Submitted URL: https://info.silobreaker.com/e2t/tc/VWZgF_8HnrbfW3xG1xn7HjZSMW2_PQhc4rpWy9N6YWdrG4Zc_7V3Zsc37CgF2TW2kHFNR17Q2myW5-tWbv5mlhKnW...
Effective URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccd...
Submission: On May 10 via api from DE

Summary

This website contacted 93 IPs in 8 countries across 66 domains to perform 319 HTTP transactions. The main IP is 184.30.20.111, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.heraldsun.com.au.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 25th 2021. Valid for: a year.
This is the only time www.heraldsun.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 199.60.103.254 209242 (CLOUDFLAR...)
8 20 184.30.20.111 16625 (AKAMAI-AS)
2 9 184.30.20.190 16625 (AKAMAI-AS)
1 151.101.114.217 54113 (FASTLY)
1 34 199.232.137.44 54113 (FASTLY)
8 2.22.90.129 20940 (AKAMAI-ASN1)
2 199.232.137.181 54113 (FASTLY)
1 3 13.224.95.18 16509 (AMAZON-02)
6 23.79.141.98 16625 (AKAMAI-AS)
5 104.109.77.38 16625 (AKAMAI-AS)
1 151.101.65.195 54113 (FASTLY)
2 23.111.9.35 33438 (HIGHWINDS2)
1 2600:9000:21f... 16509 (AMAZON-02)
1 172.217.23.102 15169 (GOOGLE)
1 2600:9000:20e... 16509 (AMAZON-02)
15 172.217.23.98 15169 (GOOGLE)
1 2 2600:9000:219... 16509 (AMAZON-02)
6 2600:9000:219... 16509 (AMAZON-02)
1 13.225.74.49 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 10 141.226.228.48 200478 (TABOOLA-AS)
2 2 3.121.49.210 16509 (AMAZON-02)
1 3 34.98.64.218 15169 (GOOGLE)
1 174.137.133.49 27257 (WEBAIR-IN...)
2 69.173.144.139 26667 (RUBICONPR...)
1 2 198.148.27.139 19189 (PULSEPOINT)
1 4 185.33.220.244 29990 (ASN-APPNEX)
2 4 142.250.185.226 15169 (GOOGLE)
2 185.64.190.80 62713 (AS-PUBMATIC)
4 5 34.252.153.38 16509 (AMAZON-02)
1 2 216.52.2.19 29791 (VOXEL-DOT...)
1 185.86.137.131 201081 (SMARTADSE...)
1 18.195.155.181 16509 (AMAZON-02)
1 1 178.250.0.163 44788 (ASN-CRITE...)
1 1 172.105.220.23 63949 (LINODE-AP...)
1 192.132.33.46 18568 (BIDTELLECT)
3 4 52.58.102.227 16509 (AMAZON-02)
1 1 49.12.13.182 24940 (HETZNER-AS)
2 15 34.243.47.58 16509 (AMAZON-02)
1 99.84.156.4 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 104.111.247.190 16625 (AKAMAI-AS)
2 52.1.81.52 14618 (AMAZON-AES)
1 141.226.124.201 200478 (TABOOLA-AS)
2 141.226.124.235 200478 (TABOOLA-AS)
1 141.226.124.234 200478 (TABOOLA-AS)
1 141.226.124.208 200478 (TABOOLA-AS)
2 141.226.124.205 200478 (TABOOLA-AS)
1 141.226.124.229 200478 (TABOOLA-AS)
1 2a04:4e42:62:... 54113 (FASTLY)
5 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.194 15169 (GOOGLE)
2 15.237.136.106 16509 (AMAZON-02)
1 141.226.224.32 200478 (TABOOLA-AS)
1 34.252.115.248 16509 (AMAZON-02)
1 1 54.171.42.33 16509 (AMAZON-02)
13 54.171.0.58 16509 (AMAZON-02)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 3.126.63.176 16509 (AMAZON-02)
2 3 185.94.180.126 35220 (SPOTX-AMS)
1 82.199.68.72 15830 (EQUINIX-C...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
21 2a00:1450:400... 15169 (GOOGLE)
2 99.84.157.54 16509 (AMAZON-02)
1 199.232.136.157 54113 (FASTLY)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.101.113.108 54113 (FASTLY)
1 2 172.217.16.134 15169 (GOOGLE)
2 142.250.186.162 15169 (GOOGLE)
1 35.227.202.26 15169 (GOOGLE)
2 4 185.33.220.243 29990 (ASN-APPNEX)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 3.248.66.228 16509 (AMAZON-02)
1 2600:9000:20e... 16509 (AMAZON-02)
2 2 2620:119:50e4... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 108.174.10.14 14413 (LINKEDIN)
2 34.254.108.170 16509 (AMAZON-02)
1 104.244.42.67 13414 (TWITTER)
1 104.244.42.5 13414 (TWITTER)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2001:678:cb4:... 56396 (TURN)
12 34.249.39.204 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 69.173.144.138 26667 (RUBICONPR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
34 54.174.17.129 14618 (AMAZON-AES)
1 2.18.233.180 16625 (AKAMAI-AS)
2 3 2.18.234.21 16625 (AKAMAI-AS)
1 1 199.127.207.190 26120 (RHYTHMONE)
1 1 3.122.214.165 16509 (AMAZON-02)
1 1 18.210.140.68 14618 (AMAZON-AES)
1 54.170.10.95 16509 (AMAZON-02)
1 1 23.45.99.241 16625 (AKAMAI-AS)
1 104.17.209.240 13335 (CLOUDFLAR...)
