOfkYJgvWlZ/Ny; Expires=Thu, 06 May 2021 11:20:22 GMT; Path=/ nk=3666cdfc7660594aef65df7a3139405a; expires=Sun, 28 Apr 2024 11:20:25 GMT; path=/; domain=heraldsun.com.au; SameSite=None; Secure; AWSALBCORS=Z7y8EvjhW3rdZXFNzn1Guy6Ap5QnGIY0wvblIs8FQdSeG34pHa/9VWmNmAwrYjygMT5XTGQczKgBJCTvq1J9y7LBAVV0EqrGUYYqS/OID/cIgJcOfkYJgvWlZ/Ny; Expires=Thu, 06 May 2021 11:20:22 GMT; Path=/; SameSite=None; Secure
x-powered-by: WordPress VIP <https://wpvip.com>
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
vary: User-Agent Accept-Encoding
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fworld%2fflight-ban-loophole-stranded-australians-could-return-from-india-via-china%2fvideo%2f7f175ae8351e9890b5f064c5486dee57%3f_hsmi%3d88974744%26_hsenc%3dp2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A%26nk%3d3666cdfc7660594aef65df7a3139405a-1619695222&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=7f175ae8351e9890b5f064c5486dee57&session=3666cdfc7660594aef65df7a3139405a
x-arrrg5: BlaizeHappened
x-rq: ewr4 114 24 3179
x-xss-protection: 1
x-content-type-options: nosniff
host-header: a9130478a60e5f9135f765b23f26593b
content-encoding: gzip
cache-control: max-age=56
expires: Thu, 29 Apr 2021 11:21:21 GMT
date: Thu, 29 Apr 2021 11:20:25 GMT

Redirect headers

server: AkamaiGHost
content-length: 154
content-type: text/html
location: https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A&nk=3666cdfc7660594aef65df7a3139405a-1619695222
set-cookie: nk=3666cdfc7660594aef65df7a3139405a; expires=Sun, 28 Apr 2024 11:20:22 GMT; path=/; domain=news.com.au; SameSite=None; Secure;
mime-version: 1.0
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
vary: Accept-Encoding
etag: "05563c72b22b39afb384f19701c03047:1600838589.100191"
expires: Thu, 29 Apr 2021 11:20:22 GMT
cache-control: max-age=0, no-cache
pragma: no-cache
date: Thu, 29 Apr 2021 11:20:22 GMT

GET
H2 200 css-metro-desktop-lazy.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 55 B
674 B 196ms
195ms Stylesheet
text/css 184.30.20.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A&nk=3666cdfc7660594aef65df7a3139405a-1619695222

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

nginx /

Resource Hash

5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path: /wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css
pragma: no-cache
cookie: AWSALB=Z7y8EvjhW3rdZXFNzn1Guy6Ap5QnGIY0wvblIs8FQdSeG34pHa/9VWmNmAwrYjygMT5XTGQczKgBJCTvq1J9y7LBAVV0EqrGUYYqS/OID/cIgJcOfkYJgvWlZ/Ny; nk=3666cdfc7660594aef65df7a3139405a; AWSALBCORS=Z7y8EvjhW3rdZXFNzn1Guy6Ap5QnGIY0wvblIs8FQdSeG34pHa/9VWmNmAwrYjygMT5XTGQczKgBJCTvq1J9y7LBAVV0EqrGUYYqS/OID/cIgJcOfkYJgvWlZ/Ny
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.heraldsun.com.au
referer: https://www.heraldsun.com.au/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:25 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 74
x-rq: ewr4 114 24 3161
last-modified: Wed, 10 Mar 2021 01:11:17 GMT
server: nginx
etag: "60481cb5-37"
vary: User-Agent
content-type: text/css
cache-control: max-age=1
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Thu, 29 Apr 2021 11:20:26 GMT

GET
H2 200 lux.js Show response
cdn.speedcurve.com/js/ 21 KB
7 KB 115ms
23ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.speedcurve.com/js/lux.js?id=338391603
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A&nk=3666cdfc7660594aef65df7a3139405a-1619695222
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 1647e28020eaa5351a43d1583a9714bfeedddd6390c1bf4ab3b50f763ac81be5

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:25 GMT
via: 1.1 vegur, 1.1 varnish
age: 799
x-cache: HIT
x-cache-hits: 4
content-encoding: gzip
content-length: 6933
x-served-by: cache-hhn4030-HHN
last-modified: Thu, 29 Apr 2021 11:07:06 GMT
server: Apache
x-timer: S1619695226.726936,VS0,VE0
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 May 2021 11:07:06 GMT

GET
H2 200 heraldsun.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 37 KB
15 KB 53ms
52ms Image
image/svg+xml 184.30.20.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

nginx /

Resource Hash

03cce1892cbfca0c35fe3b1f64307db1269f452bc8eb983a654d68166bfb57c0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path: /wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg
pragma: no-cache
cookie: AWSALB=Z7y8EvjhW3rdZXFNzn1Guy6Ap5QnGIY0wvblIs8FQdSeG34pHa/9VWmNmAwrYjygMT5XTGQczKgBJCTvq1J9y7LBAVV0EqrGUYYqS/OID/cIgJcOfkYJgvWlZ/Ny; nk=3666cdfc7660594aef65df7a3139405a; AWSALBCORS=Z7y8EvjhW3rdZXFNzn1Guy6Ap5QnGIY0wvblIs8FQdSeG34pHa/9VWmNmAwrYjygMT5XTGQczKgBJCTvq1J9y7LBAVV0EqrGUYYqS/OID/cIgJcOfkYJgvWlZ/Ny
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.heraldsun.com.au
referer: https://www.heraldsun.com.au/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:25 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 14385
x-rq: ewr4 114 120 3167
last-modified: Mon, 12 Apr 2021 00:05:02 GMT
server: nginx
etag: W/"60738eae-948d"
vary: User-Agent
content-type: image/svg+xml
cache-control: max-age=2384528
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Thu, 27 May 2021 01:42:33 GMT

GET
H2 200 19fc7e68e1d705bac62d5d456a4d9a01
content.api.news/v3/images/bin/ 55 KB
56 KB 88ms
76ms Image
image/webp 184.30.20.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/19fc7e68e1d705bac62d5d456a4d9a01
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 07c38fcdf2688a0f20d8c30b10278618aeaf74782f25de92587d500d4742b02e

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag: 19fc7e68e1d705bac62d5d456a4d9a01
date: Thu, 29 Apr 2021 11:20:25 GMT
last-modified: Wed, 28 Apr 2021 23:47:06 GMT
server: Akamai Image Manager
etag: f68256ade4bdbe37f3c160df4d1b127d-19fc7e68e1d705bac62d5d456a4d9a01-0
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5142372
access-control-allow-headers: x-newsapi-api-key
content-length: 56484
expires: Sun, 27 Jun 2021 23:46:37 GMT

GET
H2 200 heraldsun-white.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 8 KB
3 KB 53ms
47ms Image
image/svg+xml 184.30.20.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun-white.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

nginx /

Resource Hash

07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path: /wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun-white.svg
pragma: no-cache
cookie: AWSALB=Z7y8EvjhW3rdZXFNzn1Guy6Ap5QnGIY0wvblIs8FQdSeG34pHa/9VWmNmAwrYjygMT5XTGQczKgBJCTvq1J9y7LBAVV0EqrGUYYqS/OID/cIgJcOfkYJgvWlZ/Ny; nk=3666cdfc7660594aef65df7a3139405a; AWSALBCORS=Z7y8EvjhW3rdZXFNzn1Guy6Ap5QnGIY0wvblIs8FQdSeG34pHa/9VWmNmAwrYjygMT5XTGQczKgBJCTvq1J9y7LBAVV0EqrGUYYqS/OID/cIgJcOfkYJgvWlZ/Ny
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.heraldsun.com.au
referer: https://www.heraldsun.com.au/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:25 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 2891
x-rq: ewr4 113 245 3238
last-modified: Tue, 02 Feb 2021 00:35:25 GMT
server: nginx
etag: W/"60189e4d-1e5e"
vary: User-Agent
content-type: image/svg+xml
cache-control: max-age=1960898
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Sat, 22 May 2021 04:02:03 GMT

GET
H2 200 js-critical-desktop.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 5 KB
2 KB 213ms
207ms Script
application/javascript 184.30.20.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

nginx /

Resource Hash

174b9a58c7e4e80c420d329af6a87671f2a602c1878580298a832034adfe155a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path: /wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
pragma: no-cache
cookie: AWSALB=Z7y8EvjhW3rdZXFNzn1Guy6Ap5QnGIY0wvblIs8FQdSeG34pHa/9VWmNmAwrYjygMT5XTGQczKgBJCTvq1J9y7LBAVV0EqrGUYYqS/OID/cIgJcOfkYJgvWlZ/Ny; nk=3666cdfc7660594aef65df7a3139405a; AWSALBCORS=Z7y8EvjhW3rdZXFNzn1Guy6Ap5QnGIY0wvblIs8FQdSeG34pHa/9VWmNmAwrYjygMT5XTGQczKgBJCTvq1J9y7LBAVV0EqrGUYYqS/OID/cIgJcOfkYJgvWlZ/Ny
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.heraldsun.com.au
referer: https://www.heraldsun.com.au/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:25 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 1907
x-rq: ewr4 114 120 3167
last-modified: Tue, 13 Apr 2021 23:57:26 GMT
server: nginx
etag: W/"60762fe6-1246"
vary: User-Agent
content-type: application/javascript
cache-control: max-age=5
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Thu, 29 Apr 2021 11:20:30 GMT

GET
H2 200 source-sans-pro-regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 16 KB
16 KB 144ms
54ms Font
binary/octet-stream 184.30.24.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-regular.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A&nk=3666cdfc7660594aef65df7a3139405a-1619695222
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:25 GMT
last-modified: Tue, 01 Sep 2020 04:31:33 GMT
server: AmazonS3
x-amz-request-id: EFC0AD8EBCCD7129
etag: "899c8f78ce650d4009d42443897aa723"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=60959
accept-ranges: bytes
content-length: 16112
x-amz-id-2: KUKW+av4QFyzO1K/NgsGJU+kIOu+X9RuH2COg0hb48VfE4XQSsj5P4nijBPJqVMpSpao69k4s9o=
expires: Fri, 30 Apr 2021 04:16:24 GMT

GET
H2 200 source-sans-pro-600.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 16 KB
16 KB 156ms
68ms Font
binary/octet-stream 184.30.24.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-600.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A&nk=3666cdfc7660594aef65df7a3139405a-1619695222
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:25 GMT
last-modified: Tue, 22 Sep 2020 06:30:09 GMT
server: AmazonS3
x-amz-request-id: F71F13E443C6B2FE
etag: "c85615b296302af51e683eecb5e371d4"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=434979
accept-ranges: bytes
content-length: 15948
x-amz-id-2: Nlq1wgWYh3e+AC0TUoNBE9CTiNyyErOIlUApQuxB9Tpjk0xBPWMUGKncr3MAUeAFT97YCQMu7Vk=
expires: Tue, 04 May 2021 12:10:04 GMT

GET
H2 200 title-arrow.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 540 B
859 B 100ms
33ms Image
image/svg+xml 184.30.24.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow.svg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A&nk=3666cdfc7660594aef65df7a3139405a-1619695222
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:26 GMT
last-modified: Wed, 16 Sep 2020 23:56:43 GMT
server: AmazonS3
x-amz-request-id: 80805FC298EFFCF4
etag: "4d7595f832e4962b83a9428c3723233b"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=152821
accept-ranges: bytes
content-length: 540
x-amz-id-2: A7Clz7HCePx1Ek5slYSVMJdtjiy61jm8cPQilsKeafI3hQRtTyE80fian+knWnPUDJ+OpyNGk5s=
expires: Sat, 01 May 2021 05:47:27 GMT

GET
H2

200

7f175ae8351e9890b5f064c5486dee57
www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/
Redirect Chain

https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAH...
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fworld%2fflight-ban-loophole-stranded-australians-could-return-from-india-via-china%2fvideo%2f7f...
https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAH...

64 KB
64 KB

2156ms
2156ms

Image
text/html

184.30.20.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

:path: /news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A&nk=3666cdfc7660594aef65df7a3139405a-1619695222
pragma: no-cache
cookie: nk=3666cdfc7660594aef65df7a3139405a; lux_uid=161969522646533581; com.auth0.auth.yvV1g4Il8A9Nvr1v1jYdVnsFfCdA4VTw={%22nonce%22:%22iX5h8F_M~AtbOqO-X1wVNcdSJ48Nn89w%22%2C%22state%22:%22yvV1g4Il8A9Nvr1v1jYdVnsFfCdA4VTw%22}; AWSALB=t7C0uGD7G6ZG7pdSvASJl6F2ztfmjpOgOsjQkPNWmr5YNvRAIRL/gqy1dnDA2X+iM/4TB5i6/JlkNSae4qn+leUO/hVS8Pln2nrSCYYIYfHpVg9kaNVLRAHwNtTi; AWSALBCORS=t7C0uGD7G6ZG7pdSvASJl6F2ztfmjpOgOsjQkPNWmr5YNvRAIRL/gqy1dnDA2X+iM/4TB5i6/JlkNSae4qn+leUO/hVS8Pln2nrSCYYIYfHpVg9kaNVLRAHwNtTi; n_regis=123456789
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.heraldsun.com.au
referer: https://www.heraldsun.com.au/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
x-rq: ewr4 114 24 3179
server: nginx
date: Thu, 29 Apr 2021 11:20:29 GMT
vary: User-Agent Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
cache-control: max-age=52
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fworld%2fflight-ban-loophole-stranded-australians-could-return-from-india-via-china%2fvideo%2f7f175ae8351e9890b5f064c5486dee57%3f_hsmi%3d88974744%26_hsenc%3dp2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A%26nk%3d3666cdfc7660594aef65df7a3139405a-1619695222&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=7f175ae8351e9890b5f064c5486dee57&session=3666cdfc7660594aef65df7a3139405a
set-cookie: AWSALB=jp5mZvJZ22tcEyN6u43Da1NeuCzsBzZEYmc02fnbCrIn0yBGrPc2wmUXdHR7xiPUNz9UmlC+HKlWyox+s7Kxak9cFgXny5elidIxv/BZKoBnMy73deqEIFZyRzGk; Expires=Thu, 06 May 2021 11:20:27 GMT; Path=/ nk=3666cdfc7660594aef65df7a3139405a; expires=Sun, 28 Apr 2024 11:20:28 GMT; path=/; domain=heraldsun.com.au; SameSite=None; Secure; AWSALBCORS=jp5mZvJZ22tcEyN6u43Da1NeuCzsBzZEYmc02fnbCrIn0yBGrPc2wmUXdHR7xiPUNz9UmlC+HKlWyox+s7Kxak9cFgXny5elidIxv/BZKoBnMy73deqEIFZyRzGk; Expires=Thu, 06 May 2021 11:20:27 GMT; Path=/; SameSite=None; Secure
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Thu, 29 Apr 2021 11:21:21 GMT

Redirect headers

pragma: no-cache
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: AkamaiNetStorage
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
etag: "8222bdfdf08f1a28312e7d161218ff2d:1551324797"
vary: User-Agent
content-type: text/html
location: https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A&nk=3666cdfc7660594aef65df7a3139405a-1619695222
cache-control: max-age=0, no-cache, no-store
date: Thu, 29 Apr 2021 11:20:27 GMT
is-https: true
content-length: 154
expires: Thu, 29 Apr 2021 11:20:27 GMT

GET
H2 200 title-arrow-white.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 535 B
854 B 84ms
34ms Image
image/svg+xml 184.30.24.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow-white.svg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A&nk=3666cdfc7660594aef65df7a3139405a-1619695222
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:26 GMT
last-modified: Thu, 17 Sep 2020 00:28:25 GMT
server: AmazonS3
x-amz-request-id: E7FC71DCC76626B8
etag: "b0f5ec7455ded53e84de4fee006a5110"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=153423
accept-ranges: bytes
content-length: 535
x-amz-id-2: cwPOFVoesdR8zziFLGKQvvlh/NrinqD0Royvn8X9ixprzFVnM6iJPyh3TlqFvT/UKPHaRfChR3Y=
expires: Sat, 01 May 2021 05:57:29 GMT

GET
H2 200 charter_bold.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 11 KB
12 KB 50ms
28ms Font
binary/octet-stream 184.30.24.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A&nk=3666cdfc7660594aef65df7a3139405a-1619695222
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:26 GMT
last-modified: Fri, 25 Sep 2020 03:04:51 GMT
server: AmazonS3
x-amz-request-id: 34037D7C97259F11
etag: "c4ced7adf03d84494a6c1da275896d38"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=159394
accept-ranges: bytes
content-length: 11472
x-amz-id-2: 8hpECIsS0O7dE/rOrT22b+WguT2pGbsJRr3icYp9VHDHuJZLFxHG23j6pozDBbA9W1Eo5ca1pXY=
expires: Sat, 01 May 2021 07:37:00 GMT

GET
H2 200 charter_regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 11 KB
11 KB 51ms
39ms Font
binary/octet-stream 184.30.24.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_regular.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A&nk=3666cdfc7660594aef65df7a3139405a-1619695222
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:26 GMT
last-modified: Fri, 25 Sep 2020 03:04:51 GMT
server: AmazonS3
x-amz-request-id: 232BAC8F1E7A26D0
etag: "29e85ea235248e0a7761df4fe6643e1a"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=158474
accept-ranges: bytes
content-length: 11372
x-amz-id-2: 4ragS4nm2P2YO+wuj4WOaEwarsG8MPOvjg0Yww06PbhqcauOnbqvN1NBoN1h+SY8F0xcMAH9O4s=
expires: Sat, 01 May 2021 07:21:40 GMT

GET
H2 200 rampart.js Show response
www.heraldsun.com.au/remote/identity/rampart/latest/ 267 KB
83 KB 182ms
173ms Script
application/x-javascript 184.30.20.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

f3ee7f733586379df35b59416987e636427861079c0780e08be2feff3c2af0a1

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path: /remote/identity/rampart/latest/rampart.js
pragma: no-cache
cookie: AWSALB=Z7y8EvjhW3rdZXFNzn1Guy6Ap5QnGIY0wvblIs8FQdSeG34pHa/9VWmNmAwrYjygMT5XTGQczKgBJCTvq1J9y7LBAVV0EqrGUYYqS/OID/cIgJcOfkYJgvWlZ/Ny; nk=3666cdfc7660594aef65df7a3139405a; AWSALBCORS=Z7y8EvjhW3rdZXFNzn1Guy6Ap5QnGIY0wvblIs8FQdSeG34pHa/9VWmNmAwrYjygMT5XTGQczKgBJCTvq1J9y7LBAVV0EqrGUYYqS/OID/cIgJcOfkYJgvWlZ/Ny; lux_uid=161969522646533581
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.heraldsun.com.au
referer: https://www.heraldsun.com.au/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: AkamaiNetStorage
etag: "c9af8698c6758bd5b432f7c4daa8bddc:1617077678.533746"
vary: User-Agent Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=800
date: Thu, 29 Apr 2021 11:20:26 GMT
is-https: true
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Thu, 29 Apr 2021 11:33:46 GMT

GET
H2 200 js-metro-desktop-lazy.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 47 KB
15 KB 177ms
169ms Script
application/javascript 184.30.20.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

nginx /

Resource Hash

919a09d45286a3828a624e7dae7c7ee6b964ba70339274d8e333c5aaaf9c9ec9

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path: /wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js
pragma: no-cache
cookie: AWSALB=Z7y8EvjhW3rdZXFNzn1Guy6Ap5QnGIY0wvblIs8FQdSeG34pHa/9VWmNmAwrYjygMT5XTGQczKgBJCTvq1J9y7LBAVV0EqrGUYYqS/OID/cIgJcOfkYJgvWlZ/Ny; nk=3666cdfc7660594aef65df7a3139405a; AWSALBCORS=Z7y8EvjhW3rdZXFNzn1Guy6Ap5QnGIY0wvblIs8FQdSeG34pHa/9VWmNmAwrYjygMT5XTGQczKgBJCTvq1J9y7LBAVV0EqrGUYYqS/OID/cIgJcOfkYJgvWlZ/Ny; lux_uid=161969522646533581
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.heraldsun.com.au
referer: https://www.heraldsun.com.au/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:26 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 14341
x-rq: ewr4 114 88 3279
last-modified: Mon, 19 Apr 2021 23:52:30 GMT
server: nginx
etag: W/"607e17be-bbb6"
vary: User-Agent
content-type: application/javascript
cache-control: max-age=47
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Thu, 29 Apr 2021 11:21:13 GMT

GET
H2 200 player.js Show response
resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/ 224 KB
54 KB 35ms
26ms Script
application/x-javascript 184.30.24.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cd475ec83d1ad4612892c25e3e14012e644b8480a5f29e11de357dc3b8a24114

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:26 GMT
content-encoding: gzip
last-modified: Wed, 21 Apr 2021 04:02:25 GMT
server: AmazonS3
x-amz-request-id: 07DEJK5MB2M71R6S
etag: "6a92d491cae9037aa1e53764f7ae83c6"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=599
accept-ranges: bytes
content-length: 54677
x-amz-id-2: djdw7JWCEIUrwhlTSJ+pA5Ur6oXHd8C/YGfTYl+armArubYGimjTMKg/SSLmSV0C9ojBhYYp4zY=
expires: Thu, 29 Apr 2021 11:30:25 GMT

GET
H2 200 js-weather.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 6 KB
3 KB 177ms
169ms Script
application/javascript 184.30.20.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-weather.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

nginx /

Resource Hash

6d90199995b493e006d03ef62d624e59120a272ed586ff1496bd7a5c38ccb3fe

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path: /wp-content/themes/newscorpau-news-dna/dist/javascripts/js-weather.js
pragma: no-cache
cookie: AWSALB=Z7y8EvjhW3rdZXFNzn1Guy6Ap5QnGIY0wvblIs8FQdSeG34pHa/9VWmNmAwrYjygMT5XTGQczKgBJCTvq1J9y7LBAVV0EqrGUYYqS/OID/cIgJcOfkYJgvWlZ/Ny; nk=3666cdfc7660594aef65df7a3139405a; AWSALBCORS=Z7y8EvjhW3rdZXFNzn1Guy6Ap5QnGIY0wvblIs8FQdSeG34pHa/9VWmNmAwrYjygMT5XTGQczKgBJCTvq1J9y7LBAVV0EqrGUYYqS/OID/cIgJcOfkYJgvWlZ/Ny; lux_uid=161969522646533581
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.heraldsun.com.au
referer: https://www.heraldsun.com.au/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:26 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 1987
x-rq: ewr4 119 71 3093
last-modified: Tue, 13 Apr 2021 00:42:15 GMT
server: nginx
etag: W/"6074e8e7-182d"
vary: User-Agent
content-type: application/javascript
cache-control: max-age=1
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Thu, 29 Apr 2021 11:20:27 GMT

GET
H2 200 js-videohub-desktop.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 29 KB
10 KB 178ms
169ms Script
application/javascript 184.30.20.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-videohub-desktop.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

nginx /

Resource Hash

53f15b7bbdf0cc56b0760121d8971f95bbb930e244ff143535d53c82242d4954

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path: /wp-content/themes/newscorpau-news-dna/dist/javascripts/js-videohub-desktop.js
pragma: no-cache
cookie: AWSALB=Z7y8EvjhW3rdZXFNzn1Guy6Ap5QnGIY0wvblIs8FQdSeG34pHa/9VWmNmAwrYjygMT5XTGQczKgBJCTvq1J9y7LBAVV0EqrGUYYqS/OID/cIgJcOfkYJgvWlZ/Ny; nk=3666cdfc7660594aef65df7a3139405a; AWSALBCORS=Z7y8EvjhW3rdZXFNzn1Guy6Ap5QnGIY0wvblIs8FQdSeG34pHa/9VWmNmAwrYjygMT5XTGQczKgBJCTvq1J9y7LBAVV0EqrGUYYqS/OID/cIgJcOfkYJgvWlZ/Ny; lux_uid=161969522646533581
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.heraldsun.com.au
referer: https://www.heraldsun.com.au/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:26 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 9379
x-rq: ewr4 116 88 3255
last-modified: Tue, 13 Apr 2021 23:57:26 GMT
server: nginx
etag: W/"60762fe6-74e3"
vary: User-Agent
content-type: application/javascript
cache-control: max-age=2
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Thu, 29 Apr 2021 11:20:28 GMT

GET
H2 200 player.css
resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/ 149 KB
25 KB 31ms
30ms Stylesheet
text/css 184.30.24.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.css
Requested by: Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4a62c84214946e90ff1e1ae4fd103d3e74fff90f0f7b6d09eaf808af0a5db9d0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:26 GMT
content-encoding: gzip
last-modified: Wed, 21 Apr 2021 04:02:25 GMT
server: AmazonS3
x-amz-request-id: A031N5BZWRK7SFA7
etag: "77f6e2d59bef22258ae2e6f90642abf9"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=781
accept-ranges: bytes
content-length: 24816
x-amz-id-2: sU6FRNa0RTvO9GyKr2i+ORojE+WFkXQwBCoK2sUFBihmtwSNZPIxiSmDtfsNsthyXwIFH0pfTXo=
expires: Thu, 29 Apr 2021 11:33:27 GMT

GET
H/1.1 200
OK index.min.js Show response
players.brightcove.net/5348771529001/DHPfbk7qO_default/ 875 KB
235 KB 423ms
353ms Script
application/javascript 2.18.234.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://players.brightcove.net/5348771529001/DHPfbk7qO_default/index.min.js
Requested by: Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.234.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-122.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4e096b1b92172377d28b5d74b8d59225227c3b664f8ab6be108c0ac2b5fba67c

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: w8hVJ2tngMgfbVw7AvvDCiOpwWMgGrye
Content-Encoding: gzip
ETag: "1c30daf256f20eebabc2ff34be0f2aee"
x-amz-request-id: 017243B09C9DFB41
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 239850
x-amz-id-2: QI3FQ6tpG2wN5qMpv83CVKl3vWHkWuEfgAQd16/LAJP8iBCQnBR/YKfgzNXhdRXWoVKzVNjsLKw=
X-BCOV-Response-Mode: 1
X-Served-By: cache-dca17762-DCA
Last-Modified: Fri, 18 Dec 2020 04:20:42 GMT
Server: AmazonS3
X-Timer: S1611706169.443106,VS0,VE0
Date: Thu, 29 Apr 2021 11:20:27 GMT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=268
Accept-Ranges: bytes
X-Cache-Hits: 2

GET
H2 200 MediaSDK.min.js Show response
tags.news.com.au/prod/heartbeat/v2.2.0/ 175 KB
35 KB 65ms
64ms Script
application/x-javascript 184.30.20.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/heartbeat/v2.2.0/MediaSDK.min.js
Requested by: Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: bba3f2b1cf65dc4992fad83fefe41ea84164c5be9307acbba7ab1179c26597a0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:26 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "c347a09f51bb895d757c5e600ad18d57:1565826404"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=29388
content-type: application/x-javascript
content-length: 35262

GET
H2 200 vans-adapter-google-ima.js Show response
static.adsafeprotected.com/ 19 KB
7 KB 123ms
39ms Script
application/javascript 2600:9000:20c8:a600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/vans-adapter-google-ima.js
Requested by: Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c8:a600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b7aa714a4418a8e3d269a472e0ba2168cca963243ce2c94ad32315cd239fd245

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: FmW9GCwMGDcYuvST0fbMtlt7Sr3UNohQ
content-encoding: gzip
etag: W/"90eaad1daab4870a6a4ed031687aa680"
age: 86119
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 16 Dec 2019 18:23:25 GMT
server: AmazonS3
date: Wed, 28 Apr 2021 11:25:08 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 9bac09758c086d613f2c0a80dd66c7a6.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: bwqEZaqXSIcHf1lfH_q4TzAWN_cVdLA-6UEulVqhTfOdxPp3-RwLfQ==

GET
H2 200 vidora-client.1.x.x.min.js Show response
assets.vidora.com/js/ 8 KB
4 KB 843ms
37ms Script
application/javascript 2600:9000:20c8:de00:4:77d:a0c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Requested by: Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c8:de00:4:77d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4754c1f1fb712883286295c92774dddebef215996cfdfab9fd972d265473f025

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:45:20 GMT
content-encoding: gzip
etag: W/"0d9785869d3d057828f29bcf6b0f8119"
last-modified: Mon, 15 Mar 2021 13:51:58 GMT
server: AmazonS3
age: 34529
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 713e5c81a0f7ad564b97cf451e92aaac.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: Un0rThOw-6jDFPK14MSxZKPH0F1MAWTzJa9mIh0lag-qkDi9TfJt2w==

GET
H2 200 authorize Show response
login.newscorpaustralia.com/ Frame 372A 2 KB
3 KB 845ms
622ms Document
text/html 104.117.204.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=yvV1g4Il8A9Nvr1v1jYdVnsFfCdA4VTw&nonce=iX5h8F_M~AtbOqO-X1wVNcdSJ48Nn89w&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.117.204.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89135ab18d355deeed9ff375ac54cec5957675a5b1166d463abf14c1552ee4db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: login.newscorpaustralia.com
:scheme: https
:path: /authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=yvV1g4Il8A9Nvr1v1jYdVnsFfCdA4VTw&nonce=iX5h8F_M~AtbOqO-X1wVNcdSJ48Nn89w&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

content-type: text/html;charset=UTF-8
cf-ray: 647824259d882c36-FRA
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
cf-request-id: 09bef4eb8000002c3695808000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id: 647824259d882c36
ot-tracer-sampled: true
ot-tracer-spanid: 4244b4dd46454f8b
ot-tracer-traceid: 1270ef6c3eee2976
x-auth0-requestid: 51d04fafddf6ab4a8852
x-content-type-options: nosniff
x-ratelimit-limit: 1000
x-ratelimit-remaining: 998
x-ratelimit-reset: 1619695229
server: cloudflare
content-encoding: gzip
x-akamai-transformed: 9 541 0 pmb=mTOE,3
expires: Thu, 29 Apr 2021 11:20:28 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 29 Apr 2021 11:20:28 GMT
content-length: 841
vary: Accept-Encoding
set-cookie: __cfduid=d0a1a9d9bdda78534069ebe6d17e9bc431619695227; expires=Sat, 29-May-21 11:20:27 GMT; path=/; domain=.au.auth0.com; HttpOnly; SameSite=Lax; Secure did=s%3Av0%3Ae6a58210-a8dc-11eb-94a1-8f3f66bcc03d.i0To%2BLKLU5UlCqCymQlnOV%2B1nXPvD20vApcdq4eFREE; Max-Age=31557600; Path=/; Expires=Fri, 29 Apr 2022 17:20:28 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3Ae6a58210-a8dc-11eb-94a1-8f3f66bcc03d.i0To%2BLKLU5UlCqCymQlnOV%2B1nXPvD20vApcdq4eFREE; Max-Age=31557600; Path=/; Expires=Fri, 29 Apr 2022 17:20:28 GMT; HttpOnly; Secure ak_bmsc=A69E8595ED0B7EB854EB9AFF007B7CFA5C7B7AB5FD6C00007C968A602C536404~plWRTHI2Q9Jmgx9T5+772vWP/6tP/Jsfs6h7KTMQEl5FRRWQTJxYBGB9/5fqII2dNn8IavBayTv8MhVZaTC7WEqRDPp2aQvv4gePXb+/6wBxFX2Z+sGr+2xQy7pdWhm/5l/1MaXnmMZrhPcjT149BK6nuf9j3d1Z7pRdAvel0RdHDYtGhU1hhQfagRg9nvAGy3Zk8h9azxnc4kt+QL+2Swdq0pqIa8IsYCAYH1XD6nVW5FKaXYhsO8kcJDFejw1HGa; expires=Thu, 29 Apr 2021 13:20:28 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=C8689825B3F6A778923788959E1A7A49~NCo7rdbFa3JwfXAp9S5UvMewuha+OKr2nBFyDEFKW8TL6SxgA2TqGil17JQLizYGrg0DldoQCbrtxxBMCc1jMwZNBmSB4sjIgf0RG1LialM+ygBzjZuqH9sMdoZ83RaHDRiaxQ4XYD9CdnwkT9XzL6sZXvlB7/TI7rholwDOqhdCp/qgS7rvvGZUakfU+Ixm/xu/H/T5uyli/iIDG0NQzZuC0pmP4X1Yh2oCHAZ5WG7IqBKkUNx4E/OuLQWwJNbN; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=A6277EB29F00C0ED566EB574D146C6A0~YAAQtXp7XAVdqv94AQAAWNVbHQvuW8g0//FTw3Le/kZC7TLkQ6OP8trSJJTWxXfajabR4Gcpq7AxvkWdEWa4+axP7pkXz8pkbOWLt/YRWJTmDdDXGUpQvyOg9zkOwIYP3+QVkEHphi1MgW/ix3rayliYDAXGZBaXhj32Bu8S6nzI/bn9HRbsZ3fE39tFMMqcqFKJ3yKcvDfZmeM=; Domain=.newscorpaustralia.com; Path=/; Expires=Thu, 29 Apr 2021 15:20:27 GMT; Max-Age=14399; HttpOnly _abck=EE57759290E1636E862735CC5865C22B~-1~YAAQtXp7XAZdqv94AQAAWNVbHQVe+wY84MzEaYlGoIkGgOKUaqwqyVxG07J04iqh2WmN++3diHnXJZ9ScoOmh2yvsVDoBPPNP/hd53IiEB35gEkuQXVfl5StDpXxO1lN1qoRmwVeFT2fJjXjrNGiDGjHqHigufY5ATWkCqqedJil+L4WjgsryIw6EfU0akRFz02gpXC0LeKySyiPUCmD5kPXJN4FPpVzR8fZTwCXO6CscvHS3nSaR9GvHbg39k79dKNXcuI3FRMHXBQagKZFSHE+g9qdQoDL+Q12oIsTeejOWHHFU7xo5X5T8+XqHS95lZ1K3rzc4jyzOsrlQDvo6wAZPS7ct7WUrSyCr7N2hxNyLc3Y9yhs3uhxCF4EK/cw1TBZ5ZiI/A==~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Fri, 29 Apr 2022 11:20:28 GMT; Max-Age=31536000; Secure

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 3 KB
1 KB 57ms
56ms Script
application/x-javascript 23.79.152.104
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.sync.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.152.104 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-152-104.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4379b5695f319d7ad15e6c86346e9117f0b4f4a8d4bcbab18aa840fd9e6d900a

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:26 GMT
content-encoding: gzip
last-modified: Wed, 14 Apr 2021 03:49:38 GMT
server: AkamaiNetStorage
etag: "cd574ccc8294fe1328dbeab462c8cb3f:1618372178.026573"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 1234
expires: Thu, 29 Apr 2021 11:25:26 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 71 KB
19 KB 62ms
58ms Script
application/x-javascript 23.79.152.104
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.152.104 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-152-104.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: aeff34d9a1c253a230b7436d1f8798f9d4d096c0dd88ac2983997dce9ef88508

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:26 GMT
content-encoding: gzip
last-modified: Wed, 14 Apr 2021 03:49:39 GMT
server: AkamaiNetStorage
etag: "baf18b342a54172ca520ae382752ce1c:1618372179.176935"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 19094
expires: Thu, 29 Apr 2021 11:25:26 GMT

GET
H2 200 indies-loader.js Show response
ts2020-indies-client.web.app/ 7 KB
3 KB 686ms
20ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://ts2020-indies-client.web.app/indies-loader.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9c96c025f6aa0b8edff6538d533ddd012d17e860c8fa47140314e81886ce22e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
last-modified: Thu, 22 Apr 2021 01:47:05 GMT
x-timer: S1619695228.508233,VS0,VE1
etag: "5c2c9c77edcfefaf1619408144b41c5b44f64c00ae68f3981ff348f0dc03807f-br"
x-served-by: cache-ams21054-AMS
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Thu, 29 Apr 2021 11:20:27 GMT
accept-ranges: bytes
content-length: 2347
x-cache-hits: 1

GET
H2 200 js-c3po-bundle.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 155 KB
36 KB 142ms
140ms Script
application/javascript 184.30.20.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-c3po-bundle.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

nginx /

Resource Hash

56f5e4b898b245f9ecfc5c02bfd5e5adf6ce503fe43328b4bc8e9188e1ef7e76

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path: /wp-content/themes/newscorpau-news-dna/dist/javascripts/js-c3po-bundle.js
pragma: no-cache
cookie: AWSALB=Z7y8EvjhW3rdZXFNzn1Guy6Ap5QnGIY0wvblIs8FQdSeG34pHa/9VWmNmAwrYjygMT5XTGQczKgBJCTvq1J9y7LBAVV0EqrGUYYqS/OID/cIgJcOfkYJgvWlZ/Ny; nk=3666cdfc7660594aef65df7a3139405a; AWSALBCORS=Z7y8EvjhW3rdZXFNzn1Guy6Ap5QnGIY0wvblIs8FQdSeG34pHa/9VWmNmAwrYjygMT5XTGQczKgBJCTvq1J9y7LBAVV0EqrGUYYqS/OID/cIgJcOfkYJgvWlZ/Ny; lux_uid=161969522646533581; com.auth0.auth.yvV1g4Il8A9Nvr1v1jYdVnsFfCdA4VTw={%22nonce%22:%22iX5h8F_M~AtbOqO-X1wVNcdSJ48Nn89w%22%2C%22state%22:%22yvV1g4Il8A9Nvr1v1jYdVnsFfCdA4VTw%22}
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.heraldsun.com.au
referer: https://www.heraldsun.com.au/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:26 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 36434
x-rq: ewr4 113 245 3266
last-modified: Mon, 26 Apr 2021 23:55:11 GMT
server: nginx
etag: W/"608752df-26a6a"
vary: User-Agent
content-type: application/javascript
cache-control: max-age=9
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Thu, 29 Apr 2021 11:20:35 GMT

GET
H2 200 js-vidora-client.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 7 KB
4 KB 159ms
157ms Script
application/javascript 184.30.20.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

nginx /

Resource Hash

7bf1b2294652f63961ee42eb038756bdaf485c649d7b3698596b1f290696b3a4

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path: /wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js
pragma: no-cache
cookie: AWSALB=Z7y8EvjhW3rdZXFNzn1Guy6Ap5QnGIY0wvblIs8FQdSeG34pHa/9VWmNmAwrYjygMT5XTGQczKgBJCTvq1J9y7LBAVV0EqrGUYYqS/OID/cIgJcOfkYJgvWlZ/Ny; nk=3666cdfc7660594aef65df7a3139405a; AWSALBCORS=Z7y8EvjhW3rdZXFNzn1Guy6Ap5QnGIY0wvblIs8FQdSeG34pHa/9VWmNmAwrYjygMT5XTGQczKgBJCTvq1J9y7LBAVV0EqrGUYYqS/OID/cIgJcOfkYJgvWlZ/Ny; lux_uid=161969522646533581; com.auth0.auth.yvV1g4Il8A9Nvr1v1jYdVnsFfCdA4VTw={%22nonce%22:%22iX5h8F_M~AtbOqO-X1wVNcdSJ48Nn89w%22%2C%22state%22:%22yvV1g4Il8A9Nvr1v1jYdVnsFfCdA4VTw%22}
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.heraldsun.com.au
referer: https://www.heraldsun.com.au/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:26 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 2990
x-rq: ewr4 114 120 3182
last-modified: Mon, 26 Apr 2021 23:55:15 GMT
server: nginx
etag: W/"608752e3-1aff"
vary: User-Agent
content-type: application/javascript
cache-control: max-age=9
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Thu, 29 Apr 2021 11:20:35 GMT

GET
DATA 200
OK truncated
/ 403 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 091c2733df586042615d79b6fe413e3f33b87eb090beee72c3ac3e820110b5fd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
BLOB 206
Partial Content 8a241901-2ebb-4a91-8b94-30ec0e3ebdf5
https://www.heraldsun.com.au/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldsun.com.au/8a241901-2ebb-4a91-8b94-30ec0e3ebdf5
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content 9d2ecc92-b943-41dc-8e66-7038765dfc2d
https://www.heraldsun.com.au/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldsun.com.au/9d2ecc92-b943-41dc-8e66-7038765dfc2d
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content e83491db-64e8-44de-ac34-35ae76a3cd0c
https://www.heraldsun.com.au/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldsun.com.au/e83491db-64e8-44de-ac34-35ae76a3cd0c
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content 19e2406e-1ac0-41fb-8353-a4505d1ff783
https://www.heraldsun.com.au/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldsun.com.au/19e2406e-1ac0-41fb-8353-a4505d1ff783
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 200
OK c04c0f92-c2e0-4969-9e22-6b842480ece5
https://www.heraldsun.com.au/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldsun.com.au/c04c0f92-c2e0-4969-9e22-6b842480ece5
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H2 200 authorize Show response
login.newscorpaustralia.com/ Frame 6EFD 2 KB
3 KB 1274ms
1268ms Document
text/html 104.117.204.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=Mw7e3ekr8FEjMxpZ7QHh92CEfn.Thk4M&nonce=xS8k_1SfHVK4BgEac-Ym9rNN9iEwGrrQ&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.117.204.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c21df4f2868fbd868801d0050d3a86dddc3701272554f7b74013d3ff7dbca38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: login.newscorpaustralia.com
:scheme: https
:path: /authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=Mw7e3ekr8FEjMxpZ7QHh92CEfn.Thk4M&nonce=xS8k_1SfHVK4BgEac-Ym9rNN9iEwGrrQ&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

content-type: text/html;charset=UTF-8
cf-ray: 64782427aa0b4e68-FRA
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
cf-request-id: 09bef4eccc00004e68e6964000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id: 64782427aa0b4e68
ot-tracer-sampled: true
ot-tracer-spanid: 3ec392cb4972562e
ot-tracer-traceid: 3b2bc1416021f498
x-auth0-requestid: 6cd4e87422489fc6d783
x-content-type-options: nosniff
x-ratelimit-limit: 1000
x-ratelimit-remaining: 999
x-ratelimit-reset: 1619695230
server: cloudflare
content-encoding: gzip
x-akamai-transformed: 9 542 0 pmb=mTOE,3
expires: Thu, 29 Apr 2021 11:20:29 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 29 Apr 2021 11:20:29 GMT
content-length: 842
vary: Accept-Encoding
set-cookie: __cfduid=dc37e9121571b667f1649b5056a7b5fdf1619695228; expires=Sat, 29-May-21 11:20:28 GMT; path=/; domain=.au.auth0.com; HttpOnly; SameSite=Lax; Secure did=s%3Av0%3Ae74b37f0-a8dc-11eb-ad0e-cf38243cbad8.0yDbqqTDnk5EFbroWDUDir59YwkLWIsfPIPR3C6Ojpw; Max-Age=31557600; Path=/; Expires=Fri, 29 Apr 2022 17:20:29 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3Ae74b37f0-a8dc-11eb-ad0e-cf38243cbad8.0yDbqqTDnk5EFbroWDUDir59YwkLWIsfPIPR3C6Ojpw; Max-Age=31557600; Path=/; Expires=Fri, 29 Apr 2022 17:20:29 GMT; HttpOnly; Secure ak_bmsc=FEA667EE19A055155AD183713BE66C925C7B7AB5FD6C00007D968A60FA72994C~plouE0nKpobNFz4Cpr9Z5AK6y4fq0dYdvJzAmokNTj1GehL8/xLRDv2zpTwCQ+e99AfCGHAydE+rD4ERSbqXrRKBow6zuuhAPzqMTMAY6SoOzyXMv+q7hOPVglkju3TcptvMgX6v0ouYCEVj3H0P4v1GWnYg/z7PRQkclyQib1MXM9i2HcU6/ge7Kwx2uOPCva2BW6V8DEEyXcxYG7gU/bkkpLOog6FkvIBDc87JB1+5+5jJNyqK+DRnbUksuQvnfO; expires=Thu, 29 Apr 2021 13:20:29 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=6FB27B2A801A09113FF5A80F5E4BEF83~NCo7rdbFa3JwfXAp9S5UvJc9heewwODaV/RfiQeeFB5VzdldX3YxSStcN78YIS8n4xXbtbsIqVXxz2kCB7NewR9K/UCQFx9X4+46b6ddQn1j1ngFroX9Bq10an8L/WRwi25DTQ0Byl9DpKBUMp3tRn9FWtgyG9/Mw4I9/Rr2G2bhd9soUPSi91+dK6efp5f52fwaClNk6aq+9/wEHP1JlNJLj1sG3e9CQOTm49hM4PNp5wa+a8CUtymiiAjBz0P6; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=586A220722A39058A4F0261F8B0ED0CB~YAAQtXp7XBRdqv94AQAAndlbHQvNir4ou2R93XGEiMersuzg2FNspO5w9Fwce98XEVRelkG9WzSwaAbYgUzUVR1GGFyMKnBXQOxwxq9oOYcejxN9Hj/M233vSP9zmcIiq1JLv8j4WhJSK3CwnURQu+jSPquwDRtNXyFWHjIEYPsLiXv+7q6ckOkNhobJdJaWUW4BifCO6E2R5lM=; Domain=.newscorpaustralia.com; Path=/; Expires=Thu, 29 Apr 2021 15:20:28 GMT; Max-Age=14399; HttpOnly _abck=615CC35AC46A942B6CB12F297F8654A7~-1~YAAQtXp7XBVdqv94AQAAndlbHQUa+f1qUNa/okuHPdQGmgohO4einiMM624cUAi2L0Cx8i6Zihmya/HS5xIFik3xQ+0pNb2pFfYrB7FxAUPpBGz+7+Zb/ALC9A0AmdYuyBJBPhV83bZOeQ8Wpusm4j5mvOWqfX9JuKTeJ62DVJVIhDobPqCthPVyo9ebsS43zuHzPcb4zQtHl2l3a7V8EuxcUBE43Owv76zQlQItJofORtGlFDxAj8tnEi848PDsfslhSUVoifkAPzm3UKxNPL/h1QaFZ4l40d9PndNTeFkG0dNF67aq3FQZowD0mjUEuL4WtR4wK2k3FsgBgvYiqeFB3vC+nFOnOkNCgRItxX93mZKIDPOFSh8XoONdPndQZI1cbwpMAQ==~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Fri, 29 Apr 2022 11:20:29 GMT; Max-Age=31536000; Secure