8 8 151.101.114.49 54113 (FASTLY)
1 2a03:2880:f11... 32934 (FACEBOOK)
3 3 213.19.147.44 26120 (RHYTHMONE)
2 2a00:1450:400... 15169 (GOOGLE)
319 93
Apex Domain
Subdomains
Transfer
60 adsafeprotected.com
cdn.adsafeprotected.com
pixel.adsafeprotected.com
static.adsafeprotected.com
dt.adsafeprotected.com
571 KB
54 taboola.com
cdn.taboola.com
trc.taboola.com
15.taboola.com
images.taboola.com
trc-events.taboola.com
sync.taboola.com
match.taboola.com
sync-t1.taboola.com
vidstat.taboola.com
t1.taboola.com
t2.taboola.com
t3.taboola.com
t4.taboola.com
t5.taboola.com
t6.taboola.com
t7.taboola.com
t8.taboola.com
pips.taboola.com
cds.taboola.com
imprammp.taboola.com
am-vid-events.taboola.com
412 KB
28 googlesyndication.com
pagead2.googlesyndication.com
c0e85838e9fd350298632fb9d31b4a24.safeframe.googlesyndication.com
tpc.googlesyndication.com
97 KB
25 doubleclick.net
ad.doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
8228261.fls.doubleclick.net
googleads.g.doubleclick.net
162 KB
21 heraldsun.com.au
www.heraldsun.com.au
metrics.heraldsun.com.au
216 KB
16 demdex.net
dpm.demdex.net Failed
newscorpau.demdex.net
19 KB
11 imrworldwide.com
secure-gl.imrworldwide.com
cdn-gl.imrworldwide.com
seccdn-gl.imrworldwide.com
secure-dcr.imrworldwide.com
0vsjtgyoeikiiccaepftimuf3dviw1620646198.nuid.imrworldwide.com
79 KB
9 everesttech.net
cm.everesttech.net
sync-tm.everesttech.net
2 KB
9 adsrvr.org
match.adsrvr.org
js.adsrvr.org
insight.adsrvr.org
7 KB
9 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
10 KB
9 news.com.au
tags.news.com.au
219 KB
8 newscdn.com.au
resourcesssl.newscdn.com.au
58 KB
7 googletagservices.com
www.googletagservices.com
239 KB
7 google.com
adservice.google.com
www.google.com
706 B
6 newscorpaustralia.com
login.newscorpaustralia.com
12 KB
5 tiqcdn.com
tags.tiqcdn.com
23 KB
4 linkedin.com
px.ads.linkedin.com
www.linkedin.com
px4.ads.linkedin.com
3 KB
4 bidswitch.net
x.bidswitch.net
1 KB
4 crazyegg.com
script.crazyegg.com
25 KB
3 casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
3 KB
3 google.de
www.google.de
adservice.google.de
609 B
3 spotxchange.com
sync.search.spotxchange.com
2 KB
3 serving-sys.com
secure-ds.serving-sys.com
bs.serving-sys.com
21 KB
3 pubmatic.com
simage2.pubmatic.com
image5.pubmatic.com
image2.pubmatic.com
2 KB
3 rubiconproject.com
pixel.rubiconproject.com
token.rubiconproject.com
692 B
3 openx.net
u.openx.net
us-u.openx.net
576 B
3 scorecardresearch.com
sb.scorecardresearch.com
3 KB
2 1rx.io
sync.1rx.io
900 B
2 krxd.net
usermatch.krxd.net
beacon.krxd.net
528 B
2 googleadservices.com
www.googleadservices.com
30 KB
2 chartbeat.net
ping.chartbeat.net
337 B
2 lijit.com
ce.lijit.com
1018 B
2 contextweb.com
bh.contextweb.com
828 B
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 fontawesome.com
use.fontawesome.com
91 KB
2 perfectmarket.com
widget.perfectmarket.com
32 KB
2 silobreaker.com
info.silobreaker.com
4 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com
475 B
1 facebook.com
www.facebook.com
557 B
1 qualtrics.com
zn7wdmojjixvhyobn-news.siteintercept.qualtrics.com
18 KB
1 bluekai.com
tags.bluekai.com
834 B
1 eyeota.net
ps.eyeota.net
418 B
1 scanscout.com
dt.scanscout.com
692 B
1 turn.com
d.turn.com
402 B
1 t.co
t.co
457 B
1 twitter.com
analytics.twitter.com
662 B
1 mookie1.com
au-gmtdmp.mookie1.com
607 B
1 googletagmanager.com
www.googletagmanager.com
34 KB
1 licdn.com
snap.licdn.com
2 KB
1 ads-twitter.com
static.ads-twitter.com
2 KB
1 google.cz
adservice.google.cz
165 B
1 advertising.com
pixel.advertising.com
125 B
1 tremorhub.com
taboola-supply-partners.tremorhub.com
183 B
1 splicky.com
bidswitch-eu.splicky.com
221 B
1 bttrack.com
bttrack.com
380 B
1 appier.net
s.c.appier.net
362 B
1 criteo.com
dis.criteo.com
503 B
1 emxdgt.com
e1.emxdgt.com
59 B
1 smartadserver.com
rtb-csync.smartadserver.com
697 B
1 adkernel.com
dsp.adkernel.com
233 B
1 newscgp.com
au.tags.newscgp.com
48 KB
1 chartbeat.com
static.chartbeat.com
23 KB
1 vidora.com
assets.vidora.com
4 KB
1 api.news
content.api.news
93 KB
1 web.app
ts2020-indies-client.web.app
3 KB
1 speedcurve.com
cdn.speedcurve.com
7 KB
319 66
Domain Requested by
34 dt.adsafeprotected.com www.heraldsun.com.au
21 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
19 www.heraldsun.com.au 8 redirects info.silobreaker.com
www.heraldsun.com.au
15 dpm.demdex.net www.heraldsun.com.au
tags.news.com.au
15 securepubads.g.doubleclick.net tags.tiqcdn.com
securepubads.g.doubleclick.net
info.silobreaker.com
www.googletagservices.com
13 pixel.adsafeprotected.com cdn.adsafeprotected.com
www.heraldsun.com.au
12 static.adsafeprotected.com pixel.adsafeprotected.com
www.heraldsun.com.au
12 cdn.taboola.com www.heraldsun.com.au
cdn.taboola.com
10 images.taboola.com www.heraldsun.com.au
9 tags.news.com.au 2 redirects tags.tiqcdn.com
au.tags.newscgp.com
8 sync-tm.everesttech.net 8 redirects
8 trc.taboola.com 1 redirects cdn.taboola.com
www.heraldsun.com.au
8 resourcesssl.newscdn.com.au www.heraldsun.com.au
ts2020-indies-client.web.app
7 www.googletagservices.com securepubads.g.doubleclick.net
6 pagead2.googlesyndication.com ad.doubleclick.net
securepubads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
6 login.newscorpaustralia.com www.heraldsun.com.au
login.newscorpaustralia.com
5 www.google.com securepubads.g.doubleclick.net
www.heraldsun.com.au
5 match.adsrvr.org 4 redirects imprammp.taboola.com
5 cdn-gl.imrworldwide.com www.heraldsun.com.au
seccdn-gl.imrworldwide.com
secure-gl.imrworldwide.com
cdn-gl.imrworldwide.com
5 tags.tiqcdn.com www.heraldsun.com.au
tags.tiqcdn.com
4 secure.adnxs.com 2 redirects www.heraldsun.com.au
4 x.bidswitch.net 3 redirects imprammp.taboola.com
4 cm.g.doubleclick.net 2 redirects www.heraldsun.com.au
4 ib.adnxs.com 1 redirects www.heraldsun.com.au
4 sync.taboola.com 2 redirects www.heraldsun.com.au
4 script.crazyegg.com tags.tiqcdn.com
script.crazyegg.com
3 sync.search.spotxchange.com 2 redirects
3 sync-t1.taboola.com www.heraldsun.com.au
imprammp.taboola.com
3 sb.scorecardresearch.com 1 redirects cdn.taboola.com
www.heraldsun.com.au
2 sync.1rx.io 2 redirects
2 us-u.openx.net 1 redirects
2 ssum.casalemedia.com 2 redirects
2 www.google.de www.heraldsun.com.au
2 insight.adsrvr.org js.adsrvr.org
2 px.ads.linkedin.com 2 redirects
2 googleads.g.doubleclick.net www.googleadservices.com
2 secure-dcr.imrworldwide.com www.heraldsun.com.au
2 www.googleadservices.com secure-ds.serving-sys.com
www.googletagmanager.com
2 8228261.fls.doubleclick.net 1 redirects info.silobreaker.com
2 js.adsrvr.org secure-ds.serving-sys.com
2 adservice.google.com securepubads.g.doubleclick.net
8228261.fls.doubleclick.net
2 metrics.heraldsun.com.au tags.news.com.au
www.heraldsun.com.au
2 ping.chartbeat.net www.heraldsun.com.au
2 secure-ds.serving-sys.com tags.tiqcdn.com
secure-ds.serving-sys.com
2 ce.lijit.com 1 redirects www.heraldsun.com.au
2 bh.contextweb.com 1 redirects www.heraldsun.com.au
2 pixel.rubiconproject.com www.heraldsun.com.au
2 rtb.mfadsrvr.com 2 redirects
2 trc-events.taboola.com www.heraldsun.com.au
2 secure-gl.imrworldwide.com 1 redirects www.heraldsun.com.au
2 use.fontawesome.com cdn.taboola.com
use.fontawesome.com
2 widget.perfectmarket.com cdn.taboola.com
widget.perfectmarket.com
2 info.silobreaker.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 www.facebook.com
1 image2.pubmatic.com
1 dsum-sec.casalemedia.com
1 zn7wdmojjixvhyobn-news.siteintercept.qualtrics.com tags.tiqcdn.com
1 tags.bluekai.com 1 redirects
1 beacon.krxd.net
1 usermatch.krxd.net 1 redirects
1 ps.eyeota.net 1 redirects
1 dt.scanscout.com 1 redirects
1 image5.pubmatic.com www.heraldsun.com.au