GET
H2 200 ggng510.js Show response
cdn-gl.imrworldwide.com/novms/bc/3/ 90 KB
20 KB 48ms
43ms Script
application/javascript 2600:9000:20c8:e200:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/bc/3/ggng510.js
Requested by: Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c8:e200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9a2b6a1fcf2724d705818d4237c71625643b8c25ced72d6def3b84d9ac8f1f42

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: uPg9dghkfLf5QnVKvmiuXDfV8WNo6Oxf
content-encoding: gzip
etag: W/"3ce9be8772dc9fbb9328a338eb9024ff"
last-modified: Thu, 13 Dec 2018 15:53:58 GMT
server: AmazonS3
age: 3890
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 2ae7e0c53833032779e8c2554653673b.cloudfront.net (CloudFront)
date: Thu, 29 Apr 2021 11:07:10 GMT
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: OsVOyw1p7_5fgcgHWXsTrxooQFahFXNxMk8OcJCJeWCbDeU6ldedkQ==

GET
H2 200 authorize Show response
login.newscorpaustralia.com/ Frame 9519 2 KB
3 KB 530ms
529ms Document
text/html 104.117.204.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=2Jlq2szEYMbvVCR3-XMi85FrE~4hu2hX&nonce=CB4VkGmwyxtHJa4Oduw6qr5SpVTezal4&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.117.204.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0c2c25dfc08ed1e512fa8165b935ff21ed802bf0e3da48b6223ab149244c049

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: login.newscorpaustralia.com
:scheme: https
:path: /authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=2Jlq2szEYMbvVCR3-XMi85FrE~4hu2hX&nonce=CB4VkGmwyxtHJa4Oduw6qr5SpVTezal4&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

content-type: text/html;charset=UTF-8
cf-ray: 64782427f9a64ed4-FRA
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
cf-request-id: 09bef4ecf700004ed4a1b99000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id: 64782427f9a64ed4
ot-tracer-sampled: true
ot-tracer-spanid: 6d9b3a0376712e44
ot-tracer-traceid: 567ee0073a52b98d
x-auth0-requestid: a27be0825d9cd7d9fa9b
x-content-type-options: nosniff
x-ratelimit-limit: 1000
x-ratelimit-remaining: 999
x-ratelimit-reset: 1619695229
server: cloudflare
content-encoding: gzip
x-akamai-transformed: 9 609 0 pmb=mTOE,3
expires: Thu, 29 Apr 2021 11:20:28 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 29 Apr 2021 11:20:28 GMT
content-length: 842
vary: Accept-Encoding
set-cookie: __cfduid=df877391da5e4ca0f2c613d8c90f98ea81619695228; expires=Sat, 29-May-21 11:20:28 GMT; path=/; domain=.au.auth0.com; HttpOnly; SameSite=Lax; Secure did=s%3Av0%3Ae6df2fb0-a8dc-11eb-b1cb-87f94143ca93.7C4qkzd%2FFUQ69vjGNwpPW1ueYYuCZv2JT69ELiNoCA4; Max-Age=31557600; Path=/; Expires=Fri, 29 Apr 2022 17:20:28 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3Ae6df2fb0-a8dc-11eb-b1cb-87f94143ca93.7C4qkzd%2FFUQ69vjGNwpPW1ueYYuCZv2JT69ELiNoCA4; Max-Age=31557600; Path=/; Expires=Fri, 29 Apr 2022 17:20:28 GMT; HttpOnly; Secure ak_bmsc=984ACA1BC843A98B52DFFAD91C2CB8445C7B7AB5FD6C00007C968A6049782037~pl374Ib00hRx9bV9Z7itRNlph0QIqgsxv1+xPp4guSKvUZwOaWfSq5cBwwYP109yefarO0Q34E8gmldWh3OH3ROFIt53GdUYbWs+CaUnsW3Snw4oaB08kWZOjAqmUoLfsBxuFxGWPtjdPSm1KvWk3x+kLV3aNEUd/tek31CkMTpH5idmfsqh0+29H4tnvwc9AsB5mG96KO3IOeC8ZkYY8tJLgBfWW30FjIWflTLYRSt38kO8IHj+/0H5xHgqw97f9F; expires=Thu, 29 Apr 2021 13:20:28 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=72D157419923F20659747B86A61329EE~NCo7rdbFa3JwfXAp9S5UvP19H65PK9v7l/3ez/D1FUJZWk/x+kGpu+UZCwNRy3K1OC6Ftr7lBL/aDWtEpkU4bwTs1lmClI6318MYmYWH5udHJCJAmrc894HGJFnBSO4bhY3+lBQjvmbc3QN5FBvwMJFjOaiCFJ/tZ/1R7x8u3N833FVoKp+CWRFQHs54e4rBIc9bk4bHG5nd/8UEU/6UTTz3UypO/8UdeUbXwZuT/NYHkY7e4+yNOVe7F/AoVd9y; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=99E44AA2F8A47E0816FFFC662C935A9C~YAAQtXp7XApdqv94AQAA0dZbHQt66ryYxEWFApRZK8cyeZoqZuazylHrOjrcGITUxosIJiMC7/+dNL08u7gJGxoCqooJ/d4poIFdC4jnawsVeJM+zD151kZY08ljP8QHPPvIeqY8KUAx7YyyQWEHiHRvLlgZYo0xAlGjp+pRo7cWuwe3xdbQEiUKZfSY2jRZ6wLj2dFNvRVX9Rs=; Domain=.newscorpaustralia.com; Path=/; Expires=Thu, 29 Apr 2021 15:20:28 GMT; Max-Age=14400; HttpOnly _abck=DF4478272B1E301480D9C396318A1825~-1~YAAQtXp7XAtdqv94AQAA0dZbHQUwmE/yNkvyzysdHNJYXJ57Iz/GvZPNxBOmQcJ4EDjVlXlrIFr2jlQ2qziwGEMI0ZQ2cKC8rAB+eZvRH19PqnlD4LUj5TOJKPm1arSHrVncTBA9tbvIywAOlZJilkgKGV3GAPX690vV6FIvJd7gBsA01eiAmX2K941/xttqfitaMNWBFH7RFTs8yCARKIPaF55MZvLKtSxN9z/PpxExTdTvw2RrrIyNONo2bYZQyLaoGrRAG15oAdwrjKl7fOjzwhbG4EwmZSZwuaBVj6+i5n0RssmNoP82cQkUXjtPHY6QhPZBtBZgmTGLhKbjUbpyaYP/TdJpKk65cndSE7h7FX7+5wb4zvD/VS1f93k6TlgRtsJnFA==~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Fri, 29 Apr 2022 11:20:28 GMT; Max-Age=31536000; Secure

GET
H2 200 utrack.js Show response
tags.news.com.au/prod/utrack/ 2 KB
1 KB 37ms
36ms Script
application/x-javascript 184.30.20.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/utrack/utrack.js?cb=16196952281500.5306373571137359
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 7eab82ead1480897c3dedd5c6b4ef4ec553efacdca1ce23c3acd6bd8e9621046

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 11:20:28 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "ab4f3fe7c5c43b61d4377ef72d3952fa:1558613430"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=0, no-cache, no-store
content-type: application/x-javascript
content-length: 832
expires: Thu, 29 Apr 2021 11:20:28 GMT

GET
H2 200 mitas.js Show response
tags.news.com.au/prod/mitas/ 666 B
905 B 27ms
27ms Script
application/x-javascript 184.30.20.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/mitas/mitas.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:28 GMT
cache-control: max-age=79671
server: AkamaiNetStorage
content-type: application/x-javascript
etag: "83a2bbd4d3829f1d4278f4ff0988804c:1490850995"
content-length: 666
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"

GET
H3-29 200 B7670439;dcadv=4149947;sz=1x2;ord=158140238899.76703 Show response
ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/ 19 KB
7 KB 58ms
50ms Script
text/javascript 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=158140238899.76703?

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

54ae00c2346104abf0deedae46549b51d5fd27455bcc3a15969cc9fcbbb7ef8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 11:20:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7015
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 authorize Show response
login.newscorpaustralia.com/ Frame F039 2 KB
3 KB 517ms
516ms Document
text/html 104.117.204.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=RYqPFL3L5FrEVmgUa6wlC_Too7wL19sw&nonce=SFB_hynRjE3dt69eCB~fmxNqhk59pwM0&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.117.204.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b76c2ee7eb4bc5687b5ca4693644a4cd5b6d1de17215d5d27d095f4042ad9c6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: login.newscorpaustralia.com
:scheme: https
:path: /authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=RYqPFL3L5FrEVmgUa6wlC_Too7wL19sw&nonce=SFB_hynRjE3dt69eCB~fmxNqhk59pwM0&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: did=s%3Av0%3Ae6a58210-a8dc-11eb-94a1-8f3f66bcc03d.i0To%2BLKLU5UlCqCymQlnOV%2B1nXPvD20vApcdq4eFREE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

content-type: text/html;charset=UTF-8
cf-ray: 64782429ce612c36-FRA
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
cf-request-id: 09bef4ee2100002c362c178000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id: 64782429ce612c36
ot-tracer-sampled: true
ot-tracer-spanid: 23e1f4805b08c010
ot-tracer-traceid: 6c060d5f706ca1d6
x-auth0-requestid: b29fd700ce526aa586ad
x-content-type-options: nosniff
x-ratelimit-limit: 1000
x-ratelimit-remaining: 998
x-ratelimit-reset: 1619695229
server: cloudflare
content-encoding: gzip
x-akamai-transformed: 9 572 0 pmb=mTOE,3
expires: Thu, 29 Apr 2021 11:20:28 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 29 Apr 2021 11:20:28 GMT
content-length: 843
vary: Accept-Encoding
set-cookie: __cfduid=d43b0b5660d115eb591ed206a83b5ef691619695228; expires=Sat, 29-May-21 11:20:28 GMT; path=/; domain=.au.auth0.com; HttpOnly; SameSite=Lax; Secure did=s%3Av0%3Ae6a58210-a8dc-11eb-94a1-8f3f66bcc03d.i0To%2BLKLU5UlCqCymQlnOV%2B1nXPvD20vApcdq4eFREE; Max-Age=31557600; Path=/; Expires=Fri, 29 Apr 2022 17:20:28 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3Ae6a58210-a8dc-11eb-94a1-8f3f66bcc03d.i0To%2BLKLU5UlCqCymQlnOV%2B1nXPvD20vApcdq4eFREE; Max-Age=31557600; Path=/; Expires=Fri, 29 Apr 2022 17:20:28 GMT; HttpOnly; Secure ak_bmsc=C230C9FB201747152E36566D41D5CC715C7B7AB5FD6C00007C968A60529B2248~ploBTPrYdAUgat9J7BNy4luv69Owdn/S5N+qUQVEQlyHQm2iBDWhM/5ZzS1SUWWQdY+qEyjZ3wv6cFyldhPsJr6Xs0q/c9Qu/CrwdaX9CwDMvGn2hoFLvMPQAyggdWio4I4rerkli5qaymJFjKw4hlAzWnyv0FZRv35Re+BnR8h+7e4OFD3fLChLrwC28pY+ER4UD9BlhWVvsegL2qY8Qlqft9PTvPwYzgyx8j2qYSa4NhWkfR8mg2oXxwwDbr7hAd; expires=Thu, 29 Apr 2021 13:20:28 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=40C52E6E4A39E91B90C7084434FEEE9E~NCo7rdbFa3JwfXAp9S5UvOlLS/lvGMsySSEl8kSVtmxUlqIbjaie5jPLsWYjLnOzkjnDFY9W+07xES/bNUbqsqhU6vg9lli7JxP0hGkSCqgdjw6s6E/CfFzQbkoYMXn7HIBz29arJcd6alu+PPvoHuYeC+GEGq+loUUIoAD2sliRXcSPBbpso0/xFZ2ipRoLcEDN9GVep1EJE+xXboePQPQxY0zDJ11W37Y1eIw63F+UmEprKqpVpw9Gel4KUJV1; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=DDE0213F46E416EE7133C218D236DD6C~YAAQtXp7XA5dqv94AQAAA9hbHQsRmuenvCkAUJvAFztxQ6SdCZKmgHKu3S85BVkGWt42mtq0Rk95CoD9VcY8u9lo4yVN7rjDmKo8NMOGru1Atkw8KGs60cLGAAKpDBOtSnGOhtPsKZgdZUW4c2tYoCYHaf/HrtBmcP0aCid8CbTg0ITZMEvmuA9zVhYEmA7JjG/oSmPr9k0Jwl4=; Domain=.newscorpaustralia.com; Path=/; Expires=Thu, 29 Apr 2021 15:20:28 GMT; Max-Age=14400; HttpOnly _abck=F35DD108C6B4AE5EE70CC38DB3F6397F~-1~YAAQtXp7XA9dqv94AQAAA9hbHQWMrtOdAKGfykpMIxicf4g/D24HJnEmMRDcPOJJxnQ09F1Qkb3AXBSfqWSjIviM0niIJWaDhvXIjl6I0WKSQb/c0dKhzRDowjarO+W4UHF5gn0jIYv2KdJMgylJWFNFo0ECgSP+TWaiNSbCcgxbez0inS5cYBKOpmEkb3zYNdmkuOJ8P8Ek+teht+jCNVHLZmf4OUJgOgaDgcl3nxQm5Zkknm2y3jqazGkAXtp197HJY6kM6s+fTGLoeV09MW3lO5pZAXCFbVwzpTWEwAel7JxnuaT3f6oYUYagpPVNEk85revMuWZQESf0ZlYn7m7rZ9Ns5MB6HzBdZ9JeKFps6McL3zhAsUTBVW5AvFpEoltgn0QhOg==~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Fri, 29 Apr 2022 11:20:28 GMT; Max-Age=31536000; Secure

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 69 KB
23 KB 271ms
43ms Script
application/x-javascript 2600:9000:20c8:da00:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c8:da00:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 59bf4920a322377c761eec2dba5b7de57b64267e82b0d3a7e9fafcfd4a954e34

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 17:30:51 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 00:06:15 GMT
server: nginx
age: 64177
etag: W/"60665ff7-11377"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 77fcce204f96e329df7227f192690939.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: CbET3PYB_xPJoFoK4_pQE6TF1YDgreQwVJqBLPS6L04oRVu9ToFiAA==
expires: Thu, 29 Apr 2021 17:30:51 GMT

GET
H2 200 metrics.js Show response
tags.news.com.au/prod/metrics/ 177 KB
61 KB 80ms
79ms Script
application/x-javascript 184.30.20.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/metrics/metrics.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 82ef85db9124f8188c2c8c03a4ad9a0918591f752994d8ec228331c715ecac86

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:28 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "6865f68a18babd10a2b682180ae91370:1618193209.579457"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=66411
content-type: application/x-javascript

GET
H2 200 tad.js Show response
tags.news.com.au/prod/tad/ 99 KB
29 KB 88ms
88ms Script
application/x-javascript 184.30.20.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/tad/tad.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2b23e426180b375a90ef49bce5c63b7b251f0fccc97f1dff3d00aa473dda857f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:28 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "0478954be2f30a1d640ba571e85c8eab:1619404494.178138"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=29003
content-type: application/x-javascript
content-length: 29556

GET
H3-29 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 63 KB
21 KB 31ms
31ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

aa83dc638afedd06f205feb524a389728e08c30870f6abfcca043f03d52f2f5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "856 / 173 of 1000 / last-modified: 1619694582"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21253
x-xss-protection: 0
expires: Thu, 29 Apr 2021 11:20:28 GMT

GET
H2 200 prebid.js Show response
tags.news.com.au/prod/prebid/ 382 KB
114 KB 177ms
176ms Script
application/x-javascript 184.30.20.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/prebid/prebid.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: efcd038fff3becbe148fefb893ed26081fd0d8e7293fcd49d470c13fcd522e02

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:28 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "fb921cb139744e2aabd21ff0559deaa9:1617770917.60892"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=28644
content-type: application/x-javascript

GET
H2 200 nielsen.js Show response
tags.news.com.au/prod/nielsen/ 31 KB
10 KB 67ms
66ms Script
application/x-javascript 184.30.20.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d12bc99bfc62565d0c24be17237169bcdf2d539a9e1bf68e242376677877a955

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:28 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "2c430f5c68fab5d8e3c6d4cee439c000:1619608128.464907"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=77119
content-type: application/x-javascript
content-length: 10442

GET
H2

200

v60.js Show response
cdn-gl.imrworldwide.com/
Redirect Chain

https://secure-gl.imrworldwide.com/v60.js
https://cdn-gl.imrworldwide.com/v60.js

21 KB
7 KB

47ms
45ms

Script
application/javascript

2600:9000:20c8:e200:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/v60.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c8:e200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 75481bc06d1b02e50fd1cc921a7838e3af6caa9b8c0745b50182ebf29f195e20

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: .KrDWJ6YcsmnfI6j8sx8eWw9CjCealBE
content-encoding: gzip
etag: W/"cc7339d315e5ab16597dd66d153a0e7e"
last-modified: Mon, 12 Oct 2020 13:35:53 GMT
server: AmazonS3
age: 36290
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 2ae7e0c53833032779e8c2554653673b.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Thu, 29 Apr 2021 01:15:39 GMT
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: aY0mhni0NsMByXM5mWQsPKWmWHj0W4Mtmr4OCYNAAeaDQQ2dBFUGMA==

Redirect headers

date: Thu, 29 Apr 2021 11:20:28 GMT
via: 1.1 a79264f1781916a9abe8d5b96e40a058.cloudfront.net (CloudFront)
server: awselb/2.0
x-amz-cf-pop: MAD50-C1
x-cache: Miss from cloudfront
content-type: text/html
location: https://cdn-gl.imrworldwide.com:443/v60.js
content-length: 134
x-amz-cf-id: 3nvJw6SJtRW2SBNXfgbvxUlLNLFI93P_RcqfQssrDWIlEBuvMylzuw==

GET
H/1.1 200
OK ncg.js Show response
au.tags.newscgp.com/prod/ncg/ 155 KB
48 KB 261ms
52ms Script
text/javascript 13.224.106.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.106.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-106-86.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89868194e8809928df37974211d2477ad0723d6aee71386fb438b3e939eb5bce

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 11:07:08 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 16 Dec 2020 00:19:19 GMT
Server: AmazonS3
Age: 802
ETag: W/"a0ed145148d17426a72696cecfa585ae"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 52523006e1ee5c08eea6e9267e18fabf.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
Transfer-Encoding: chunked
X-Amz-Cf-Pop: MAD50-C1
X-Amz-Cf-Id: AIznlUrbMVa9msBqnBZFTlP35QWFR8IDaHZrw02Jlmc6jzjL0xrR6A==

GET
H2 200 2988.js Show response
script.crazyegg.com/pages/scripts/0018/ 4 KB
2 KB 39ms
18ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0018/2988.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fd1737f4343dbfc7a9b915eaf41e30b6f114d254d7043d13b4faa370a36589c

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:28 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 63806
cf-polished: origSize=4157
ce-version: 11.1.277
cf-request-id: 09bef4ee7500004e9dc88ab000000001
timing-allow-origin: *
last-modified: Wed, 28 Apr 2021 17:37:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
cf-ray: 6478242a58244e9d-FRA
cf-bgj: minify

GET
H2 200 utag.985.js Show response
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 2 KB
1 KB 26ms
26ms Script
application/x-javascript 23.79.152.104
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.985.js?utv=ut4.46.201911200449
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.152.104 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-152-104.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d5ba954163b526260314b95b75779981e8bc6645c4b3a7bd40cede3ba2799c80

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:28 GMT
content-encoding: gzip
last-modified: Wed, 20 Nov 2019 04:49:47 GMT
server: AkamaiNetStorage
etag: "a2af0d00bb0e150c0e6e47d44b9436d7:1574225387.905732"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 900
expires: Fri, 14 May 2021 11:20:28 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210426/r20110914/elements/html/ 8 KB
3 KB 49ms
45ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210426/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=158140238899.76703?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:18:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 May 2021 11:18:55 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ 0
528 B 227ms
64ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst1lH3kU4yKrWncHJkUkuknj8b6djddjW21vGSo4rOqTZsQbEevyLtgmrUpGv673goh3XF0YnAVDog_C4L-d5uMPLn4L0T-59GPdwu9my32G9SbnADu7rvXD81CJtx1UMF9mux7cnOzJxuO_1Cr8g&sig=Cg0ArKJSzKxlD2FIP8inEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20210426.21379&adurl=