1 adservice.google.de adservice.google.com
1 token.rubiconproject.com www.heraldsun.com.au
1 d.turn.com 1 redirects
1 t.co www.heraldsun.com.au
1 analytics.twitter.com static.ads-twitter.com
1 px4.ads.linkedin.com www.heraldsun.com.au
1 www.linkedin.com 1 redirects
1 0vsjtgyoeikiiccaepftimuf3dviw1620646198.nuid.imrworldwide.com www.heraldsun.com.au
1 au-gmtdmp.mookie1.com www.heraldsun.com.au
1 acdn.adnxs.com info.silobreaker.com
1 www.googletagmanager.com secure-ds.serving-sys.com
1 snap.licdn.com info.silobreaker.com
1 static.ads-twitter.com info.silobreaker.com
1 c0e85838e9fd350298632fb9d31b4a24.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.cz securepubads.g.doubleclick.net
1 bs.serving-sys.com secure-ds.serving-sys.com
1 pixel.advertising.com imprammp.taboola.com
1 taboola-supply-partners.tremorhub.com imprammp.taboola.com
1 cm.everesttech.net 1 redirects
1 newscorpau.demdex.net tags.news.com.au
1 am-vid-events.taboola.com www.heraldsun.com.au
1 imprammp.taboola.com vidstat.taboola.com
1 cds.taboola.com cdn.taboola.com
1 googleads4.g.doubleclick.net ad.doubleclick.net
1 pips.taboola.com cdn.taboola.com
1 t8.taboola.com cdn.taboola.com
1 t7.taboola.com cdn.taboola.com
1 t6.taboola.com cdn.taboola.com
1 t5.taboola.com cdn.taboola.com
1 t4.taboola.com cdn.taboola.com
1 t3.taboola.com cdn.taboola.com
1 t2.taboola.com cdn.taboola.com
1 t1.taboola.com cdn.taboola.com
1 seccdn-gl.imrworldwide.com tags.news.com.au
1 cdn.adsafeprotected.com tags.news.com.au
1 vidstat.taboola.com cdn.taboola.com
1 bidswitch-eu.splicky.com 1 redirects
1 bttrack.com www.heraldsun.com.au
1 s.c.appier.net 1 redirects
1 dis.criteo.com 1 redirects
1 e1.emxdgt.com www.heraldsun.com.au
1 rtb-csync.smartadserver.com www.heraldsun.com.au
1 simage2.pubmatic.com www.heraldsun.com.au
1 dsp.adkernel.com www.heraldsun.com.au
1 u.openx.net www.heraldsun.com.au
1 match.taboola.com www.heraldsun.com.au
1 au.tags.newscgp.com tags.tiqcdn.com
1 static.chartbeat.com tags.tiqcdn.com
1 15.taboola.com cdn.taboola.com
1 ad.doubleclick.net tags.tiqcdn.com
1 assets.vidora.com www.heraldsun.com.au
1 content.api.news www.heraldsun.com.au
1 ts2020-indies-client.web.app www.heraldsun.com.au
1 cdn.speedcurve.com www.heraldsun.com.au
319 118
Subject Issuer Validity Valid
info.silobreaker.com
Cloudflare Inc ECC CA-3
2020-06-30 -
2021-06-30
a year crt.sh
news.com.au
DigiCert SHA2 Secure Server CA
2021-02-25 -
2022-02-28
a year crt.sh
*.speedcurve.com
GlobalSign Atlas R3 DV TLS CA 2020
2020-12-09 -
2022-01-10
a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-25 -
2021-12-26
a year crt.sh
widget.perfectmarket.com
GlobalSign Atlas R3 DV TLS CA 2020
2021-03-22 -
2022-04-23
a year crt.sh
*.scorecardresearch.com
Amazon
2021-02-28 -
2022-03-29
a year crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA
2021-04-19 -
2022-04-27
a year crt.sh
web.app
GTS CA 1D4
2021-03-17 -
2021-06-15
3 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-13 -
2021-12-14
a year crt.sh
*.vidora.com
Amazon
2021-03-12 -
2022-04-10
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2021-04-13 -
2021-07-06
3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018
2020-06-01 -
2021-06-02
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-04-13 -
2021-07-06
3 months crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1
2021-01-28 -
2022-02-01
a year crt.sh
au.tags.newscgp.com
Amazon
2021-01-25 -
2022-02-22
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-05-09 -
2022-05-08
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2020-06-18 -
2021-08-17
a year crt.sh
*.adkernel.com
Sectigo RSA Domain Validation Secure Server CA
2020-12-22 -
2022-01-05
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2020-12-18 -
2022-01-18
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2021-03-05 -
2022-02-19