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=158140238899.76703?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Thu, 29 Apr 2021 11:20:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 283cbd4
login.newscorpaustralia.com/akam/11/ Frame 372A 32 KB
0 104ms
101ms Script
application/javascript 104.117.204.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://login.newscorpaustralia.com/akam/11/283cbd4
Requested by: Host: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=yvV1g4Il8A9Nvr1v1jYdVnsFfCdA4VTw&nonce=iX5h8F_M~AtbOqO-X1wVNcdSJ48Nn89w&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.117.204.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=yvV1g4Il8A9Nvr1v1jYdVnsFfCdA4VTw&nonce=iX5h8F_M~AtbOqO-X1wVNcdSJ48Nn89w&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 11:20:28 GMT
content-encoding: gzip
last-modified: Thu, 02 May 2019 20:02:31 GMT
etag: "ae0f15ea4c598d1159d8cb52017aa8c332a6e9daccb1f872ba760ecc4739c6af"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
content-length: 10427
expires: Thu, 29 Apr 2021 11:20:28 GMT

GET
H2 200 d5396764f25ti17991ecfa342459f501b
login.newscorpaustralia.com/staticweb/ Frame 372A 73 KB
0 31ms
31ms Script
application/javascript 104.117.204.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://login.newscorpaustralia.com/staticweb/d5396764f25ti17991ecfa342459f501b
Requested by: Host: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=yvV1g4Il8A9Nvr1v1jYdVnsFfCdA4VTw&nonce=iX5h8F_M~AtbOqO-X1wVNcdSJ48Nn89w&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.117.204.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=yvV1g4Il8A9Nvr1v1jYdVnsFfCdA4VTw&nonce=iX5h8F_M~AtbOqO-X1wVNcdSJ48Nn89w&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:28 GMT
content-encoding: gzip
last-modified: Tue, 16 Feb 2021 22:20:44 GMT
etag: "77ab0fb0bef6d3471b849a9e26e339e68a4c60a0a2f5d2cf6ab40c38bc1b0875"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=21600
content-length: 18915

GET
H3-29 200 pubads_impl_2021042701.js Show response
securepubads.g.doubleclick.net/gpt/ 301 KB
106 KB 36ms
28ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js?31060934

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

2153bfd5d9e4c4a96b2e193d68e9a326dd0b568fe26df1b0805a7ca365e7a2f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 27 Apr 2021 08:39:48 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108684
x-xss-protection: 0
expires: Thu, 29 Apr 2021 11:20:28 GMT

GET
H2 404 undefined
www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/ 0
0 1457ms
1455ms Script
text/html 184.30.20.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/undefined

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

:path: /news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/undefined
pragma: no-cache
cookie: nk=3666cdfc7660594aef65df7a3139405a; lux_uid=161969522646533581; AWSALB=t7C0uGD7G6ZG7pdSvASJl6F2ztfmjpOgOsjQkPNWmr5YNvRAIRL/gqy1dnDA2X+iM/4TB5i6/JlkNSae4qn+leUO/hVS8Pln2nrSCYYIYfHpVg9kaNVLRAHwNtTi; AWSALBCORS=t7C0uGD7G6ZG7pdSvASJl6F2ztfmjpOgOsjQkPNWmr5YNvRAIRL/gqy1dnDA2X+iM/4TB5i6/JlkNSae4qn+leUO/hVS8Pln2nrSCYYIYfHpVg9kaNVLRAHwNtTi; n_regis=123456789; utag_main=v_id:01791d5bd50a0003648931f8ac6500072012906a00b08$_sn:1$_se:1$_ss:1$_st:1619697028205$ses_id:1619695228205%3Bexp-session$_pn:1%3Bexp-session
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.heraldsun.com.au
referer: https://www.heraldsun.com.au/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
x-rq: ewr4 116 88 3274
server: nginx
date: Thu, 29 Apr 2021 11:20:30 GMT
vary: User-Agent Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
cache-control: max-age=59
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fworld%2fflight-ban-loophole-stranded-australians-could-return-from-india-via-china%2fvideo%2fundefined&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=undefined&session=3666cdfc7660594aef65df7a3139405a
set-cookie: AWSALB=6uRwUnz/rhc31Dg2k/goGayXEFnd2VMVv1Z+hcMIJV4uHIZBqLK/uXsb7C0V7I0UDpTpEp9QXK6a+134MZ8ydrrrj8k9rZu7OCoCokZ+DYQAGnUImL/FKzc0wJCN; Expires=Thu, 06 May 2021 11:20:29 GMT; Path=/ nk=3666cdfc7660594aef65df7a3139405a; expires=Sun, 28 Apr 2024 11:20:30 GMT; path=/; domain=heraldsun.com.au; SameSite=None; Secure; AWSALBCORS=6uRwUnz/rhc31Dg2k/goGayXEFnd2VMVv1Z+hcMIJV4uHIZBqLK/uXsb7C0V7I0UDpTpEp9QXK6a+134MZ8ydrrrj8k9rZu7OCoCokZ+DYQAGnUImL/FKzc0wJCN; Expires=Thu, 06 May 2021 11:20:29 GMT; Path=/; SameSite=None; Secure
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Thu, 29 Apr 2021 11:21:29 GMT

GET
H2 200 ebOneTag.js Show response
secure-ds.serving-sys.com/SemiCachedScripts/ 52 KB
16 KB 128ms
35ms Script
application/javascript 104.111.247.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.247.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-247-190.deploy.static.akamaitechnologies.com
Software: / ARR/2.5
Resource Hash: 560ff2564fbf2bef305cf0e9533c4db2671c96297d978fd31ac0310727fe455f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:29 GMT
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 15:15:57 GMT
server
x-powered-by: ARR/2.5
etag: "84a7fce7aaabd61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=636
accept-ranges: bytes
content-length: 15848

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
202 B 34ms
24ms Script
application/x-javascript 23.79.152.104
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsltd/hwt/202104140349&cb=1619695228910
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.152.104 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-152-104.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:28 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Thu, 29 Apr 2021 11:30:28 GMT

GET
H2 200 2988.json Show response
script.crazyegg.com/pages/data-scripts/0018/ 23 KB
2 KB 66ms
31ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0018/2988.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0018/2988.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c71bb0243faefdec4fe567ed09ef67e642b6916c541f9a3ae45943dcea303a63

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:28 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 63825
ce-version: 11.1.277
content-length: 1694
cf-request-id: 09bef4f02400000ea707313000000001
timing-allow-origin: *
last-modified: Wed, 28 Apr 2021 17:36:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 6478242d098c0ea7-FRA

GET
H2 200 ggcmb510.js Show response
seccdn-gl.imrworldwide.com/novms/js/2/ 12 KB
5 KB 621ms
40ms Script
application/javascript 2600:9000:20c8:2000:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://seccdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Requested by: Host: tags.news.com.au
URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c8:2000:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: awop4bw815fX3F1gPbLIGAG5OGZsmvI1
content-encoding: gzip
etag: W/"afa0d379b1e6e0a61fad577d0043ff26"
last-modified: Mon, 26 Apr 2021 14:08:25 GMT
server: AmazonS3
age: 3184
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 9bac09758c086d613f2c0a80dd66c7a6.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Thu, 29 Apr 2021 10:27:26 GMT
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: 8CWMSbA_9nwxn5S13DJAxiziSiogwUtmlvqhlHgxvB0VkjsZ6maB1Q==

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1619695229081
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1619695229081

5 KB
2 KB

42ms
42ms

XHR
application/json

54.171.219.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1619695229081

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.219.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

934cd820e36c97c76996e26acbba9ade6f32b3188b0b21372800c2d5f3ced373

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcscanary-prod-irl1-1-v012-0057b304a.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: QqPhvXZmRtk=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.heraldsun.com.au
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1548
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v005-09a759ea6.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://www.heraldsun.com.au
X-TID: AY8/ZGIDSnU=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1619695229081
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK iasPET.1.js Show response
cdn.adsafeprotected.com/ 22 KB
7 KB 273ms
51ms Script
application/javascript 13.224.106.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adsafeprotected.com/iasPET.1.js
Requested by: Host: tags.news.com.au
URL: https://tags.news.com.au/prod/tad/tad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.106.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-106-11.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 54138d578ed166d5381db70b3dd14a16830233553b6e4213402bae2fdb0564b4

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 05:56:18 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 08 Jul 2020 20:34:30 GMT
Server: AmazonS3
Age: 451452
ETag: W/"a8663f72a1dbe614b19f167a59af368d"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 4f1fb18f52f7f3f86e0c73a59088e8ad.cloudfront.net (CloudFront)
Cache-Control: max-age=604800
Transfer-Encoding: chunked
X-Amz-Cf-Pop: MAD50-C1
X-Amz-Cf-Id: 6ZjQ4EVE0iamjvr4Yt4COQjxlzhePLuBKckOMw3X77nn_egBIJV6JA==

GET
H2 200 ping
ping.chartbeat.net/ 43 B
169 B 918ms
108ms Image
image/gif 3.224.220.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2Fnews%2Fworld%2Fflight-ban-loophole-stranded-australians-could-return-from-india-via-china%2Fvideo%2F7f175ae8351e9890b5f064c5486dee57&u=_15toCawZARCYj9Ag&d=heraldsun.com.au&g=36976&g0=news%2Cworld%2Cvideo&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=2045&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=7451&t=CzNNECBpps4mmgTNUDN12c_50a-9&V=126&i=Flight%20Ban%20Loophole%3A%20Stranded%20Australians%20could%20return%20from%20India%20via%20China%20%7C%20Herald%20Sun&tz=-120&_acct=anon&sn=1&sv=TH6R0CXOjO-SVZjEDuVXWkC3466m&sd=1&im=06530c42&_
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.220.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-220-79.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 11:20:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 gdpr_user_check.esi Show response
tags.news.com.au/prod/data-esi/top/ 61 B
359 B 562ms
497ms XHR
text/plain 184.30.20.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi?
Requested by: Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AkamaiGHost /
Resource Hash: 0d65919743905ca954e12255f116be6594f5c6ec20fab63ad2295ae71da41658

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 11:20:30 GMT
server: AkamaiGHost
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
etag: "f1d1adc077c1f1f826a151ee3db530bc:1600839199.327003"
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=0, no-cache
content-length: 61
mime-version: 1.0
expires: Thu, 29 Apr 2021 11:20:30 GMT

GET
H2 200 11.1.277.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 61 KB
20 KB 14ms
14ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.277.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0018/2988.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41c2ed4f30212356ab3a8c6a25d17ade4f4bfd15da0d5f852d5bba836071ee1d

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:29 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 63830
cf-ray: 6478243249bf4e9d-FRA
content-length: 20689
cf-request-id: 09bef4f36a00004e9d4f227000000001
last-modified: Mon, 19 Apr 2021 13:00:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *

GET 283cbd4
login.newscorpaustralia.com/akam/11/ Frame 9519 0
0

GET d5396764f25ti17991ecfa342459f501b
login.newscorpaustralia.com/staticweb/ Frame 9519 0
0

GET
H3-29 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 14 KB
6 KB 23ms
22ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js?31060934

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 10:35:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2687
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5863
x-xss-protection: 0
server: cafe
etag: 12453517290502062038
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 29 Apr 2021 11:35:42 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ 44 B
492 B 72ms
72ms Image
image/gif 2600:9000:20c8:2600:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1619695230011&ci=newscorp&js=1&cg=0&ts=ggng510.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fworld%2Fflight-ban-loophole-stranded-australians-could-return-from-india-via-china%2Fvideo%2F7f175ae8351e9890b5f064c5486dee57%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A&sr=1600x1200&tz=2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c8:2600:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 11:20:30 GMT
via: 1.1 a79264f1781916a9abe8d5b96e40a058.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: MAD50-C1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 44
x-amz-cf-id: qQXr26CZbujXXJ35foFmEeolrzvSNDo8CjbspX3ok0s-fbvslz3Ifw==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET 283cbd4
login.newscorpaustralia.com/akam/11/ Frame F039 0
0

GET d5396764f25ti17991ecfa342459f501b
login.newscorpaustralia.com/staticweb/ Frame F039 0
0

GET
H2 200 6630 Show response
secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/ 16 KB
1 KB 190ms
146ms XHR
application/octet-stream 104.111.247.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/6630
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.247.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-247-190.deploy.static.akamaitechnologies.com
Software: ATS/7.1.0 /
Resource Hash: 584ebca28b361c3381c686b75b71c2cb4cdc074bc0ba6e44980c9db33c5cdf1c

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: wNcZVqk5y.Y6LUl0L8PK4xYsYrqrcsAQ
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 03:28:57 GMT
server: ATS/7.1.0
x-amz-request-id: 9SXCG9AF7TZDXKC9
etag: "14ead9bc02aa8f3cf645cfb425ed68e2"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=557
date: Thu, 29 Apr 2021 11:20:30 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 1179
x-amz-id-2: qODc3EVBxwWnUAdpAcEznlFoZUk4IKA2wyvb2jU7EwliWGb84PPp49dZ0r4oqpJsi4U9cUkyWFM=

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 487 B
724 B 301ms
58ms XHR
application/json 52.212.39.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=10507&slot=%7Bid:ad-block-728x90-1,ss:%5B728.90,970.250,970.50,1000.100%5D,p:/5129/ndm.hwt/news/world,t:display%7D&slot=%7Bid:ad-block-728x90-2,ss:%5B728.90%5D,p:/5129/ndm.hwt/news/world,t:display%7D&slot=%7Bid:ad-block-1000x50-1,ss:%5B1000.50,728.1%5D,p:/5129/ndm.hwt/news/world,t:display%7D&slot=%7Bid:ad-out-of-page,ss:%5B1.1%5D,p:/5129/ndm.hwt/news/world,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=35723906-7a0c-8321-c255-2f646d6ea367&url=https%253A%252F%252Fwww.heraldsun.com.au%252Fnews%252Fworld%252Fflight-ban-loophole-stranded-australians-could-return-from-india-via-china%252Fvideo%252F7f175ae8351e9890b5f064c5486dee57%253F_hsmi%253D88974744%2526_hsenc%253Dp2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.39.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: beb4c65cc6eb5fd3cea2c6536abe63fd785c464c8b9e6726345a631abb09a253

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:30 GMT
x-server-name: app01.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.heraldsun.com.au
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H/1.1 200
OK dest5.html Show response
newscorpau.demdex.net/ Frame 3B78 7 KB
3 KB 37ms
36ms Document
text/html 34.250.160.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://newscorpau.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.250.160.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-250-160-147.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: newscorpau.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.heraldsun.com.au/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=62712787246089695341903357176415147018
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Thu, 29 Apr 2021 11:20:30 GMT
DCS: dcs-prod-irl1-1-v005-05601908e.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Thu, 22 Apr 2021 14:22:49 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: DXXCMCFYQ/4=
Content-Length: 2791
Connection: keep-alive

GET
H2 200 id Show response
metrics.heraldsun.com.au/ 48 B
515 B 279ms
48ms XHR
application/x-javascript 15.237.76.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.heraldsun.com.au/id?d_visid_ver=5.1.1&d_fieldgroup=A&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&mid=62691552738218542441901249118853465360&ts=1619695230067

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.76.117 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

jag /

Resource Hash

7e743ee5604b35eed07460f0341a4c14abf89383be184ba66b0f4ed7092d8358

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 29 Apr 2021 11:20:30 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-5db677d464-wt2r5
vary: Origin
x-c: main-1455.Icbb9a9.M0-487
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.heraldsun.com.au
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YIqWfgAAAGryFh0T
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=62712787246089695341903357176415147018
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YIqWfgAAAGryFh0T

42 B
975 B

49ms
44ms

Image
image/gif

54.171.219.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YIqWfgAAAGryFh0T

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.219.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v005-0b6b2a50a.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Q9UUg9afQ6w=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YIqWfgAAAGryFh0T
Date: Thu, 29 Apr 2021 11:20:30 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1 200 Serving Show response
bs.serving-sys.com/ 8 KB
3 KB 129ms
28ms Script
text/html 80.252.91.52
EQUINIX-CONNECT

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?cn=ot&onetagid=6630&dispType=js&sync=0&sessionid=7196449317658351040&pageurl=$$https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fworld%2Fflight-ban-loophole-stranded-australians-could-return-from-india-via-china%2Fvideo%2F7f175ae8351e9890b5f064c5486dee57%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A$$&activityValues=$$Session%3D4487574324853168342$$&ns=0&rnd=38427438171587713
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 80.252.91.52 Amsterdam, Netherlands, ASN15830 (EQUINIX-CONNECT, GB),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 1bae72b24c4dc7c338fe0b17dbae4f14923d0c8e466478584904d76dd024ae4e

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Apr 2021 11:20:30 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
P3P: CP="NOI DEVa OUR BUS UNI"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
Content-Type: text/html; charset=UTF-8
Content-Length: 2361
Expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 283cbd4
login.newscorpaustralia.com/akam/11/ Frame 6EFD 32 KB
0 36ms
36ms Script
application/javascript 104.117.204.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://login.newscorpaustralia.com/akam/11/283cbd4
Requested by: Host: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=Mw7e3ekr8FEjMxpZ7QHh92CEfn.Thk4M&nonce=xS8k_1SfHVK4BgEac-Ym9rNN9iEwGrrQ&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.117.204.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=Mw7e3ekr8FEjMxpZ7QHh92CEfn.Thk4M&nonce=xS8k_1SfHVK4BgEac-Ym9rNN9iEwGrrQ&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNS4wIn0%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 11:20:30 GMT
content-encoding: gzip
last-modified: Thu, 02 May 2019 20:02:31 GMT
etag: "ae0f15ea4c598d1159d8cb52017aa8c332a6e9daccb1f872ba760ecc4739c6af"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
content-length: 10427
expires: Thu, 29 Apr 2021 11:20:30 GMT

GET d5396764f25ti17991ecfa342459f501b
login.newscorpaustralia.com/staticweb/ Frame 6EFD 0
0

GET
H2 200 2988.json Show response
script.crazyegg.com/pages/sampling-data-scripts/0018/ 2 KB
687 B 18ms
18ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/sampling-data-scripts/0018/2988.json?t=449915
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.277.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f16700069432eebd2ad701c93d2530f8599def7ff5630afffb562135e8158d4d

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:30 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 63826
ce-version: 11.1.277
content-length: 545
cf-request-id: 09bef4f55d00000ea707367000000001
timing-allow-origin: *
last-modified: Wed, 28 Apr 2021 17:36:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 647824356e9f0ea7-FRA

GET
H3-29 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
122 B 19ms
19ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=www.heraldsun.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js?31060934

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Apr 2021 11:20:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 30ms
27ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.heraldsun.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js?31060934

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Apr 2021 11:20:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 91 KB
15 KB 82ms
71ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1894474523624106&correlator=3299212469954247&output=ldjh&impl=fifs&hxva=1&scor=3129897557964351&eid=31060790%2C31060805%2C31060853%2C31060934%2C31060735%2C31060824&vrg=2021042701&ptt=17&co=1&npa=1&sc=1&sfv=1-0-38&ecs=20210429&iu_parts=5129%2Cndm.hwt%2Cnews%2Cworld&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x250%7C970x50%7C1000x100%2C728x90%2C1000x50%7C728x1%2C1x1&ists=1&prev_scp=pos%3D1%26id%3De7f92b7b-a8dc-11eb-b065-06d8cca89c2a%7Cpos%3D2%26id%3De7f92b7c-a8dc-11eb-b065-06d8cca89c2a%7Cpos%3D1%26id%3De7f92b7d-a8dc-11eb-b065-06d8cca89c2a%7Cpos%3D1%26id%3De7f92b7e-a8dc-11eb-b065-06d8cca89c2a&eri=1&cust_params=tts%3Dn%26ttm%3Dn%26us%3Db%26s%3D0%26co%3D1%26kw%3Dworld%252Cfblink%252Cmsn%252Cyt%26nk%3D3666cdfc7660594aef65df7a3139405a%26sec1%3Dnews%26sec2%3Dworld%26ksgmnt%3D%26siteview%3D1%26pagetype%3Dvideo%26adl%3Dfalse%26pvid%3D3666cdfc7660594aef65df7a3139405a-00000000000000000000000000000000-1619695228531-250176%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_7246_1381_KW%252CIAS_UNSCORED_PG%252CIAS_2400_KW&bc=31&abxe=1&lmt=1619695230&dt=1619695230385&dlt=1619695225603&idt=4342&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C176%2C176%2C0&adys=28%2C1395%2C1395%2C2045&adks=1100797267%2C3515214096%2C3874656686%2C1841232903&ucis=1%7C2%7C3%7C4&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fworld%2Fflight-ban-loophole-stranded-australians-could-return-from-india-via-china%2Fvideo%2F7f175ae8351e9890b5f064c5486dee57%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x134%7C1248x0%7C1248x0%7C1600x2045&msz=728x133%7C728x90%7C1000x50%7C1x1&ga_vid=727219169.1619695230&ga_sid=1619695230&ga_hid=1031260970&ga_fc=false&fws=640%2C128%2C128%2C128&ohw=0%2C0%2C0%2C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js?31060934

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

8024e11d5a6da8022ae25c2c3fac4f9bb196797f2e3c321e81e0b32616879b36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
google-lineitem-id: 4682990628,4682990628,4682990628,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138234025461,138234025560,138234082178,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.heraldsun.com.au
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
314136f7d2069e6b08b01259fb3cb15c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 103ms
14ms Other
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://314136f7d2069e6b08b01259fb3cb15c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js?31060934
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 26ms
14ms Other
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js?31060934
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 5 KB
2 KB 43ms
42ms XHR
application/json 54.171.219.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=62691552738218542441901249118853465360&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=newsnkidcookie%013666cdfc7660594aef65df7a3139405a%011&ts=1619695230464

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.219.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a59240fc489edb9b958a8d4ba2c00f23bfe3d00c6af60f98c8796524caaff164

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v005-00de1037c.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: lR0ynZkcSSw=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.heraldsun.com.au
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1547
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 glcfg510.js Show response
cdn-gl.imrworldwide.com/novms/js/2/configs/ 2 KB
1 KB 41ms
38ms Script
application/javascript 2600:9000:20c8:e200:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/configs/glcfg510.js
Requested by: Host: seccdn-gl.imrworldwide.com
URL: https://seccdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c8:e200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: S0YB6kAYssL9l.8rI77ZpuhcGkmwj8iw
content-encoding: gzip
etag: W/"931051f801612c3a0e2782961ac3d56c"
last-modified: Mon, 26 Apr 2021 14:08:25 GMT
server: AmazonS3
age: 2222
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 2ae7e0c53833032779e8c2554653673b.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Thu, 29 Apr 2021 10:43:29 GMT
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: v4YGtxe05OSPVxh0WlJkLD8jDsrexCY0tBAIXCQfI8E0k1zPx--ASg==

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 92C3 0
0 67ms
64ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv8-8Rd-co5Z74Ot5tiVfvkqKg9Bf893Ri_mCA9hxvAibLuFhJp9UvRCas5Pc3nvvFmMr1R8Egmnj8QVT9YhoNLd9iF5zw6uuLk779lNCWKumtCaUNp8GKPcDnheEXQkapUFzNYXYiOwNiQi4fpu5JDkahW6y6SH-6h2jJFcDyTzcYsj2Nk_T_kWduQelhoVkdZC0WGj4U2MoIiL1yvCR36V0kJzIqryA5nf9Y9bTzthSlOhM76YGgOUiWLMLZK2mTfhlXjJ9X24MOs1x5FjlZg4N1ILo4Lj1n8yTRpKmr61-PgUtyU4udkVA&sai=AMfl-YQ23Q22Th9eRFewgSMY8w4oR3e92YCowPMrGCp0tx0JYVMtGQNH5ziABlEf-BLTLulNBR5Mb1pPXHfG&sig=Cg0ArKJSzCbG7mfo3J8REAE&adurl=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Apr 2021 11:20:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/ Frame 92C3 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js?31060934

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0fad38c04932f3e71581d5ca798b326778fc0e54e3823de3b0f9eddbef0892e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:15:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 303
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 12352184217982932987
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 May 2021 11:15:28 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/ Frame 92C3 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js?31060934

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 May 2021 11:19:21 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 92C3 116 KB
35 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js?31060934

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

258467714b990f7336f9d25902acb907cdb0cc27261bb2645e862d547b2198da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619631691980669"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36080
x-xss-protection: 0
expires: Thu, 29 Apr 2021 11:20:31 GMT

GET
H3-29 200 7114969398400660195
tpc.googlesyndication.com/simgad/ Frame 92C3 68 B
97 B 8ms
6ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7114969398400660195

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js?31060934

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 20:58:03 GMT
x-content-type-options: nosniff
age: 138148
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 23 May 2018 07:39:36 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 20:58:03 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame DEDF 0
0 60ms
56ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuMgmKI5Sz7XqllvH-snejxOycp4fB_YTi-Yw2wWTYGBSkc4IEVJDS4HXFZVcQ8hUS-_3-3iIMrkQnGHi-JDox5ZWAxCXrnxxBMwP0TI7buOI42jtX0UODFl-c8hr7Lr1UEsO_QlRPC0foX-yTw4Y4qnZvkgs134xLmvSkBpjs16KT92zyqsM8fDishLauVA36R53VTkLqd5yQY2HMDMUIQbhagVCxdEZ5omLFUF43wLpdCIE4cMrCXKCEW4G1qcqeqtds1ZS-3WGbUQbOXNvDFPXqzLJDlktptc1tFofkFEac0nFcJ4xFiCg&sai=AMfl-YQ0tzHy8pUd7SsG9khuFcVsabDXTJDppout4U4TIboRnV_3ElBClhVAuEaUXYxXcd0VTQ-QBmMNL6pP&sig=Cg0ArKJSzIhMfugMN9QqEAE&adurl=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Apr 2021 11:20:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 7114969398400660195
tpc.googlesyndication.com/simgad/ Frame DEDF 68 B
97 B 8ms
6ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7114969398400660195

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js?31060934

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 20:58:03 GMT
x-content-type-options: nosniff
age: 138148
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 23 May 2018 07:39:36 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 20:58:03 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/ Frame DEDF 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js?31060934

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0fad38c04932f3e71581d5ca798b326778fc0e54e3823de3b0f9eddbef0892e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:15:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 303
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 12352184217982932987
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 May 2021 11:15:28 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/ Frame DEDF 2 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js?31060934

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 May 2021 11:19:21 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DEDF 116 KB
35 KB 35ms
17ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js?31060934

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

258467714b990f7336f9d25902acb907cdb0cc27261bb2645e862d547b2198da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619631691980669"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36080
x-xss-protection: 0
expires: Thu, 29 Apr 2021 11:20:31 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame DEDF 0
0 31ms
18ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSp7pigMwRXclvKnt--9MG6go2rADSOdMnzYYaAkbQ1rDF_yyWoqSHL8XMCeo8Uw_epM0LD
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js?31060934
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js?31060934

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c76a6cc9369273b7e5f07285be49006b00775eefeefd725334e4235c4c29c9cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619631702402874"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28201
x-xss-protection: 0
expires: Thu, 29 Apr 2021 11:20:31 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ Frame 2BB0 4 KB
2 KB 164ms
48ms Script
application/x-javascript 13.224.114.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.114.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-114-214.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 05:57:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 19397
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 1ae38585ee28c81ff103c9adf137d5ac.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: MAD50-C1
X-Amz-Cf-Id: uu1OYOKsT9J-dghiGcuxsASym5mCv-IAoZ-lqTOc5NYUFjSV1laxbw==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ Frame 8BA3 5 KB
2 KB 105ms
30ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VW3ZY_1xNv-SW12H5KG7LKpqxW6fpr4J4q-ky7N7TcW1B4Zc_rV3Zsc37CgYckW8fh7lR7PMzSWW4KzQFc6M3tZFN1zcNW2GSq4pW4J0FNF5rfb2cVLgW6g9jwnYVW8nZzwX1V9-jJW8b18YD4Wd7-JV7SLb01X3HqzW15M_-75XDkjvW7z44Zb8tD4V6W3F00XG8Rhx0lV8165D7_21QBW7T4vh241mz43W4mbhQn5NLwrCW3C0Cgm1fR_NqW1FfM8h6nQWQ1N3zbjZnvJ-3JW7DBwnY1nFVTqW4-LzcX3XV8-8V3kSMk6pW3jcW9dhHb55-n_JdW5w61T73yDptsW28CkSL1_gZpVW1JvQfV17LXrcVp7n0M3CfRJpW93ZRhd6jK19sW3KBkv86Hm5VQW88x6vZ5fTyGYW7s97rB98NG-0W32yc8R8n-x0vW4d37Yg5WXFL3W4X6R4k3gcx4kW14TphH6Qt9BqW8DXZN65VMywM3hRk1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:31 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 37738
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1619695231.260845,VS0,VE0
x-served-by: cache-hhn11539-HHN

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame E6E5 4 KB
2 KB 48ms
12ms Script
application/x-javascript 2a02:26f0:6c00:287::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VW3ZY_1xNv-SW12H5KG7LKpqxW6fpr4J4q-ky7N7TcW1B4Zc_rV3Zsc37CgYckW8fh7lR7PMzSWW4KzQFc6M3tZFN1zcNW2GSq4pW4J0FNF5rfb2cVLgW6g9jwnYVW8nZzwX1V9-jJW8b18YD4Wd7-JV7SLb01X3HqzW15M_-75XDkjvW7z44Zb8tD4V6W3F00XG8Rhx0lV8165D7_21QBW7T4vh241mz43W4mbhQn5NLwrCW3C0Cgm1fR_NqW1FfM8h6nQWQ1N3zbjZnvJ-3JW7DBwnY1nFVTqW4-LzcX3XV8-8V3kSMk6pW3jcW9dhHb55-n_JdW5w61T73yDptsW28CkSL1_gZpVW1JvQfV17LXrcVp7n0M3CfRJpW93ZRhd6jK19sW3KBkv86Hm5VQW88x6vZ5fTyGYW7s97rB98NG-0W32yc8R8n-x0vW4d37Yg5WXFL3W4X6R4k3gcx4kW14TphH6Qt9BqW8DXZN65VMywM3hRk1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:287::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 11:20:31 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
X-Check-Cacheable: YES
Cache-Control: max-age=23124
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame ADCF 84 KB
33 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-707564276

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

05e5e49dd09f014c070252984aa34bb32917ff372e6e1c0f5db8bbc2c6cf3753

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:31 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34149
x-xss-protection: 0
last-modified: Thu, 29 Apr 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 29 Apr 2021 11:20:31 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ Frame B16B 4 KB
2 KB 150ms
51ms Script
application/x-javascript 13.224.114.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.114.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-114-214.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 05:57:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 19397
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 8aa451f83e0a7ce3b7e0bc3b04314535.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: MAD50-C1
X-Amz-Cf-Id: Q50F5TPrkcE6ff3e1YuVoQrkUAAv5ckW7dGsWaETem29xANFHEr0gg==

GET
H/1.1 200
OK pixie.js Show response
acdn.adnxs.com/dmp/up/ Frame 0CE8 7 KB
3 KB 85ms
23ms Script
application/javascript 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/up/pixie.js
Requested by: Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VW3ZY_1xNv-SW12H5KG7LKpqxW6fpr4J4q-ky7N7TcW1B4Zc_rV3Zsc37CgYckW8fh7lR7PMzSWW4KzQFc6M3tZFN1zcNW2GSq4pW4J0FNF5rfb2cVLgW6g9jwnYVW8nZzwX1V9-jJW8b18YD4Wd7-JV7SLb01X3HqzW15M_-75XDkjvW7z44Zb8tD4V6W3F00XG8Rhx0lV8165D7_21QBW7T4vh241mz43W4mbhQn5NLwrCW3C0Cgm1fR_NqW1FfM8h6nQWQ1N3zbjZnvJ-3JW7DBwnY1nFVTqW4-LzcX3XV8-8V3kSMk6pW3jcW9dhHb55-n_JdW5w61T73yDptsW28CkSL1_gZpVW1JvQfV17LXrcVp7n0M3CfRJpW93ZRhd6jK19sW3KBkv86Hm5VQW88x6vZ5fTyGYW7s97rB98NG-0W32yc8R8n-x0vW4d37Yg5WXFL3W4X6R4k3gcx4kW14TphH6Qt9BqW8DXZN65VMywM3hRk1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3883ff2a5b46193da5464f5ae5fb94169d1361cfecedbd187439d459dc669f31

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 11:20:31 GMT
Content-Encoding: gzip
Age: 56444
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 2601
X-Served-By: cache-lga13622-LGA, cache-hhn4048-HHN
Access-Control-Allow-Origin: *
Last-Modified: Thu, 14 May 2020 21:04:36 GMT
Server: nginx/1.13.10
X-Timer: S1619695231.319846,VS0,VE0
ETag: W/"5ebdb264-1cfb"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Thu, 10 Dec 2020 19:35:03 GMT
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 1, 17416

GET
H3-29

200

activityi;dc_pre=COyrn_eqo_ACFVq3ewodHrsDBQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1027107831137.0508 Show response
8228261.fls.doubleclick.net/ Frame D466
Redirect Chain

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1027107831137.0508?
https://8228261.fls.doubleclick.net/activityi;dc_pre=COyrn_eqo_ACFVq3ewodHrsDBQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=102710783113...

508 B
415 B

41ms
41ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8228261.fls.doubleclick.net/activityi;dc_pre=COyrn_eqo_ACFVq3ewodHrsDBQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1027107831137.0508?

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

ea309c047bc300b7c1bca603a2034eb4f3c3c99d23a64869721f0071946ccf49

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8228261.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=COyrn_eqo_ACFVq3ewodHrsDBQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1027107831137.0508?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 29 Apr 2021 11:20:31 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 390
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 29-Apr-2021 11:35:31 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 29 Apr 2021 11:20:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8228261.fls.doubleclick.net/activityi;dc_pre=COyrn_eqo_ACFVq3ewodHrsDBQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1027107831137.0508?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame B451 43 KB
17 KB 103ms
21ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

13260c49d665eb7b00855cf3ed00d0becc926580cddc18710f7f4630dd3472f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16588
x-xss-protection: 0
server: cafe
etag: 3760350618804806243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 29 Apr 2021 11:20:31 GMT

GET
H2 200 activity
au-gmtdmp.mookie1.com/t/v2/ Frame BC3F 43 B
609 B 340ms
272ms Image
image/gif 35.227.202.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296557&src.rand=[timestamp]
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.202.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 11:20:31 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 9767
Redirect Chain

https://secure.adnxs.com/px?id=879166&seg=9702347&t=2
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2

43 B
1 KB

30ms
27ms

Image
image/gif

185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Apr 2021 11:20:31 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.81:80
AN-X-Request-Uuid: 330e4458-38fb-4ac6-b44f-ce2756a9d326
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 29 Apr 2021 11:20:31 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.230:80
AN-X-Request-Uuid: aac42c68-83ac-4fa0-990c-34c8d46c7bd0
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1

0
1 KB

26ms
21ms

Image
application/javascript

185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Apr 2021 11:20:31 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.36:80
AN-X-Request-Uuid: 3f5a4cae-d2c8-4903-800c-eb39b834b08f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 29 Apr 2021 11:20:31 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.59:80
AN-X-Request-Uuid: 08c3a676-1550-4a79-9eed-a2c982778900
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 3B78
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
https://dpm.demdex.net/ibs:dpid=358&dpuuid=3293681495049358646
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=358&dpuuid=3293681495049358646

42 B
975 B

56ms
38ms

Image
image/gif

54.171.219.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=358&dpuuid=3293681495049358646

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.219.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v005-09d7daba5.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: /kmUVqdsRMY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v005-0721e0263.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: darB0XMaSXs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=358&dpuuid=3293681495049358646
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1DE5 0
0 66ms
59ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstW7oBSBkfulKOxYI_B8ULOz65TojW94pxlFpyZOkxEe6pDjem4hYhfKTAKlMChI9nB2lbvt2RGouyIh0Nci4FexZ5PCzdcpiXerxYxfvsGvH5yC93U60L0mJoEgPRODpNK-DXZ-1bfNFqXnXlKt-RAFx85zHzIbvoBhsWG7fpXizak7fdwxvTuLktKheHuiz3i9ALpEeR7k9Umth4gbrjrmZFwljxCeokjgJqeOVUDmS4tmN1xBUNwU5f83Cq4IOcDErRHQJUdRHd3ueC-JsARHOYPSMkkCfii3tpjCbZ9tkdovPWYT7pKUw&sai=AMfl-YTzj6eLaJJORj5ee53tre74WqUJW4ULyvZ0ZnRawSMhzmvww29HPuBJ092FF6cPHjrAP2kxNtONvfF_&sig=Cg0ArKJSzOv9cHBj0IQMEAE&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Apr 2021 11:20:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/ Frame 1DE5 17 KB
7 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js?31060934

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0fad38c04932f3e71581d5ca798b326778fc0e54e3823de3b0f9eddbef0892e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 12352184217982932987
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 May 2021 11:20:02 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/ Frame 1DE5 2 KB
1 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js?31060934

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:18:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 May 2021 11:18:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1DE5 116 KB
35 KB 21ms
18ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js?31060934

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

258467714b990f7336f9d25902acb907cdb0cc27261bb2645e862d547b2198da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619631691980669"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36080
x-xss-protection: 0
expires: Thu, 29 Apr 2021 11:20:31 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 1DE5 0
0 23ms
21ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSByk8y1rR9LL_inMWxU9x1yGPE6Fiz0srzpztnl0azWyKqLcBWK6IaPC30O-aPF7Hig-Qm
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js?31060934
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 13503232906761715217
tpc.googlesyndication.com/simgad/ Frame 1DE5 3 KB
3 KB 12ms
10ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13503232906761715217

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js?31060934

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a87453753b5611e7806718ec99a837dc8068d9eb20b4b6b3bb0d38ee2bd84d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 23:02:41 GMT
x-content-type-options: nosniff
age: 130670
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3270
x-xss-protection: 0
last-modified: Wed, 23 May 2018 04:43:28 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 23:02:41 GMT

OPTIONS
H2 204 campaigns
resourcesssl.newscdn.com.au/indies/ Frame 0
0 328ms
327ms Preflight
text/html 184.30.24.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22video%22,site:%22heraldsun.com.au%22,section:%22/news/world%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Protocol: H2
Server: 184.30.24.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.heraldsun.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
content-type: text/html
function-execution-id: v984qgnmm388
server: Google Frontend
x-cloud-trace-context: f2f2666c17dc022aa771db23e0d64854
x-country-code: DE
x-orig-accept-language: en-US
x-powered-by: Express
accept-ranges: bytes
x-served-by: cache-ams21047-AMS
x-cache-hits: 0
x-timer: S1619695232.569125,VS0,VE262
cache-control: private, max-age=604766
expires: Thu, 06 May 2021 11:19:57 GMT
date: Thu, 29 Apr 2021 11:20:31 GMT
x-i: true

GET
H2 200 campaigns Show response
resourcesssl.newscdn.com.au/indies/ 46 B
475 B 585ms
584ms XHR
application/json 184.30.24.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22video%22,site:%22heraldsun.com.au%22,section:%22/news/world%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Requested by: Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: 5ba313b7fa9dd06ba89db2a1f6c6642375203f081bf64563d8571e0ef07a0739

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 29 Apr 2021 11:20:32 GMT
content-encoding: gzip
etag: W/"2e-plev5r3ULIxi7VsUGbEefPcqbKs"
x-powered-by: Express
x-cache-hits: 0
content-length: 66
x-served-by: cache-ams21047-AMS
server: Google Frontend
x-timer: S1619695232.901789,VS0,VE487
x-i: true
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: c50be0947a255efbe952f07a361d2351
cache-control: private, max-age=604800
function-execution-id: krripqum6hw9
accept-ranges: bytes
x-orig-accept-language: en-US
x-country-code: DE
expires: Thu, 06 May 2021 11:20:32 GMT

GET
H2 200 s15857387721142
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.0/ 43 B
245 B 39ms
32ms Image
image/gif 15.237.76.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.0/s15857387721142?AQB=1&ndh=1&pf=1&t=29%2F3%2F2021%2013%3A20%3A31%204%20-120&cid.&newsnkidcookie.&id=3666cdfc7660594aef65df7a3139405a&as=1&.newsnkidcookie&.cid&vid=3666cdfc7660594aef65df7a3139405a&mid=62691552738218542441901249118853465360&aamlh=6&ce=UTF-8&ns=newscorpau&cdp=3&g=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fworld%2Fflight-ban-loophole-stranded-australians-could-return-from-india-via-china%2Fvideo%2F7f175ae8351e9890b5f064c5486dee57%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO&cc=AUD&ch=D%3Dv4&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=D%3Dv1&v1=news%20corp%20au&h1=news%20corp%20au%7Cherald%20sun%7Cherald%20sun%20web%7Cnews%7Cworld&c2=D%3Dv2&v2=herald%20sun&c3=D%3Dv3&v3=herald%20sun%20web&c4=D%3Dv4&v4=news&c5=D%3Dv5&v5=world&c9=D%3Dv9&v9=video&c10=D%3Dg&v10=D%3DpageName&c11=D%3Dv11&v11=D%3Dvid&c14=D%3Dv14&v14=anonymous&c22=D%3Dv22&v22=9%3A20%20PM%7CThursday&c24=D%3Dv24&v24=New&c30=First%20Visit&v34=D%3Dg&c46=D%3Dv46&v46=not%20logged%20in&v52=1600x1200%7Cwindows%7C10&c60=TypeError%3A%20Cannot%20read%20property%20%27getItem%27%20of%20null&v77=D%3Dmid&v111=0&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&-g=3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&AQE=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.76.117 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:31 GMT
x-content-type-options: nosniff
x-c: main-1455.Icbb9a9.M0-487
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 30 Apr 2021 11:20:31 GMT
server: jag
xserver: anedge-5db677d464-q2v2k
etag: 3478269024842973184-4621611828456731365
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Wed, 28 Apr 2021 11:20:31 GMT

GET
DATA 200
OK truncated
/ Frame 92C3 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db7e969226f6335038e4a64cc999283a2337a0a56e21aa702969f787ef0337cd

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame F1A9 46 KB
13 KB 117ms
52ms Script
application/javascript 52.212.39.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171498431&placementId=4682990628&pubCreative=138234025461&pubOrder=305536031&cb=820883257&custom=video&custom3=168400391&adsafe_par&impId=e7f92b7b-a8dc-11eb-b065-06d8cca89c2a
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.39.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e62e51525af7c70b68c6fc5e48fa59ad684b015bdc427fff9d7092429bf2f6ee

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 11:20:31 GMT
content-encoding: gzip
x-server-name: app12.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
DATA 200
OK truncated
/ Frame DEDF 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7fd7bf555078d97dc3fdad074fa544bfcb6c1b3a1b3c967a2d8d56825b18308e

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 14BB 46 KB
13 KB 42ms
40ms Script
application/javascript 52.212.39.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171498431&placementId=4682990628&pubCreative=138234025560&pubOrder=305536031&cb=1149968877&custom=video&custom3=168400391&adsafe_par&impId=e7f92b7c-a8dc-11eb-b065-06d8cca89c2a
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.39.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f177f8ea3c3656d3ed250fba4cff57521a23146d0537ce18acbdd5e584ed6fbd

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 11:20:32 GMT
content-encoding: gzip
x-server-name: app36.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H/1.1

200
OK

ibs:dpid=470&dpuuid=7111809016972781329
dpm.demdex.net/ Frame 3B78
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
https://dpm.demdex.net/ibs:dpid=470&dpuuid=7111809016972781329

42 B
975 B

61ms
43ms

Image
image/gif

54.171.219.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=470&dpuuid=7111809016972781329

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.219.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v005-0ef81bf6f.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: nHYe07/hTVY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=470&dpuuid=7111809016972781329
pragma: no-cache
date: Thu, 29 Apr 2021 11:20:31 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/ Frame B451 3 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/?random=1619695232029&cv=9&fst=1619695232029&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fworld%2Fflight-ban-loophole-stranded-australians-could-return-from-india-via-china%2Fvideo%2F7f175ae8351e9890b5f064c5486dee57%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

312a9ed9a9d84daa835e474e478c86c2a342fb844473e022632f18abd44a0187

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 11:20:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1212
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame DEDF 0
0 110ms
60ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssqtgYPBAVtQUGj9uIF3TYIloNx8CAmD8-Rz6UnGWYHRRqRzbsDbfeWpAhhhnJuAjoRuemRp3ktrCJIa7sR0mQqrJGErkcJHde7E-xAKMl1OhYvufO8WiPdiZnPRaUSVzEVB-HPg7clx6CzMSPYMUsDaX287I9U3Zw_a1pfwFk5won55EjsH25DfX15AMmxv3nJ3ZCLPozNEbkJdCVNMgKK85iL5hDYZf7YnlNCsN_9ztxHVF0yI4eZnyvqcgjnvH0VMUSgXrJjiT9B7ioyqsMvD20Pm2sjht09q8gUlKyoI8wyFqkALd_2IkDj&sai=AMfl-YRGhp531IIyr0CZICtBt1JV7PmC00FignoAaWme8rCmI5BA1R0-Z5ThIpNyjlcUUR3_pUeUpZTb1Mrp&sig=Cg0ArKJSzOVuZp0jveR3EAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Apr 2021 11:20:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

200

collect
px4.ads.linkedin.com/ Frame E6E5
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1619695232186&url=https%3A%2F%2Fwww.heraldsun.com.au%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26time%3D1619695232186%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1619695232186&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1619695232186&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&liSync=true&e_ipv6=AQIj6McL87RwTgAAAXkdW-7aokxAQnzhmlkABzivp0oB8mSX5hq17T8wu...