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2020-12-07 -
2021-12-14
a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2021-03-11 -
2022-04-12
a year crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA
2020-05-07 -
2022-05-12
2 years crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA
2020-01-30 -
2022-02-03
2 years crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2
2020-05-18 -
2021-07-17
a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA
2021-03-29 -
2022-03-29
a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1
2020-12-02 -
2022-01-02
a year crt.sh
*.adsafeprotected.com
Amazon
2020-08-19 -
2021-09-18
a year crt.sh
secure-ds.serving-sys.com
DigiCert SHA2 Secure Server CA
2021-03-17 -
2022-03-22
a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018
2020-12-01 -
2021-12-30
a year crt.sh
metrics.heraldsun.com.au
DigiCert SHA2 High Assurance Server CA
2020-04-13 -
2021-07-15
a year crt.sh
fw.adsafeprotected.com
Amazon
2020-09-09 -
2021-10-09
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2021-03-18 -
2022-04-19
a year crt.sh
*.tremorhub.com
Amazon
2020-07-25 -
2021-08-25
a year crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA
2021-03-01 -
2021-08-24
6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2020-04-23 -
2022-05-04
2 years crt.sh
bs.serving-sys.com
Go Daddy Secure Certificate Authority - G2
2020-01-07 -
2022-03-08
2 years crt.sh
*.google.cz
GTS CA 1O1
2021-04-13 -
2021-07-06
3 months crt.sh
*.google.com
GTS CA 1O1
2021-04-13 -
2021-07-06
3 months crt.sh
ads-twitter.com
DigiCert SHA2 High Assurance Server CA
2020-08-14 -
2021-08-19
a year crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA
2021-04-30 -
2022-05-11
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-04-13 -
2021-07-06
3 months crt.sh
cdn.adnxs.com
GlobalSign CloudSSL CA - SHA256 - G3
2021-03-16 -
2022-03-17
a year crt.sh
www.googleadservices.com
GTS CA 1C3
2021-04-13 -
2021-07-06
3 months crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1
2021-02-22 -
2022-03-25
a year crt.sh
www.google.com
GTS CA 1C3
2021-04-13 -
2021-07-06
3 months crt.sh
*.nuid.imrworldwide.com
Amazon
2020-06-26 -
2021-07-26
a year crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA
2021-04-15 -
2021-10-15
6 months crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2021-02-05 -
2022-02-04
a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1
2021-02-05 -
2022-02-04
a year crt.sh
*.googleadservices.com
GTS CA 1C3
2021-04-13 -
2021-07-06
3 months crt.sh
www.google.de
GTS CA 1C3
2021-04-13 -
2021-07-06
3 months crt.sh
static.adsafeprotected.com
Amazon
2021-01-06 -
2022-02-04
a year crt.sh
dt.adsafeprotected.com
Amazon
2021-04-22 -
2022-05-21
a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2021-01-13 -
2022-01-07
a year crt.sh
*.qualtrics.com
DigiCert SHA2 Secure Server CA
2020-10-26 -
2021-11-26
a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2021-02-05 -
2022-02-09
a year crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018
2021-04-08 -
2022-05-09
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-04-06 -
2021-07-03
3 months crt.sh

This page contains 42 frames:

Primary Page: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8&nk=2d69eb424c415685bfff08b74f9a8dcf-1620646182
Frame ID: 7A5E7E9A3F38D6BFC14A3497D3040369
Requests: 165 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=GtBgRgPF233DdAkbvctsulQrEQsbP_IS&nonce=8TerFsUjSNjfZInvA-ih2D0Vpy2dj563&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNi4wIn0%3D
Frame ID: 3DB5D455E4CE90C3D4A0D26B168D4315
Requests: 3 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=08D9axwvT3gBmE~DNoU3R_~Ll7cJSBKm&nonce=2Zdzt2-1UCxxe-oeBw0BEerQ6aEwR7QU&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNi4wIn0%3D
Frame ID: DEAAD5093B3257D229D6F6CFB01BE23B
Requests: 3 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=cxSL9k01hZ0UusaQ8HGq13vin2LFyGf1&nonce=BcEjJie12RJZw.L07sw1tOVNzscX87jh&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNi4wIn0%3D
Frame ID: 796CEC6599FB4E542D4AB191575677D2
Requests: 3 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=90dluJCK8o7g7GH-qPIOqY9XXzcPPyG8&nonce=n7uyiJX4E7m4lBQwAFXxktAYTM3ZQs9t&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNi4wIn0%3D
Frame ID: C5871AE47A65CD70671DD17B07CCD316
Requests: 3 HTTP requests in this frame

Frame: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=c851488c-67d0-4b3e-954e-2c03a13e0d31&tbid=2e64311b-4838-4545-81d5-49292dd702a7-tuct7929eb0&query=taboola_hm%3Dc851488c-67d0-4b3e-954e-2c03a13e0d31&isDirect=0
Frame ID: AD90D575BCC81414A78B95C94B658914
Requests: 19 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66334005&crid=5473015&dast=V7fSYCFgN0YPKIb7SU6gR0YPKIb7SU6gUAAAAGBvQHHDOjzEjLCWM4XA2Wm-FiN5gMFoPlbrdZjobAMTPKjLScMIbD1WC5GS5my8lgt1mtdrvFZgofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwIP0XQ6fK57ve73u8tdvs9d43fbFa6_xPJyeJ12n1vu8n3-Opfl7bA732KnzfR5Cy5Pv-Vper7FTrfT9HmL_m69zeayvKVWt9Rh8bxFf7fCbPbLXb7PW3P6W55_zcRl841ci83GY3LYZivDYjCxWEy-4crjsq0WLjsAAAAAPABMCd5D_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAIOiMaQDkcBjA5eFzvfwBAPBQAAIAIIBBAlCwV1wCsDHSfwIAAAAAAAAAwPL___8fM0DfUiMDEHKW0APw4APwQFRwWMQIAAAAIGu3d_doUidUFlUAAATpVgBXAAABeVYKYNFhAAAABGML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NCOnINS3ojCtF7RcQAGDtFxAAgE3dAADeAuCCjqAVg8HqFGIyG2xWu-VwNDsAAACAu____389kNksN86VbTSYuYzDhWVjWA5Gq8nKMlqNViaPzeU9IWjOc5PgCfu-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGFiMnO5XLvJWjLYzdyixW7klnhcw7VgtZoNJx7DxLNyrEWvj-m3nCxXDo8XBQMi9yK4SCdyl-_z8VsOD9db4Tq5hS7Lw2zyvO4WsURzskgnssu-s1lunCvbaDBzGYcLy8awHIxWk5VltBqtTB6by9-YzFwu126ylgx2M7dosRu5JR7XcC1YrWbDiccw8awca9HrY_otJ8uVw-NvzCaD2Wi2GA73jdlkMBvNFsPhvkNn-K4-Z6NnqBN5XJbncfHQyswHhctg8e7Uq4XxOzpYe6-jU6btKAs6o9_v9_v9fr_f7_cbtJ6D2aDwPQ9_4fSxPJfD2ejBqIglgtNFOhG9jKeLWCJ5WqQT2cpmmS0cjtHMuRmMFhvfcjazTUaD1Wy32qxsi4lYojRdpBO9xPJyeJ12n1vu8n3-Opfl7bA732KnzfR5Cy5Pv-Vper7FTrfT9HmL_m69zeayvKVWt9Rh8bxFf7fCbPbLXb7PW3P6W55_zcRl841ci83GY3LYZivDYjCxWEy-4crjsq0WLov6jw64nCuGu7liuJwrhrtVAgAAAAAAAABYwpx5EwAAAIDTYFbLzWy1XICIfEBdYBAAAAAAAIDixo8x3OX7fPyWw8P1VrhObqHL8jCbPK-7lQEi7lmZN3smiLVaLWsAAAABbAAAgABu3bwFYjBy!&cmcv=&pix=undefined&cb=1620646197175&uv=2967&tms=1620646197175&abt=aat1_vA!adh5c-1_vA!insc_vA!spa2_vA!sre_vB!t45!ufm!ul2967_vA&ft=0&unm=FEED_MANAGER&aure=false&agl=1&cirid=3F2F49B188509381702010977394&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 09B812F7C23EF9C49808058346E3AFDA
Requests: 6 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: 1DC2B94CD64D9AFC3B5DAD864C7A2758
Requests: 22 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 2309493BDB15B53F4BB654003BC5BD45
Requests: 3 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: F6A3A64171A41137D236F7A2EBE3D6DF
Requests: 1 HTTP requests in this frame

Frame: https://static.ads-twitter.com/uwt.js
Frame ID: 1A892E7D2F8EDA9C60A2EC4C3C25D239
Requests: 3 HTTP requests in this frame

Frame: https://snap.licdn.com/li.lms-analytics/insight.min.js
Frame ID: 743994153CF2E853E7789994F5C84D89
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Frame ID: BF71C00859E67A94B6E28DF8CB588077
Requests: 5 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: A51D402CF1B7A8BEEC941C0B804C5E07
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/up/pixie.js
Frame ID: D1E5147EF0937B3CF2CB67E708ED494A
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CNbJ_8eBv_ACFVoC4Aodn6UNfA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1270965378263.229
Frame ID: 2D5678134F500D34D2F928999C5BD0F9
Requests: 1 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/conversion.js
Frame ID: 290DF0C22E5EA587A88AB54C2B09BB1F