0
156 B

608ms
195ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1619695232186&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&liSync=true&e_ipv6=AQIj6McL87RwTgAAAXkdW-7aokxAQnzhmlkABzivp0oB8mSX5hq17T8wuRprWQ5pHB6yXzj8
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:35 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-lva1
content-type: application/javascript
content-length: 0
x-li-uuid: YV2BODxQehawpRI1+yoAAA==

Redirect headers

date: Thu, 29 Apr 2021 11:20:34 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1619695232186&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&liSync=true&e_ipv6=AQIj6McL87RwTgAAAXkdW-7aokxAQnzhmlkABzivp0oB8mSX5hq17T8wuRprWQ5pHB6yXzj8
x-li-proto: http/2
x-li-pop: prod-esv5
content-length: 0
x-li-uuid: Y53FBzxQehYgCMwpCisAAA==

GET
H/1.1 200
OK pixie
ib.adnxs.com/ Frame 0CE8 42 B
353 B 25ms
16ms Image
image/gif 185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/pixie?e=PageView&pi=4332873b-84ca-4d4d-a575-ee974bcdf99a&it=1619695232201&v=0.0.15&u=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fworld%2Fflight-ban-loophole-stranded-australians-could-return-from-india-via-china%2Fvideo%2F7f175ae8351e9890b5f064c5486dee57%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A&r=https%3A%2F%2Fwww.heraldsun.com.au%2F&st=1619695232201&et=1619695232201&if=1
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: nginx/1.17.9 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 11:20:32 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx/1.17.9
Connection: keep-alive
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 10.2.80.148:80
Content-Length: 42
Content-Type: image/gif

GET
H2 200 PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js Show response
cdn-gl.imrworldwide.com/conf/ 32 KB
7 KB 66ms
65ms Script
application/javascript 2600:9000:20c8:e200:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/bc/3/ggng510.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c8:e200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8740a2dced57dbdb138fe2d45348f9859ea032617d0e1eb7e8b2d4e9f6d8814e

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: W6TwOKNwD1VYfd_4rOY5yOATgfIa4P5T
content-encoding: gzip
etag: W/"a3f6a96fb521455f8043f5cf60ef3ca5"
last-modified: Thu, 29 Apr 2021 07:18:34 GMT
server: AmazonS3
age: 2838
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 2ae7e0c53833032779e8c2554653673b.cloudfront.net (CloudFront)
cache-control: max-age=86400,s-maxage=86400
date: Thu, 29 Apr 2021 10:33:15 GMT
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: Mh3YSpg1O7MrNAoG3NRKyvURwIJYh-7mGbNOsr9znbyhYeHJyx-ZKw==

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 92C3 0
0 63ms
62ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvfi7NhCufA6Zc3JTxF40Q7OSBzck2IGyW0d0i4Vf9yID0xu3O5I_r_LSpgKWquTVNKnAwj0vIOhYJ6Y2T8KPRZXS93TVgm_0D5tCLWkRtD2MTg3PdHKCJzTOzudUW53ZzfYBNENZkS5bZh8en-qEJmJZHjhQj6Dsz7wWRCP0fgbsfhYUL3e2Pcz3notCs4t3ZAb1_6oQw99h8fJKNFcgURY-qET-y07YsJ6VLoH0faD5kQJqA4peVwuNGs-mqzPkzSx1t97pw58jw-upXf7j_je32gcFa58TZmdezJTRtJzy24E9oLoPRhTXdj&sai=AMfl-YQFvbFHPXDhfkl_TUaaTaKx-eCULpekJHRmHg_Hhqi-NGpXj2O_KLv-buLUmbyJyGRAeYGFOL0oOo-z&sig=Cg0ArKJSzNZn8sdpAfBJEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Apr 2021 11:20:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1DE5 0
0 58ms
58ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuzAIikrkCUP8FbFlyWHIkrbMgAjvYomvKEeWw1yOhDi8nsgD2RKJT8LMuIsxTA6ajmkd3ZGifiD50zn_H8t5kexa_I-VBJ0snGTeh7RRQliAf2l8r6OAqs4izbsmJZsrSzVRNWXJsrZKP_lzrVqlf4rCRZj1Aj_2elB2ubUL_OkUcr6gaeowrqjR0iHd7l_-_7yZlYI3ndtv7TtjeAcsFQPsDeH9RhfMvoKd6tDhZU0KkoSvQtCzPJuzI_s1SSf4SXvILnUWPkbrhff7nWCN-iyaKcGWzm6Vkl8TUvCdBeen-Do9tHauYNN-EN&sai=AMfl-YRf-KuVzjoUvTYis62W2BLN0vFluWOapHw2e-rWrQzgCkrtbfB8U7FWrygTdOyFju1mIu_hIiLpJjfK&sig=Cg0ArKJSzDyjNFrfXhgpEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Apr 2021 11:20:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 1DE5 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 439e0ac24331935bdb5c2999300840f757f5b4fc2a932cb5d6208a5dc7c1c0f3

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame C42E 46 KB
13 KB 59ms
59ms Script
application/javascript 52.212.39.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=171498431&placementId=4682990628&pubCreative=138234082178&pubOrder=305536031&cb=1386412407&custom=video&custom3=168400391&adsafe_par&impId=e7f92b7d-a8dc-11eb-b065-06d8cca89c2a
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.39.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c5277641bffb804057bcd49345ea3b99235daf63d8ca747363c948506cdc0d43

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 11:20:32 GMT
content-encoding: gzip
x-server-name: app13.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 503 up Show response
insight.adsrvr.org/track/ Frame CAF8 27 B
197 B 1096ms
1005ms Document
text/html 34.254.127.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fworld%2Fflight-ban-loophole-stranded-australians-could-return-from-india-via-china%2Fvideo%2F7f175ae8351e9890b5f064c5486dee57%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A&upid=trk7f24&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.127.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 6468ac9f9bca964f3910fc967b80781c1c8634300e36f95ae49056d91a2734bf

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fworld%2Fflight-ban-loophole-stranded-australians-could-return-from-india-via-china%2Fvideo%2F7f175ae8351e9890b5f064c5486dee57%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A&upid=trk7f24&upv=1.1.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

date: Thu, 29 Apr 2021 11:20:33 GMT
content-type: text/html
content-length: 27
cache-control: no-cache, must-revalidate
pragma: no-cache
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 3B78 0
214 B 121ms
34ms Image
text/plain 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=6404&puid=62712787246089695341903357176415147018&gdpr=0&gdpr_consent=
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=COyrn_eqo_ACFVq3ewodHrsDBQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1027107831137.0508;~oref=ht... Frame 6B8A 507 B
623 B 76ms
75ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=COyrn_eqo_ACFVq3ewodHrsDBQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1027107831137.0508;~oref=https://www.heraldsun.com.au/

Requested by

Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=COyrn_eqo_ACFVq3ewodHrsDBQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1027107831137.0508?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d644d3e12f4414527f8b2ad04035b592f9b1e1a0e3f7d3ee71c7f87d396e262

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=COyrn_eqo_ACFVq3ewodHrsDBQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1027107831137.0508;~oref=https://www.heraldsun.com.au/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://8228261.fls.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://8228261.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 29 Apr 2021 11:20:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 390
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame ADCF 36 KB
14 KB 129ms
40ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-707564276

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

b668778fc11d3f924e2b088285e7f86e62dfbfbcd14b41b8fffcdb6e7ba5ef7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13902
x-xss-protection: 0
server: cafe
etag: 351251066703135666
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 29 Apr 2021 11:20:32 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ Frame 8BA3 31 B
652 B 213ms
135ms Script
application/javascript 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o3flk&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fworld%2Fflight-ban-loophole-stranded-australians-could-return-from-india-via-china%2Fvideo%2F7f175ae8351e9890b5f064c5486dee57%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 114
pragma: no-cache
last-modified: Thu, 29 Apr 2021 11:20:32 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 021d84f6d73eb8f43d91c8aa2553a2c0
x-transaction: 0042d9d400d640a5
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ Frame 8BA3 43 B
457 B 213ms
137ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o3flk&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fworld%2Fflight-ban-loophole-stranded-australians-could-return-from-india-via-china%2Fvideo%2F7f175ae8351e9890b5f064c5486dee57%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_devel /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Thu, 29 Apr 2021 11:20:32 GMT
server: tsa_devel
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: d1b06a214b031d3115a374eb9cd596967e28c254b12aca15a2004f98627d2653
x-transaction: 22ae19b71d95289b
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame AECC 0
182 B 32ms
29ms Document
text/html 34.254.127.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fworld%2Fflight-ban-loophole-stranded-australians-could-return-from-india-via-china%2Fvideo%2F7f175ae8351e9890b5f064c5486dee57%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A&upid=ekg5qxt&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.127.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fworld%2Fflight-ban-loophole-stranded-australians-could-return-from-india-via-china%2Fvideo%2F7f175ae8351e9890b5f064c5486dee57%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A&upid=ekg5qxt&upv=1.1.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

date: Thu, 29 Apr 2021 11:20:32 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 main.gr.19.8.193.js Show response
static.adsafeprotected.com/ Frame F1A9 182 KB
58 KB 57ms
42ms Script
application/javascript 2600:9000:20c8:a600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.193.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171498431&placementId=4682990628&pubCreative=138234025461&pubOrder=305536031&cb=820883257&custom=video&custom3=168400391&adsafe_par&impId=e7f92b7b-a8dc-11eb-b065-06d8cca89c2a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c8:a600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0909bafa804131db2f7e58c3f810a9df87603b094dc90f7d36421f52d0b8f185

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 02:57:21 GMT
content-encoding: gzip
age: 202991
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Apr 2021 16:21:52 GMT
server: AmazonS3
etag: W/"3bc122544b299af3472a4ba27ce7978f"
vary: Accept-Encoding
x-amz-version-id: YnDfosEmPFk1USroKyX80ierLiGWq8lS
via: 1.1 9bac09758c086d613f2c0a80dd66c7a6.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: MAD50-C1
content-type: application/javascript
x-amz-cf-id: bWmCZr22GvsOaQcNGsFSB9n16C1YAIMl2T_khHI8vvVj-0OGGoiA3w==

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEPR5b4J9XH7cshcDGm-UrrU&google_cver=1
dpm.demdex.net/ Frame 3B78
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NjI3MTI3ODcyNDYwODk2OTUzNDE5MDMzNTcxNzY0MTUxNDcwMTg=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPR5b4J9XH7cshcDGm-UrrU&google_cver=1?gdpr=0&gdpr_consent=

42 B
975 B

70ms
69ms

Image
image/gif

54.171.219.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPR5b4J9XH7cshcDGm-UrrU&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.219.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v005-04d937ff6.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: x+kfTM4URWM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Thu, 29 Apr 2021 11:20:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPR5b4J9XH7cshcDGm-UrrU&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.gr.19.8.193.js Show response
static.adsafeprotected.com/ Frame 14BB 182 KB
58 KB 65ms
64ms Script
application/javascript 2600:9000:20c8:a600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.193.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171498431&placementId=4682990628&pubCreative=138234025560&pubOrder=305536031&cb=1149968877&custom=video&custom3=168400391&adsafe_par&impId=e7f92b7c-a8dc-11eb-b065-06d8cca89c2a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c8:a600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0909bafa804131db2f7e58c3f810a9df87603b094dc90f7d36421f52d0b8f185

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 02:57:21 GMT
content-encoding: gzip
age: 202991
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Apr 2021 16:21:52 GMT
server: AmazonS3
etag: W/"3bc122544b299af3472a4ba27ce7978f"
vary: Accept-Encoding
x-amz-version-id: YnDfosEmPFk1USroKyX80ierLiGWq8lS
via: 1.1 9bac09758c086d613f2c0a80dd66c7a6.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: MAD50-C1
content-type: application/javascript
x-amz-cf-id: TZVs2kta0BiSy04Aj8Sla8zQuCzXU7sl0Kif0Iq-Pxz7NgwwhwrVGQ==

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/859754747/ Frame B451 42 B
64 B 24ms
23ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/859754747/?random=1619695232029&cv=9&fst=1619694000000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fworld%2Fflight-ban-loophole-stranded-australians-could-return-from-india-via-china%2Fvideo%2F7f175ae8351e9890b5f064c5486dee57%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=2548196585&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 11:20:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/859754747/ Frame B451 42 B
108 B 30ms
30ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/859754747/?random=1619695232029&cv=9&fst=1619694000000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fworld%2Fflight-ban-loophole-stranded-australians-could-return-from-india-via-china%2Fvideo%2F7f175ae8351e9890b5f064c5486dee57%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=2548196585&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 11:20:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 188 KB
53 KB 48ms
47ms Script
application/javascript 2600:9000:20c8:e200:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c8:e200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e9b1e9b290756c5ebc9849983de1f7d7db1685f76386ada579863f26897ec5f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: peRL4Yb0Ubr51vTPkyyXuScofZHOG6Uw
content-encoding: gzip
etag: W/"60cee9f8a6ab7076638a1b6a01bc9269"
last-modified: Wed, 28 Apr 2021 14:18:22 GMT
server: AmazonS3
age: 126
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 2ae7e0c53833032779e8c2554653673b.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Thu, 29 Apr 2021 11:18:27 GMT
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: okN9YzzQQbSeT1Ah0NBWw4l6-pT_O4iInpPZKQSgBhltc0yF6W85ag==

GET
H2 200 main.gr.19.8.193.js Show response
static.adsafeprotected.com/ Frame C42E 182 KB
58 KB 70ms
68ms Script
application/javascript 2600:9000:20c8:a600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.193.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=171498431&placementId=4682990628&pubCreative=138234082178&pubOrder=305536031&cb=1386412407&custom=video&custom3=168400391&adsafe_par&impId=e7f92b7d-a8dc-11eb-b065-06d8cca89c2a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c8:a600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0909bafa804131db2f7e58c3f810a9df87603b094dc90f7d36421f52d0b8f185

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 02:57:21 GMT
content-encoding: gzip
age: 202991
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Apr 2021 16:21:52 GMT
server: AmazonS3
etag: W/"3bc122544b299af3472a4ba27ce7978f"
vary: Accept-Encoding
x-amz-version-id: YnDfosEmPFk1USroKyX80ierLiGWq8lS
via: 1.1 9bac09758c086d613f2c0a80dd66c7a6.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: MAD50-C1
content-type: application/javascript
x-amz-cf-id: Zs8CKBe6nmgcuv0drnuTMJBnk3gtCh8T5L2Pa-KSDo5s_9LyVUPQug==

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 3B78
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://dpm.demdex.net/ibs:dpid=903&dpuuid=f80e131e-eb10-4238-83cd-d7e01eeccd83
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=f80e131e-eb10-4238-83cd-d7e01eeccd83

42 B
975 B

48ms
41ms

Image
image/gif

54.171.219.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=f80e131e-eb10-4238-83cd-d7e01eeccd83

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.219.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v005-02a349794.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: T0m2/fHbSag=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v005-0018b13d1.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: lFOYP/xyQ50=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=f80e131e-eb10-4238-83cd-d7e01eeccd83
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3-29 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/ Frame ADCF 3 KB
1 KB 159ms
41ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/?random=1619695232922&cv=9&fst=1619695232922&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa4l3&sendb=1&ig=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fworld%2Fflight-ban-loophole-stranded-australians-could-return-from-india-via-china%2Fvideo%2F7f175ae8351e9890b5f064c5486dee57%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24e755117515e1308143839fa971eceb7cf759637152ed91d17f4e7adb1ae693

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 11:20:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1253
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
adservice.google.de/ddm/fls/i/dc_pre=COyrn_eqo_ACFVq3ewodHrsDBQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1027107831137.0508;~oref=htt... Frame 880D 194 B
877 B 279ms
54ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=COyrn_eqo_ACFVq3ewodHrsDBQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1027107831137.0508;~oref=https://www.heraldsun.com.au/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=COyrn_eqo_ACFVq3ewodHrsDBQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1027107831137.0508;~oref=https://www.heraldsun.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.de
:scheme: https
:path: /ddm/fls/i/dc_pre=COyrn_eqo_ACFVq3ewodHrsDBQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1027107831137.0508;~oref=https://www.heraldsun.com.au/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 29 Apr 2021 11:20:33 GMT
expires: Thu, 29 Apr 2021 11:20:33 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 3B78
Redirect Chain

https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
https://dpm.demdex.net/ibs:dpid=19566&dpuuid=6859BF47-8905-43EF-BD30-FB8DBD6B37EF
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=19566&dpuuid=6859BF47-8905-43EF-BD30-FB8DBD6B37EF

42 B
975 B

177ms
37ms

Image
image/gif

54.171.219.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=19566&dpuuid=6859BF47-8905-43EF-BD30-FB8DBD6B37EF

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.219.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v005-08ad32d5b.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: NL4E05PvQEI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v005-00565acdf.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: VbMCWjS4RVk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=19566&dpuuid=6859BF47-8905-43EF-BD30-FB8DBD6B37EF
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 ls.html Show response
cdn-gl.imrworldwide.com/novms/html/ Frame BBF8 12 KB
4 KB 39ms
38ms Document
text/html 2600:9000:20c8:e200:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c8:e200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

:method: GET
:authority: cdn-gl.imrworldwide.com
:scheme: https
:path: /novms/html/ls.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

content-type: text/html
last-modified: Mon, 26 Apr 2021 14:08:25 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: NVg9oFBsxyABfC8leYCHsI6QwCEDz7V4
server: AmazonS3
content-encoding: gzip
date: Thu, 29 Apr 2021 11:09:13 GMT
cache-control: max-age=86400
etag: W/"7fa83dfc7b78314b137e2eb13834daa7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2ae7e0c53833032779e8c2554653673b.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: uePTxQzZkzgX1GmZP1VY-WVADLx1Osd2me985yMKY9UnBy6IRaXNWQ==
age: 681

GET
H2 200 sca.17.5.1.js Show response
static.adsafeprotected.com/ Frame 5CD1 82 KB
22 KB 211ms
0ms Script
application/javascript 2600:9000:20c8:a600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.1.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c8:a600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 20:41:03 GMT
content-encoding: gzip
age: 4718372
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 04 Mar 2021 17:39:07 GMT
server: AmazonS3
etag: W/"793767aa29c23c195c863f01f1e83e06"
vary: Accept-Encoding
x-amz-version-id: k6_KQKgDzgGo157ZbUyztz7Xtr8SFesr
via: 1.1 9bac09758c086d613f2c0a80dd66c7a6.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: MAD50-C1
content-type: application/javascript
x-amz-cf-id: 1MhZEN7V6e_Y0joZFbmNp1oUU2MqKQsdM8F70XsggVSiwCQT89ZjMg==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
215 B 267ms
21ms Image
image/gif 52.212.39.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|2&pubId=20970311&chanId=171498431&placementId=4682990628&pubCreative=138234025560&pubOrder=305536031&cb=1149968877&custom=video&custom3=168400391&adsafe_par&impId=e7f92b7c-a8dc-11eb-b065-06d8cca89c2a&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fworld%2Fflight-ban-loophole-stranded-australians-could-return-from-india-via-china%2Fvideo%2F7f175ae8351e9890b5f064c5486dee57%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:aa629d02-36d9-1a1e-97e1-8aa7594bed0f,c:baYsw3,sl:outOfView,em:true,fr:true,mn:app36ie,pt:1-5-15,wc:0.0.1600.1200,ac:800.1412.1.1,am:i,cc:800.1412.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:svY88h6+11%7C121%7C13*.10507%7C131%7C141%7C15%7C16%7C17%7C181%7C19%7C1a111%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g,idMap:13*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:1146,oid:e8fba766-a8dc-11eb-99d5-06c3831123e5,v:19.8.193,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.39.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 11:20:34 GMT
x-server-name: app02.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 sca.17.5.1.js Show response
static.adsafeprotected.com/ Frame B7CD 82 KB
22 KB 233ms
40ms Script
application/javascript 2600:9000:20c8:a600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.1.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c8:a600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 20:41:03 GMT
content-encoding: gzip
age: 4718372
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 04 Mar 2021 17:39:07 GMT
server: AmazonS3
etag: W/"793767aa29c23c195c863f01f1e83e06"
vary: Accept-Encoding
x-amz-version-id: k6_KQKgDzgGo157ZbUyztz7Xtr8SFesr
via: 1.1 9bac09758c086d613f2c0a80dd66c7a6.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: MAD50-C1
content-type: application/javascript
x-amz-cf-id: RMqxBAjm4T6NDK7Lq1_EWRjY0SknLor0-RGxMpOt8EGwpZ26-ZOtPQ==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 293ms
28ms Image
image/gif 52.212.39.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|1&pubId=20970311&chanId=171498431&placementId=4682990628&pubCreative=138234025461&pubOrder=305536031&cb=820883257&custom=video&custom3=168400391&adsafe_par&impId=e7f92b7b-a8dc-11eb-b065-06d8cca89c2a&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fworld%2Fflight-ban-loophole-stranded-australians-could-return-from-india-via-china%2Fvideo%2F7f175ae8351e9890b5f064c5486dee57%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:7f9e62d2-dc76-19fd-3973-7b4f5d532e6a,c:baYsE1,sl:outOfView,em:true,fr:true,mn:app12ie,pt:1-5-15,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:svY88gl+11%7C12*.10507%7C121%7C131%7C132%7C141%7C15%7C16%7C17%7C181%7C19%7C1a111%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g,idMap:12*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:1612,oid:e8ed9e1d-a8dc-11eb-b98d-0a1e87f1382c,v:19.8.193,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.39.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 11:20:34 GMT
x-server-name: app39.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1