Requests: 4 HTTP requests in this frame

Frame: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296557&src.rand=[timestamp]
Frame ID: F189E0B168D16A1C4559E1C6BE04D508
Requests: 1 HTTP requests in this frame

Frame: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Frame ID: 8B6FD8CF761B636FED959C0855110039
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4X2fHkiPRHxj51jRwjVLhVFZmzdGWE-IhZ_qKfah-92MAnUjH2RinkQ2voiHVSQ1jjJzxTnFEp_ewu1SSb2DkcLylYULm6mviZQvZOZG2-DTPkFvwB_tN5p_FudX2ApRsCd3S4TTmWAHQYVAAVCLu2-p7QvaN-3-Rjf3j1RcVUGbkanMNaudwp54Oh9-U2v1lap7u6NDDeqJRjCHkjAkEAkL2ncJgvidHwzAs2SDAdDbzJWd2PLc43nx7dUE3oRjRVAcg5s4ofp5Bq_L9RX55GLaB6PYc6ihIHZDP36m4Votc73gcIpQJ8P01w7ZdVsU&sai=AMfl-YRcIe1S7c59SAMg6R9BnrDTEszhYT-MpxjMLZExtujEff70QrCS5QmrejdeZSQcKE4cm1b1NftOHzlp&sig=Cg0ArKJSzAZVuw7Sy3ySEAE&adurl=
Frame ID: 169892AFD34D35F13A39CE728458ABA6
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstFu1q-scSMQngWghJFMZ7V_QpEk10-yxe1BsONN9qxrB1k7MLGlFDi3KrMJQnzMQUz1iEqVWJga2xJkYoZxmPzi18otRTao3dGWsEYpquT605ctWC-M3DCivypKUH-tUddfGMMukmccgaaObS2vyc_pvdJra7nJrhGjirpm6DebgFotXmbOhHAW-ZhsKFQVZxirLRpna40FuNH3YFQZT-brHJ1r7dqXdY7OopN65_ouuuSSOTfOABUQzIYFWYS2Q11_33NOeVwJOi7guAjrq3RaokVwyyayhNggD_OjiUoseMLXuGrEXqeOEqfBfthC20&sai=AMfl-YRJ7G8Z5fRHLSHKd1wlEjFqYGkLXaIflykVkkMrI3Ie40xJOs-kPfTk1diFuwI2IPCeBV397eT5u-A7&sig=Cg0ArKJSzKgxllEtaGjmEAE&adurl=
Frame ID: BBC2A06E1E0D5D828316C8C27F5C1E45
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuslvvS1V-_0YDK4gtFQVP6x6MBjeCfCZsV210jOEoq2vTwUDrpXeA4EnOsQsPukHrzPVkJjlN32y08Jqfd1PSJwIlEPvElbr0jPosYZybia4K_0Sxx-q6p8fggkQxq7RibArRxIJd2dzbMkJcBJt24sYsik6gMKQz2-9A5WmGE9u-izWnagm2sFO614R1r0YsIf897rUlLJAaVBScC-uwIRz_cGhOsPAtwL8RYX6NMFq6c5qK09b9VvKrW3keIetjIddhKZu51eZ3gqtcECvUQY_yL3VvYdu3bFf-NOIkewU_IFmlluTc4rIMBsaCGFrk&sai=AMfl-YRB9_wJ-M76MxMssljD5Cqv7cebnGCz09xp-QtoP-npoT4H6ixv_bPKYUwj1M4iOtdANmHd_kGHHAzT&sig=Cg0ArKJSzHw3IN9dbmVBEAE&adurl=
Frame ID: A88F95E140533696B3FE126407445741
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssLkvqhW_YKwCIL8UiR_v78AzQQQ06jkjX714NLfBFd8YhXpTAYJtm4TvmzdN1HkLjODA1EOmuQr89iJmg0Pf0Z_CKebdJ7ZKCTTl3XQKGBQtkkrpYsd5Qsei1AeXOXmBt5ITZB4Fl-zLlNPDnfk4IS9DOEHmuQD7XLQ86e8NWeViDCpY3qmsj7qqmAAmr0tFZkxOhuix2BTjRcQl9JGiED5gA907iIRsx4LTdzMDMfjNJgRsh3VwmS8p5UpFo5ulFRLw9mNhwxOPMW1pujj0BK63bZClHAZiLheotdbMDv6g3mUg9vb3lBQNFgiPKXQ-o&sai=AMfl-YQ7LbV2G8Jl10PFJ5egF8Tbgc1MHt3FE9xs5KlgY8pamC6nHfDUVN08mNb76kixJk4hiAiWIRmVXU-1&sig=Cg0ArKJSzO5YpNyeT_RFEAE&adurl=
Frame ID: B5B3D6D0614E284B4945C8AF8911DBCA
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsteHJvrgPu5cWhvlehx-DEqSuIj7OZGf5iXhJYdaXsYcgQhOAVCM2HGcFQWZjQOZ2ChntNWHojnFyXvpuFaOuw-Z1or-NrrR7lSSwSUx2f1zNIm-cEZZOVhik0R96IGucg-6ip53vG3rga590e_JNQkjHQzjpb74ldkzcsSOu2bj6UpgivXqVYAF0iVrE4a6hZTigRES5gBMHSzr6ffu_Sh2ltTmFKXRup_IUzkIeN2xRzTDCFMCCLiTgAMdKqblvXKxGpKNzyiFr9kkCOgvVbpZxxSqmUXcmKb1LU4RmNEZfBqonMWaK2R31LyLCI8fDk&sai=AMfl-YT_G5_-xj8pPURm8aD9NoGswVI8yEYZVg8iVJjHYOtFI-rK0I7XUoYdpa1MphAnD7yfvnXK0yMGZk2v&sig=Cg0ArKJSzMHcGffEspf_EAE&adurl=
Frame ID: 70F84BDA6BF35B21BE793B1113AF0A2F
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuAVfoUeepZdMJLABlLwCMTgkYtaJf61xz9PYCMgpmA2xS6iBvzxYYNjeZNg1QFRK3c1Qi3lcbZwUSHKA0Ay1PKPhbVqkwTWV0VykVOzow7obPVkzYkG5JNcRSDBSrivgr22VIlkPVV1BxwLdEdycRr9lVDfpjR2WVMeyhiKOYd2e9AOK2S6oKvme9sHF-cJx9v1lWQsrWKd7ChsKfux2ipoc4n5jDkI-3yT37tn3lmz0Eghy5v-1gcu9_fHQV9lrk-myPX3P1gNVo2dSIxu5xQBv8qJb0QJFCQ2DampDZrslL6i-LwSMNyKhIARFV6CqI&sai=AMfl-YQ3e3veUaidey9cmlDhE34YBt8ZURGmsGhgzHzDzrv56KqdOgVvY0AbTXXZgMM0M-59v_JL5job1dHv&sig=Cg0ArKJSzPgag5pydb_iEAE&adurl=
Frame ID: 28A93120BE39676A8E05B7E902636AA8
Requests: 8 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234025560&pubOrder=305536031&cb=395822153&custom=story&custom3=168400391&adsafe_par&impId=0d0d27b0-b183-11eb-9f88-06a809c23df0
Frame ID: B438793584EC56C3DCF9DCF81646DDA4