200
OK

ibs:dpid=23728&dpuuid=YIqWgaRA66YzFqnsvtbyvgAA%261212
dpm.demdex.net/ Frame 3B78
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YIqWgaRA66YzFqnsvtbyvgAA%261212

42 B
975 B

133ms
37ms

Image
image/gif

54.171.219.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YIqWgaRA66YzFqnsvtbyvgAA%261212

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.219.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v005-039530b64.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: tdkk70jkSDg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Thu, 29 Apr 2021 11:20:34 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YIqWgaRA66YzFqnsvtbyvgAA%261212
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 264
Expires: Thu, 29 Apr 2021 11:20:34 GMT

GET
H2 200 sca.17.5.1.js Show response
static.adsafeprotected.com/ Frame C1AE 82 KB
22 KB 193ms
29ms Script
application/javascript 2600:9000:20c8:a600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.1.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c8:a600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 20:41:03 GMT
content-encoding: gzip
age: 4718373
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 04 Mar 2021 17:39:07 GMT
server: AmazonS3
etag: W/"793767aa29c23c195c863f01f1e83e06"
vary: Accept-Encoding
x-amz-version-id: k6_KQKgDzgGo157ZbUyztz7Xtr8SFesr
via: 1.1 9bac09758c086d613f2c0a80dd66c7a6.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: MAD50-C1
content-type: application/javascript
x-amz-cf-id: ZQh0q-o18pYIt-6ZvcNAbMfDZ7CgQH1QtZg-djfhHWkwI-DBkMy70g==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 221ms
43ms Image
image/gif 52.212.39.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=10x10|1&pubId=20970311&chanId=171498431&placementId=4682990628&pubCreative=138234082178&pubOrder=305536031&cb=1386412407&custom=video&custom3=168400391&adsafe_par&impId=e7f92b7d-a8dc-11eb-b065-06d8cca89c2a&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fworld%2Fflight-ban-loophole-stranded-australians-could-return-from-india-via-china%2Fvideo%2F7f175ae8351e9890b5f064c5486dee57%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:e87dd9d6-56bc-a29e-1f53-762da7b2ab11,c:baYsMM,sl:outOfView,em:true,fr:true,mn:app13ie,pt:1-5-15,wc:0.0.1600.1200,ac:795.1453.10.10,am:i,cc:795.1453.10.10,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:svY88jc+11%7C121%7C122%7C131%7C132%7C141%7C15%7C16%7C17%7C181%7C19%7C1a111%7C1b%7C1c%7C1d%7C1e*.10507%7C1e1%7C1f%7C1g,idMap:1e*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:1978,oid:e93ad3c6-a8dc-11eb-a605-062810ec67f6,v:19.8.193,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.39.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 11:20:35 GMT
x-server-name: app28.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 731ms
101ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=aa629d02-36d9-1a1e-97e1-8aa7594bed0f&tv=%7Bc:baYsN1,pingTime:-2,time:2123,type:a,im:%7BpBlk:1358,sf:0,pom:1,prf:%7BbeA:772,beZ:774,mfA:1493,cmA:1495,inA:1496,inZ:1525,prA:1525,prZ:1726,si:1918,poA:1960,bl:2130,poZ:2130,cmZ:2130,mfZ:2131,loA:2760,loZ:2764,ltA:2895,ltZ:2895%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:1071%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:2124,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1070,wc:0.0.1600.1200,ac:800.1412.1.1,am:i,cc:800.1412.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1390~0%5D,as:%5B1390~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:svY88gl+11%7C12.10507%7C121%7C13*.10507%7C131%7C141%7C15%7C16%7C17%7C181%7C19%7C1a111%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g,idMap:13*,rmeas:1,rend:0,renddet:IMG.us,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/news/world_1,google_ads_iframe_/5129/ndm.hwt/news/world_1__container__,ad-block-728x90-2%5D,sinceFw:934,readyFired:true%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Apr 2021 11:20:35 GMT
X-Server-Name: dt39.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 /
www.google.com/pagead/1p-user-list/707564276/ Frame ADCF 42 B
108 B 148ms
17ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/707564276/?random=1619695232922&cv=9&fst=1619694000000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa4l3&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fworld%2Fflight-ban-loophole-stranded-australians-could-return-from-india-via-china%2Fvideo%2F7f175ae8351e9890b5f064c5486dee57%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=2739596352&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 11:20:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/707564276/ Frame ADCF 42 B
108 B 120ms
14ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/707564276/?random=1619695232922&cv=9&fst=1619694000000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa4l3&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fworld%2Fflight-ban-loophole-stranded-australians-could-return-from-india-via-china%2Fvideo%2F7f175ae8351e9890b5f064c5486dee57%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=2739596352&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 11:20:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 690ms
103ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=7f9e62d2-dc76-19fd-3973-7b4f5d532e6a&tv=%7Bc:baYsNb,pingTime:-2,time:2180,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:892,beZ:898,mfA:2314,cmA:2315,inA:2315,inZ:2317,prA:2317,prZ:2500,si:2505,poA:2505,poZ:2588,cmZ:2588,mfZ:2588,loA:2997,loZ:2998,ltA:3071,ltZ:3071%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:1612%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:2180,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1612,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B757~0%5D,as:%5B757~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:svY88gl+11%7C12*.10507%7C121%7C13.10507%7C131%7C132%7C141%7C15%7C16%7C17%7C181%7C19%7C1a111%7C1b%7C1c%7C1d%7C1e1%7C1f%7C1g,idMap:12*,rmeas:1,rend:0,renddet:IMG.us,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/news/world_0,google_ads_iframe_/5129/ndm.hwt/news/world_0__container__,ad-block-728x90-1%5D,sinceFw:566,readyFired:true%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Apr 2021 11:20:35 GMT
X-Server-Name: dt46.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1

200
OK

ibs:dpid=30432&dpuuid=CI-0a230d701061c3a6ba95f84a11145a07
dpm.demdex.net/ Frame 3B78
Redirect Chain

https://dt.scanscout.com/ssframework/uid?UIAA=62712787246089695341903357176415147018&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-0a230d701061c3a6ba95f84a11145a07

42 B
975 B

121ms
38ms

Image
image/gif

54.171.219.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-0a230d701061c3a6ba95f84a11145a07

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.219.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v005-0d6960d9e.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: GPVNOieLRHo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-0a230d701061c3a6ba95f84a11145a07
Date: Thu, 29 Apr 2021 11:20:35 GMT
useSecure: true
Server: nginx/1.10.3
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200
OK

ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame 3B78
Redirect Chain

https://ps.eyeota.net/match?bid=6j5b2cv&uid=62712787246089695341903357176415147018&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

42 B
993 B

50ms
49ms

Image
image/gif

54.171.219.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.219.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v005-096625527.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-Error: 303,104
X-TID: zksKZedqSI8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date: Thu, 29 Apr 2021 11:20:35 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 607ms
93ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=e87dd9d6-56bc-a29e-1f53-762da7b2ab11&tv=%7Bc:baYsRn,pingTime:-2,time:2263,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:498,beZ:499,mfA:2458,cmA:2459,inA:2459,inZ:2461,prA:2461,prZ:2470,si:2475,poA:2476,poZ:2486,cmZ:2486,mfZ:2486,loA:2707,loZ:2713,ltA:2759,ltZ:2759%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:10,h:10,t:1978%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:2263,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1978,wc:0.0.1600.1200,ac:795.1453.10.10,am:i,cc:795.1453.10.10,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B301~0%5D,as:%5B301~10.10%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:svY88jc+11%7C121%7C122%7C131%7C132%7C141%7C15%7C16%7C17%7C181%7C19%7C1a111%7C1b%7C1c%7C1d%7C1e*.10507%7C1e1%7C1f%7C1g,idMap:1e*,rmeas:1,rend:0,renddet:IMG.us,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/news/world_2,google_ads_iframe_/5129/ndm.hwt/news/world_2__container__,ad-block-1000x50-1%5D,sinceFw:283,readyFired:true%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Apr 2021 11:20:35 GMT
X-Server-Name: dt39.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 gn
secure-dcr.imrworldwide.com/cgi-bin/ Frame BBF8 44 B
528 B 59ms
47ms Image
image/gif 52.213.113.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&sessionId=hd7oagkb7v95ibvhjehgqb6fycmfe1619695233&c16=sdkv,bj.6.0.0&uoo=&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&c30=bldv,6.0.0.594&retry=0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.113.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-113-49.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 11:20:35 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 /
hd7oagkb7v95ibvhjehgqb6fycmfe1619695233.nuid.imrworldwide.com/ Frame BBF8 35 B
349 B 230ms
5ms Image
image/gif 2600:9000:2057:bc00:1d:667e:2a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd7oagkb7v95ibvhjehgqb6fycmfe1619695233.nuid.imrworldwide.com/
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:bc00:1d:667e:2a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 05:01:53 GMT
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
last-modified: Tue, 11 Sep 2018 17:05:20 GMT
server: AmazonS3
age: 22723
etag: "c2196de8ba412c60c22ab491af7b1409"
x-cache: Hit from cloudfront
content-type: image/gif
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 35
x-amz-cf-id: jhcevZSDgdEQY0MmYbMlKZwXZMHS2PeoDq9eFEiPp56X_QtlGMtHLA==

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 3B78
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=adobe&id=62712787246089695341903357176415147018
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=62712787246089695341903357176415147018

0
337 B

35ms
34ms

Image
text/plain

52.48.18.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=62712787246089695341903357176415147018
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.18.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-18-249.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:35 GMT
cache-control: private, no-cache, no-store
x-request-time: D=25 t=1619695235
x-served-by: beacon-n001-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=62712787246089695341903357176415147018
date: Thu, 29 Apr 2021 11:20:35 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a009-ash-prod.krxd.net

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 101ms
99ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=aa629d02-36d9-1a1e-97e1-8aa7594bed0f&tv=%7Bc:baYt23,pingTime:-10,time:3055,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.1v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS4xdjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS4xdk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1619695235793%7C%7Cbd3ad6dd77ce3fe4e63956e288b30eff%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C65f371b906da289fb96ee517291637e0%7C%7C4e9a1d6e610e4f5bece5a5993f830e69%7C%7C7d43d1d486c0b225c092349a8b52f136%7C%7C37380f72fdfb3a695d667053164a497f%7C%7Cf4637421818a2526c83ce627b23e163d%7C%7C1614879537,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-,im:%7BpWait:19%7D,env:%7Bar:self.0%7D%7D
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Apr 2021 11:20:35 GMT
X-Server-Name: dt39.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1

200
OK

ibs:dpid=134096&dpuuid=%2BhTswx9999OJwRoQ
dpm.demdex.net/ Frame 3B78
Redirect Chain

https://tags.bluekai.com/site/43981?id=62712787246089695341903357176415147018&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=%2BhTswx9999OJwRoQ

42 B
975 B

61ms
30ms

Image
image/gif

54.171.219.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=134096&dpuuid=%2BhTswx9999OJwRoQ

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.219.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v005-05cbd1646.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: RavWjuvXRj4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=134096&dpuuid=%2BhTswx9999OJwRoQ
Date: Thu, 29 Apr 2021 11:20:36 GMT
Connection: keep-alive
Content-Length: 0
BK-Server: 1064
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 119ms
103ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=7f9e62d2-dc76-19fd-3973-7b4f5d532e6a&tv=%7Bc:baYt3x,time:3194,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:3194,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1612,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1771~0%5D,as:%5B1771~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:1005,fm:svY88gl+11%7C12*.10507%7C121%7C13.10507%7C131%7C132%7C141%7C15%7C16%7C17%7C181%7C19%7C1a111%7C1b%7C1c%7C1d%7C1e.10507%7C1e1%7C1f%7C1g,idMap:12*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Apr 2021 11:20:35 GMT
X-Server-Name: dt46.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 107ms
94ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=e87dd9d6-56bc-a29e-1f53-762da7b2ab11&tv=%7Bc:baYt3L,time:3031,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:3031,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1978,wc:0.0.1600.1200,ac:795.1453.10.10,am:i,cc:795.1453.10.10,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1069~0%5D,as:%5B1069~10.10%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:753,fm:svY88jc+11%7C121%7C122%7C131%7C132%7C141%7C15%7C16%7C17%7C181%7C19%7C1a111%7C1b%7C1c%7C1d%7C1e*.10507%7C1e1%7C1f%7C1g,idMap:1e*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Apr 2021 11:20:35 GMT
X-Server-Name: dt39.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 126ms
90ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=e87dd9d6-56bc-a29e-1f53-762da7b2ab11&tv=%7Bc:baYt4V,pingTime:-10,time:3103,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.1v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS4xdjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS4xdk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1619695235793%7C%7Cbd3ad6dd77ce3fe4e63956e288b30eff%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C65f371b906da289fb96ee517291637e0%7C%7C4e9a1d6e610e4f5bece5a5993f830e69%7C%7C7d43d1d486c0b225c092349a8b52f136%7C%7C37380f72fdfb3a695d667053164a497f%7C%7Cf4637421818a2526c83ce627b23e163d%7C%7C1614879537,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-,sca:%7Bspg:aa629d02-36d9-1a1e-97e1-8aa7594bed0f%7D%7D
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/world/flight-ban-loophole-stranded-australians-could-return-from-india-via-china/video/7f175ae8351e9890b5f064c5486dee57?_hsmi=88974744&_hsenc=p2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Apr 2021 11:20:36 GMT
X-Server-Name: dt39.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 3B78
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUlxV2dnQUFpc0ItMndCZw==

170 B
188 B

40ms
35ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUlxV2dnQUFpc0ItMndCZw==

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 11:20:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 29 Apr 2021 11:20:36 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1619695236.013863,VS0,VE0
x-served-by: cache-hhn4051-HHN
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUlxV2dnQUFpc0ItMndCZw==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 3B78
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YIqWggAAisB-2wBg&expires=90

0
239 B

111ms
35ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YIqWggAAisB-2wBg&expires=90
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 29 Apr 2021 11:20:36 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1619695236.161643,VS0,VE0
x-served-by: cache-hhn4051-HHN
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YIqWggAAisB-2wBg&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 19ms
18ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js?31060934

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ceff8a4fb07e76324dd15a38a3e87aeaf206296b02254a76125945136e54d0fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Apr 2021 11:20:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7707
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3B78
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YIqWggAAisB-2wBg

43 B
1 KB

229ms
36ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YIqWggAAisB-2wBg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Apr 2021 11:20:36 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 29 Apr 2021 11:20:36 GMT

Redirect headers

pragma: no-cache
date: Thu, 29 Apr 2021 11:20:36 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1619695236.269542,VS0,VE0
x-served-by: cache-hhn4051-HHN
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YIqWggAAisB-2wBg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 gn
secure-dcr.imrworldwide.com/cgi-bin/ 44 B
336 B 39ms
39ms Image
image/gif 52.213.113.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_b04_all_S&asn=all&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&devmodel=&manuf=&sysname=&sysversion=&sessionId=hd7oagkb7v95ibvhjehgqb6fycmfe1619695233&prv=1&c6=vc,b04&ca=NA&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&c32=segA,world&c33=segB,NA&c34=segC,DSK-OTT-WinPhn-OtherBrowser&c15=apn,heraldsun&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,999&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,161969523341186&c30=bldv,6.0.0.594&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&devtypid=&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1619695230879&c3=st,c&c64=starttm,1619695235&adid=1619695230879&c58=isLive,false&c59=sesid,&c61=createtm,1619695236&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fworld%2Fflight-ban-loophole-stranded-australians-could-return-from-india-via-china%2Fvideo%2F7f175ae8351e9890b5f064c5486dee57%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A&c66=mediaurl,&c62=sendTime,1619695236&rnd=947706
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.113.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-113-49.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 11:20:36 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 115ms
114ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=7f9e62d2-dc76-19fd-3973-7b4f5d532e6a&tv=%7Bc:baYtau,time:3625,type:e,env:%7Bnr_p:1,nr_publ1:1,nr_grpm1:1%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:3625,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1612,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2202~0%5D,as:%5B2202~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:134,fm:svY88gl+11%7C12*.10507%7C121%7C13.10507%7C131%7C132%7C141%7C15%7C16%7C17%7C181%7C19%7C1a111%7C1b%7C1c%7C1d%7C1e.10507%7C1e1%7C1f%7C1g,idMap:12*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Apr 2021 11:20:36 GMT
X-Server-Name: dt39.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 3B78
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=YIqWggAAisB-2wBg

43 B
1 KB

22ms
19ms

Image
image/gif

185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=158&code=YIqWggAAisB-2wBg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Apr 2021 11:20:36 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.38:80
AN-X-Request-Uuid: 2f219f78-61d4-4e1f-a9a6-76f3e8cbeb18
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 29 Apr 2021 11:20:36 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1619695237.503767,VS0,VE0
x-served-by: cache-hhn4051-HHN
x-cache: HIT
location: https://ib.adnxs.com/setuid?entity=158&code=YIqWggAAisB-2wBg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 63ms
13ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js?31060934

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:20:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Thu, 29 Apr 2021 11:20:36 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 3B78
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YIqWggAAisB-2wBg
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YIqWggAAisB-2wBg

43 B
106 B

44ms
32ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YIqWggAAisB-2wBg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.206.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 11:20:36 GMT
via: 1.1 google
server: OXGW/16.206.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YIqWggAAisB-2wBg
date: Thu, 29 Apr 2021 11:20:36 GMT
via: 1.1 google
server: OXGW/16.206.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 07D0 12 KB
5 KB 11ms
10ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Thu, 29 Apr 2021 11:20:01 GMT
expires: Fri, 29 Apr 2022 11:20:01 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 35
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js Show response
pagead2.googlesyndication.com/bg/ Frame 07D0 14 KB
6 KB 35ms
33ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

a24e4d62c6d4273eebbda3084b7bd7ce3991332fa2685858e32d188588bec92b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 17:30:32 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 64204
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5644
x-xss-protection: 0
expires: Thu, 28 Apr 2022 17:30:32 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 95ms
93ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=7f9e62d2-dc76-19fd-3973-7b4f5d532e6a&tv=%7Bc:baYtf8,pingTime:-10,time:3913,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.1v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS4xdjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS4xdk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1619695235793%7C%7Cbd3ad6dd77ce3fe4e63956e288b30eff%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C65f371b906da289fb96ee517291637e0%7C%7C4e9a1d6e610e4f5bece5a5993f830e69%7C%7C7d43d1d486c0b225c092349a8b52f136%7C%7C37380f72fdfb3a695d667053164a497f%7C%7Cf4637421818a2526c83ce627b23e163d%7C%7C1614879537,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-,sca:%7Bspg:aa629d02-36d9-1a1e-97e1-8aa7594bed0f%7D%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Apr 2021 11:20:36 GMT
X-Server-Name: dt39.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 3B78
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YIqWggAAisB-2wBg

1 B
809 B

40ms
26ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YIqWggAAisB-2wBg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 11:20:36 GMT
X-lat: lhrpug005:0:520
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

pragma: no-cache
date: Thu, 29 Apr 2021 11:20:36 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1619695237.643414,VS0,VE0
x-served-by: cache-hhn4051-HHN
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YIqWggAAisB-2wBg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 3B78
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YIqWggAAisB-2wBg&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YIqWggAAisB-2wBg&img=1&__user_check__=1&sync_id=ebd6cb61-a8dc-11eb-aa32-1644f9a80106

43 B
548 B

22ms
22ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YIqWggAAisB-2wBg&img=1&__user_check__=1&sync_id=ebd6cb61-a8dc-11eb-aa32-1644f9a80106
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.126 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 11:20:36 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 24
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Thu, 29 Apr 2021 11:20:36 GMT
Server: nginx
Location: /partner?adv_id=6409&uid=YIqWggAAisB-2wBg&img=1&__user_check__=1&sync_id=ebd6cb61-a8dc-11eb-aa32-1644f9a80106
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 96
Connection: keep-alive
Content-Length: 0

GET
H2

200

b.php
www.facebook.com/fr/ Frame 3B78
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YIqWggAAisB-2wBg&t=2592000&o=0

43 B
215 B

34ms
33ms

Image
image/gif

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=YIqWggAAisB-2wBg&t=2592000&o=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
x-fb-debug: q25w8g5kwXShQeRFKR2sQ5koy2Ml8WzZhVB9iUIHDNonVcVjfirT7PTTjRaG/hsr1lT3nUXj9ZhZZSBykO+98A==
content-encoding: br
x-content-type-options: nosniff
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 29 Apr 2021 04:20:36 PDT
strict-transport-security: max-age=15552000; preload
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
expires: Thu, 29 Apr 2021 04:20:36 PDT

Redirect headers

pragma: no-cache
date: Thu, 29 Apr 2021 11:20:36 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1619695237.863048,VS0,VE0
x-served-by: cache-hhn4051-HHN
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=YIqWggAAisB-2wBg&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

ibs:dpid=147592
dpm.demdex.net/ Frame 3B78
Redirect Chain

https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=147592?dpuuid=107ecd3e-5573-490b-a9f8-c079615af279-tuct7841c02

42 B
975 B

108ms
37ms

Image
image/gif

54.171.219.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=147592?dpuuid=107ecd3e-5573-490b-a9f8-c079615af279-tuct7841c02

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.219.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v005-05e379a4d.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 5725rh7wTLg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

x-vcl-time-ms: 9
date: Thu, 29 Apr 2021 11:20:36 GMT
via: 1.1 varnish
server: nginx
x-timer: S1619695237.963135,VS0,VE9
x-cache: MISS
location: https://dpm.demdex.net/ibs:dpid=147592?dpuuid=107ecd3e-5573-490b-a9f8-c079615af279-tuct7841c02
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11579-HHN

GET
H2 204 0
sync.1rx.io/usersync/adobe/ Frame 3B78 0
107 B 16ms
16ms Image
text/plain 213.19.147.45
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1rx.io/usersync/adobe/0?dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 11:20:37 GMT
cache-control: no-store, no-cache, must-revalidate
server: Tengine
expires: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
27 B 64ms
63ms Image
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042701&jk=1894474523624106&bg=!eXqlej7NAAZLnZBaS507ACkAdvg8WjlB1-cK53BX9R2LeqtdTWESfEyxUJS8dBh1JIc6ljhZjXY47QIAAAK6UgAAABdoAQcKATgfnhwwzPswtAlEn7_k-6rYodf6Zc-bvRm8YSJrgGnKxMA23ukh7jAxe4QQRhQa2VxDaY-FxdPXEKIcpOAt4nh29iJQxUwfkp6BReVQQzmdK3YBwfcmQcObW1H0VxEfpI6T3wHh4tBQwgvP15ktPuLhubXThiF8aPfL8qZY3665SfNmxWX2oNX4wwvP9SGAwzmBtIKS323jrS379rGTL2xYGQoqQSexy4tuZ_kzlMImb3Bw61CGkRjRsw3RfoNSvcQytU_rw1gVzpt1gbC747ozKg4jetI13rXxYhq8TfdBc2YkqDO3VwJexTV1awiG6X_-4uTLnQKH_mXM-69qzBf5-9tpMh5Y5fxxn7xBjZuU1pgl-OF7bVVLLBXUw_KhqdYoAbzXIZvsFx48V5ATjzT0JGJNd4Y93eeZAkvShyOAtPUhQ0aiQv2D5mkk7DTuyQh8fWr_8N6FQNZamu9Jl7HrxXam5OfpLcllgde3pfXrNaRUOTahwllvnOCIFE8tT7rteJ60vjfvaDb93uoSgAu1Jq9nnJHFHNxSE9d6_d_wPbu7iJeJfssyEbJnBaIyL43cPuOz6vSExh7djtDx2zldennxZHCzpd8v-mvb4z_a0fL-hrBxDZ6o0gIDTlf1Rm_sxXMwj-ApRDMyehNNpT_fdMYCRk7B1TA8TTbHPX-oFOoVoqj7d9oUK8eVwfKcFzHUClHAVrbtBmYgMsLgd_ntVE0TOWy_qgSUfJNCH6hI601bCtetP0I88zYkYyOrPuVCnFijKaRhDhrAO368n3mbQQowDHp5Y0sae29zVz-XpHBMrzxu1z7cuk5AkMgx4sz_4D5RZ76Igyvp0_yc3uIA4gdvRcaBWkq5u5gzA1VpB69zLXjk7w4VqQAsPwa-_8pNEchW892MiOa2vOlCBsdOxD6LOlvCxMdb40R-psCvLGNJPaIQS1I0MBdQ8yUeaP9iBdQxSgm78TYxfEdw67xPqm9Xn5wOmxFnfURfmuY9MkPlT_Bi-tteiSrxxTdply3g3coisuAgwpiL931lObRNWJ36Q71gpiP25uOXg2RGD_fM8Z9MSDyUrhak1yPDWLD_NaPezHUrHiRHcIvdQOLbuv-0Gfdq1BB349KoDaxRGjxVeJbMxnOdGaLXAg88FFoLRjQgnClMw5DL3Eda9SNheau3eCWmZSK2deYjRgDhIyLZX07PtQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 11:20:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 796ms
93ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=7f9e62d2-dc76-19fd-3973-7b4f5d532e6a&tv=%7Bc:baYuaH,time:7482,type:e,env:%7Bnr_p:5%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:7482,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1612,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B6059~0%5D,as:%5B6059~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:149,fm:svY88gl+11%7C12*.10507%7C121%7C13.10507%7C131%7C132%7C141%7C15%7C16%7C17%7C181%7C19%7C1a111%7C1b%7C1c%7C1d%7C1e.10507%7C1e1%7C1f%7C1g,idMap:12*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Apr 2021 11:20:40 GMT
X-Server-Name: dt36.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 108ms
104ms Image
image/gif 3.224.220.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2Fnews%2Fworld%2Fflight-ban-loophole-stranded-australians-could-return-from-india-via-china%2Fvideo%2F7f175ae8351e9890b5f064c5486dee57&u=_15toCawZARCYj9Ag&d=heraldsun.com.au&g=36976&g0=news%2Cworld%2Cvideo&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=2145&o=1600&w=1200&j=30&R=1&W=0&I=0&E=4&e=4&r=&b=7451&t=CzNNECBpps4mmgTNUDN12c_50a-9&V=126&tz=-120&_acct=anon&sn=2&sv=TH6R0CXOjO-SVZjEDuVXWkC3466m&sd=1&im=06530c42&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.220.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-220-79.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 11:20:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/akam/11/283cbd4

Domain: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/staticweb/d5396764f25ti17991ecfa342459f501b

Domain: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/akam/11/283cbd4

Domain: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/staticweb/d5396764f25ti17991ecfa342459f501b

Domain: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/staticweb/d5396764f25ti17991ecfa342459f501b

Verdicts & Comments Add Verdict or Comment

207 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.imrworldwide.com/	1970-01-20 03:16:31	Name: IMRID Value: eb0a89e1-a8dc-11eb-a272-f3b1ec4ff697
.imrworldwide.com/	1970-01-20 03:16:31	Name: SSCVER Value: v1
.adsrvr.org/	1970-01-20 02:40:31	Name: TDCPM Value: CAEYBSABKAIyCwjI7aub8cLFORAFOAE.
.demdex.net/	1970-01-19 22:14:07	Name: demdex Value: 75796155670380741811315296146762293832
.heraldsun.com.au/	1969-12-31 23:59:59	Name: s_ppv Value: https%253A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fworld%2Fflight-ban-loophole-stranded-australians-could-return-from-india-via-china%2Fvideo%2F7f175ae8351e9890b5f064c5486dee57%253F_hsmi%253D88974744%2526_hsenc%253Dp2ANqtz-8gQeTNqWoLWAHwfVhS6ipTagPTZfQq3oT3OKmfXzOpD7dTUO-2DRXKPv-jPFwEuFKHIX_OO3yYQeXzMiVKH1LZH6w-MJlbpGSVRh7o6EwtjI3e28A%2C56%2C56%2C1200
.demdex.net/	1970-01-19 22:14:07	Name: dextp Value: 23728-1-1619695234700\|30432-1-1619695234963\|30064-1-1619695235131\|66757-1-1619695235457\|134096-1-1619695235884\|144230-1-1619695235993\|144231-1-1619695236121\|144232-1-1619695236253\|144233-1-1619695236377\|144234-1-1619695236493
.doubleclick.net/	1970-01-20 03:16:31	Name: IDE Value: AHWqTUncGU8mBe6GTW-Z8po3Y7e9pq59e2atAezMEmzod8hPL5gzwprVsNDnGbNQ3Zs
.adsrvr.org/	1970-01-20 02:40:31	Name: TDID Value: 51bbe1c2-f948-45c2-97c1-1005cdb4e371
.heraldsun.com.au/	1969-12-31 23:59:59	Name: tp Value: 2145

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://info.silobreaker.com/e2t/tc/VW3ZY_1xNv-SW12H5KG7LKpqxW6fpr4J4q-ky7N7TcW1B4Zc_rV3Zsc37CgYckW8fh7lR7PMzSWW4KzQFc6M3tZFN1zcNW2GSq4pW4J0FNF5rfb2cVLgW6g9jwnYVW8nZzwX1V9-jJW8b18YD4Wd7-JV7SLb01X3HqzW15M_-75XDkjvW7z44Zb8tD4V6W3F00XG8Rhx0lV8165D7_21QBW7T4vh241mz43W4mbhQn5NLwrCW3C0Cgm1fR_NqW1FfM8h6nQWQ1N3zbjZnvJ-3JW7DBwnY1nFVTqW4-LzcX3XV8-8V3kSMk6pW3jcW9dhHb55-n_JdW5w61T73yDptsW28CkSL1_gZpVW1JvQfV17LXrcVp7n0M3CfRJpW93ZRhd6jK19sW3KBkv86Hm5VQW88x6vZ5fTyGYW7s97rB98NG-0W32yc8R8n-x0vW4d37Yg5WXFL3W4X6R4k3gcx4kW14TphH6Qt9BqW8DXZN65VMywM3hRk1(Line 13) Message: toS
console-api	log	URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js(Line 2) Message: NewsCorp - RePlayer 1.3.32
console-api	warning	URL: https://players.brightcove.net/5348771529001/DHPfbk7qO_default/index.min.js(Line 1) Message: VIDEOJS: WARN: A plugin named "contribAds6Shim" already exists. You may want to avoid re-registering plugins!
console-api	log	URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js(Line 3) Message: vidora-client 1.3.4 4a354580d3cf929b5a8a7d86ed03be7f4218d021
console-api	log	URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js(Line 1) Message: %c Vidora API finished initializing! background: #222; color: #b9da52
console-api	error	URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js(Line 3) Message: vidora-client: vidora included twice!
console-api	warning	URL: https://players.brightcove.net/5348771529001/DHPfbk7qO_default/index.min.js(Line 1) Message: VIDEOJS: WARN: videojs.plugin() is deprecated; use videojs.registerPlugin() instead
console-api	log	URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js(Line 18) Message: UTRACK loaded (from tealium)
console-api	log	URL: https://tags.news.com.au/prod/tad/tad.js(Line 6) Message: AD CORE ERROR: TypeError: Cannot read property 'disc.segments' of null
console-api	log	URL: https://tags.news.com.au/prod/tad/tad.js(Line 6) Message: AD CORE ERROR: 18 function(e,a){var d=e.localStorage;d["disc.segments"]&&(a.ad_audi_segs=d["disc.segments"].split(",")\|\|[])}
console-api	warning	URL: https://players.brightcove.net/5348771529001/DHPfbk7qO_default/index.min.js(Line 1) Message: VIDEOJS: WARN: videojs.plugin() is deprecated; use videojs.registerPlugin() instead
console-api	warning	URL: https://players.brightcove.net/5348771529001/DHPfbk7qO_default/index.min.js(Line 1) Message: VIDEOJS: WARN: A plugin named "chartbeat" already exists. You may want to avoid re-registering plugins!
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.5.1.js(Line 32) Message: a: 0.003173828125 ms

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

314136f7d2069e6b08b01259fb3cb15c.safeframe.googlesyndication.com
8228261.fls.doubleclick.net
acdn.adnxs.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
adservice.google.nl
analytics.twitter.com
assets.vidora.com
au-gmtdmp.mookie1.com
au.tags.newscgp.com
beacon.krxd.net
bs.serving-sys.com
cdn-gl.imrworldwide.com
cdn.adsafeprotected.com
cdn.speedcurve.com
cm.everesttech.net
cm.g.doubleclick.net
content.api.news
d.turn.com
dpm.demdex.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
dt.scanscout.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hd7oagkb7v95ibvhjehgqb6fycmfe1619695233.nuid.imrworldwide.com
ib.adnxs.com
image2.pubmatic.com
image5.pubmatic.com
info.silobreaker.com
insight.adsrvr.org
js.adsrvr.org
login.newscorpaustralia.com
match.adsrvr.org
metrics.heraldsun.com.au
newscorpau.demdex.net
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.adsafeprotected.com
pixel.rubiconproject.com
players.brightcove.net
ps.eyeota.net
px.ads.linkedin.com
px4.ads.linkedin.com
resourcesssl.newscdn.com.au
script.crazyegg.com
seccdn-gl.imrworldwide.com
secure-dcr.imrworldwide.com
secure-ds.serving-sys.com
secure-gl.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
snap.licdn.com
ssum.casalemedia.com
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
sync-tm.everesttech.net
sync.1rx.io
sync.search.spotxchange.com
t.co
tags.bluekai.com
tags.news.com.au
tags.tiqcdn.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
ts2020-indies-client.web.app
us-u.openx.net
usermatch.krxd.net
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.heraldsun.com.au
www.linkedin.com
login.newscorpaustralia.com
104.111.247.190
104.117.204.209
104.244.36.20
104.244.42.133
104.244.42.195
107.21.231.45
108.174.10.14
13.224.106.11
13.224.106.86
13.224.114.214
142.250.185.66
142.250.185.98
142.250.186.162
142.250.186.166
142.250.186.34
15.237.76.117
151.101.1.195
151.101.113.108
151.101.114.217
151.101.114.49
184.30.20.111
184.30.20.190
184.30.24.190
184.30.24.198
185.33.221.13
185.64.190.80
185.94.180.126
199.127.207.182
199.232.136.157
199.232.137.44
199.60.103.254
2.18.234.122
2.18.234.21
2001:678:cb4:bbbb::13
213.19.147.45
23.45.99.241
23.79.152.104
2600:9000:2057:bc00:1d:667e:2a40:93a1
2600:9000:20c8:2000:2:42d9:3100:93a1
2600:9000:20c8:2600:1e:a43d:b640:93a1
2600:9000:20c8:a600:8:48e:53c0:93a1
2600:9000:20c8:da00:18:1fcd:34e:d2a1
2600:9000:20c8:de00:4:77d:a0c0:93a1
2600:9000:20c8:e200:2:42d9:3100:93a1
2606:4700::6813:9308
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2a00:1450:4001:802::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:827::2001
2a00:1450:4001:828::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:831::2003
2a02:26f0:6c00:287::25ea
2a03:2880:f11c:8183:face:b00c:0:25de
3.224.220.79
34.250.160.147
34.254.127.126
34.98.64.218
35.227.202.26
52.208.69.189
52.212.39.74
52.213.113.49
52.48.18.249
52.57.150.20
54.171.219.200
54.171.42.33
69.173.144.139
69.173.144.165
80.252.91.52
03cce1892cbfca0c35fe3b1f64307db1269f452bc8eb983a654d68166bfb57c0
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
05e5e49dd09f014c070252984aa34bb32917ff372e6e1c0f5db8bbc2c6cf3753
07c38fcdf2688a0f20d8c30b10278618aeaf74782f25de92587d500d4742b02e
07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c
0909bafa804131db2f7e58c3f810a9df87603b094dc90f7d36421f52d0b8f185
091c2733df586042615d79b6fe413e3f33b87eb090beee72c3ac3e820110b5fd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d65919743905ca954e12255f116be6594f5c6ec20fab63ad2295ae71da41658
13260c49d665eb7b00855cf3ed00d0becc926580cddc18710f7f4630dd3472f2
134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f
1647e28020eaa5351a43d1583a9714bfeedddd6390c1bf4ab3b50f763ac81be5
174b9a58c7e4e80c420d329af6a87671f2a602c1878580298a832034adfe155a
1bae72b24c4dc7c338fe0b17dbae4f14923d0c8e466478584904d76dd024ae4e
2153bfd5d9e4c4a96b2e193d68e9a326dd0b568fe26df1b0805a7ca365e7a2f6
24e755117515e1308143839fa971eceb7cf759637152ed91d17f4e7adb1ae693
258467714b990f7336f9d25902acb907cdb0cc27261bb2645e862d547b2198da
2a87453753b5611e7806718ec99a837dc8068d9eb20b4b6b3bb0d38ee2bd84d4
2b23e426180b375a90ef49bce5c63b7b251f0fccc97f1dff3d00aa473dda857f
312a9ed9a9d84daa835e474e478c86c2a342fb844473e022632f18abd44a0187
3883ff2a5b46193da5464f5ae5fb94169d1361cfecedbd187439d459dc669f31
3d644d3e12f4414527f8b2ad04035b592f9b1e1a0e3f7d3ee71c7f87d396e262
409ca4d2c459d1e8d299be9a05ff91451d260274dd4dd22e3b290696539958aa
41c2ed4f30212356ab3a8c6a25d17ade4f4bfd15da0d5f852d5bba836071ee1d
4379b5695f319d7ad15e6c86346e9117f0b4f4a8d4bcbab18aa840fd9e6d900a
439e0ac24331935bdb5c2999300840f757f5b4fc2a932cb5d6208a5dc7c1c0f3
4754c1f1fb712883286295c92774dddebef215996cfdfab9fd972d265473f025
4a62c84214946e90ff1e1ae4fd103d3e74fff90f0f7b6d09eaf808af0a5db9d0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e096b1b92172377d28b5d74b8d59225227c3b664f8ab6be108c0ac2b5fba67c
4e9b1e9b290756c5ebc9849983de1f7d7db1685f76386ada579863f26897ec5f
53f15b7bbdf0cc56b0760121d8971f95bbb930e244ff143535d53c82242d4954
54138d578ed166d5381db70b3dd14a16830233553b6e4213402bae2fdb0564b4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54ae00c2346104abf0deedae46549b51d5fd27455bcc3a15969cc9fcbbb7ef8b
560ff2564fbf2bef305cf0e9533c4db2671c96297d978fd31ac0310727fe455f
56f5e4b898b245f9ecfc5c02bfd5e5adf6ce503fe43328b4bc8e9188e1ef7e76
584ebca28b361c3381c686b75b71c2cb4cdc074bc0ba6e44980c9db33c5cdf1c
59bf4920a322377c761eec2dba5b7de57b64267e82b0d3a7e9fafcfd4a954e34
5ba313b7fa9dd06ba89db2a1f6c6642375203f081bf64563d8571e0ef07a0739
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
6468ac9f9bca964f3910fc967b80781c1c8634300e36f95ae49056d91a2734bf
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d90199995b493e006d03ef62d624e59120a272ed586ff1496bd7a5c38ccb3fe
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
75481bc06d1b02e50fd1cc921a7838e3af6caa9b8c0745b50182ebf29f195e20
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7bf1b2294652f63961ee42eb038756bdaf485c649d7b3698596b1f290696b3a4
7e743ee5604b35eed07460f0341a4c14abf89383be184ba66b0f4ed7092d8358
7eab82ead1480897c3dedd5c6b4ef4ec553efacdca1ce23c3acd6bd8e9621046
7fd1737f4343dbfc7a9b915eaf41e30b6f114d254d7043d13b4faa370a36589c
7fd7bf555078d97dc3fdad074fa544bfcb6c1b3a1b3c967a2d8d56825b18308e
8024e11d5a6da8022ae25c2c3fac4f9bb196797f2e3c321e81e0b32616879b36
82ef85db9124f8188c2c8c03a4ad9a0918591f752994d8ec228331c715ecac86
8740a2dced57dbdb138fe2d45348f9859ea032617d0e1eb7e8b2d4e9f6d8814e
89135ab18d355deeed9ff375ac54cec5957675a5b1166d463abf14c1552ee4db
89868194e8809928df37974211d2477ad0723d6aee71386fb438b3e939eb5bce
8c21df4f2868fbd868801d0050d3a86dddc3701272554f7b74013d3ff7dbca38
919a09d45286a3828a624e7dae7c7ee6b964ba70339274d8e333c5aaaf9c9ec9
934cd820e36c97c76996e26acbba9ade6f32b3188b0b21372800c2d5f3ced373
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
9a2b6a1fcf2724d705818d4237c71625643b8c25ced72d6def3b84d9ac8f1f42
9c96c025f6aa0b8edff6538d533ddd012d17e860c8fa47140314e81886ce22e0
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a24e4d62c6d4273eebbda3084b7bd7ce3991332fa2685858e32d188588bec92b
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a59240fc489edb9b958a8d4ba2c00f23bfe3d00c6af60f98c8796524caaff164
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
aa83dc638afedd06f205feb524a389728e08c30870f6abfcca043f03d52f2f5b
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3
aeff34d9a1c253a230b7436d1f8798f9d4d096c0dd88ac2983997dce9ef88508
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b668778fc11d3f924e2b088285e7f86e62dfbfbcd14b41b8fffcdb6e7ba5ef7e
b76c2ee7eb4bc5687b5ca4693644a4cd5b6d1de17215d5d27d095f4042ad9c6d
b7aa714a4418a8e3d269a472e0ba2168cca963243ce2c94ad32315cd239fd245
bba3f2b1cf65dc4992fad83fefe41ea84164c5be9307acbba7ab1179c26597a0
beb4c65cc6eb5fd3cea2c6536abe63fd785c464c8b9e6726345a631abb09a253
c0c2c25dfc08ed1e512fa8165b935ff21ed802bf0e3da48b6223ab149244c049
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c5277641bffb804057bcd49345ea3b99235daf63d8ca747363c948506cdc0d43
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c71bb0243faefdec4fe567ed09ef67e642b6916c541f9a3ae45943dcea303a63
c76a6cc9369273b7e5f07285be49006b00775eefeefd725334e4235c4c29c9cf
c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9
cd475ec83d1ad4612892c25e3e14012e644b8480a5f29e11de357dc3b8a24114
ceff8a4fb07e76324dd15a38a3e87aeaf206296b02254a76125945136e54d0fb
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d12bc99bfc62565d0c24be17237169bcdf2d539a9e1bf68e242376677877a955
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d5ba954163b526260314b95b75779981e8bc6645c4b3a7bd40cede3ba2799c80
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0
db7e969226f6335038e4a64cc999283a2337a0a56e21aa702969f787ef0337cd
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e0fad38c04932f3e71581d5ca798b326778fc0e54e3823de3b0f9eddbef0892e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e62e51525af7c70b68c6fc5e48fa59ad684b015bdc427fff9d7092429bf2f6ee
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596
ea309c047bc300b7c1bca603a2034eb4f3c3c99d23a64869721f0071946ccf49
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
efcd038fff3becbe148fefb893ed26081fd0d8e7293fcd49d470c13fcd522e02
f16700069432eebd2ad701c93d2530f8599def7ff5630afffb562135e8158d4d
f177f8ea3c3656d3ed250fba4cff57521a23146d0537ce18acbdd5e584ed6fbd
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
f3ee7f733586379df35b59416987e636427861079c0780e08be2feff3c2af0a1
f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d

www.heraldsun.com.au Open in urlscan Pro 184.30.20.111 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

195 Requests

95 %HTTPS

31 %IPv6

49 Domains

79 Subdomains

63 IPs

6 Countries

1977 kBTransfer

6305 kBSize

9 Cookies

49 Outgoing links

Page URL History

Redirected requests

195 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.heraldsun.com.au Open in urlscan Pro
184.30.20.111 Public Scan

Screenshot
Live screenshot

Full Image

195
Requests

95 %
HTTPS

31 %
IPv6

49
Domains

79
Subdomains

63
IPs

6
Countries

1977 kB
Transfer

6305 kB
Size

9
Cookies

195 HTTP transactions
4 data transactions