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234025551&pubOrder=305536031&cb=1826087518&custom=story&custom3=168400391&adsafe_par&impId=0d0d27b1-b183-11eb-9f88-06a809c23df0
Frame ID: 161D62C4A3BFEF8AA9B730965CC802A8
Requests: 2 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2Fnews-story%2F3bef7d513ccda66e010bbbd78ece65ae%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8&upid=trk7f24&upv=1.1.0
Frame ID: 94153AFCCA9B1B41A1D41758955F4C12
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2Fnews-story%2F3bef7d513ccda66e010bbbd78ece65ae%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8&upid=ekg5qxt&upv=1.1.0
Frame ID: A36363D3FB8C12ACAB43199A33F70CC5
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234092456&pubOrder=305536031&cb=440453319&custom=story&custom3=168400391&adsafe_par&impId=0d0d27b3-b183-11eb-9f88-06a809c23df0
Frame ID: F03C26E8C6608726B418A4053BE02BBF
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234082178&pubOrder=305536031&cb=322818030&custom=story&custom3=168400391&adsafe_par&impId=0d0d27b4-b183-11eb-9f88-06a809c23df0
Frame ID: A2B75D31BC601E58CA48EF9EFF8DB2A0
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x90|1&pubId=36557831&chanId=21941980990&placementId=4795254195&pubCreative=138345071646&pubOrder=2161406623&cb=1058954694&custom=story&custom3=168400391&adsafe_par&impId=0d0d27b5-b183-11eb-9f88-06a809c23df0
Frame ID: 0B9A71DB3685321D254CA0FC05B9754C
Requests: 2 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CNbJ_8eBv_ACFVoC4Aodn6UNfA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1270965378263.229;~oref=https://www.heraldsun.com.au/
Frame ID: 6B65B41CDF01CB8358F2D92829435FAC
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234092471&pubOrder=305536031&cb=1364132555&custom=story&custom3=168400391&adsafe_par&impId=0d0d27b2-b183-11eb-9f88-06a809c23df0
Frame ID: 33C14F27D71E129F7AF0441A1D7A48BB
Requests: 2 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CNbJ_8eBv_ACFVoC4Aodn6UNfA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1270965378263.229;~oref=https://www.heraldsun.com.au/
Frame ID: FE1EDB3D8A8BE4C85A46EA84C48E80FD
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.5.js
Frame ID: 950A96E34AC81D41E7F1904658D628EC
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.5.js
Frame ID: 3CE5FD090A3328392C12D77C4E74FE66
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.5.js
Frame ID: 6A240145D4733DD76A3CADE8E9694C7A
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.5.js
Frame ID: 97519D0BBC7F98A9D5291A7E5B8F4F01
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.5.js
Frame ID: 201CB18C62517D879589635870CABC5A
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.5.js
Frame ID: 51FD8A56BDC4170D471F09D558898107
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: BC4184F4EAB5168373617AE17462B3B7
Requests: 2 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://info.silobreaker.com/e2t/tc/VWZgF_8HnrbfW3xG1xn7HjZSMW2_PQhc4rpWy9N6YWdrG4Zc_7V3Zsc37CgF2TW2kHFNR... Page URL
  2. https://info.silobreaker.com/events/public/v1/track/tc/VWZgF_8HnrbfW3xG1xn7HjZSMW2_PQhc4rpWy9N6YWdrG4Zc_7... HTTP 307
    https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/new... HTTP 302
    https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fbre... HTTP 302
    https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/new... HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fnews... HTTP 302
    https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/new... HTTP 302
    https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fbre... HTTP 302
    https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/new... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Overall confidence: 100%
Detected patterns
  • script /\/prebid\.js/i

Overall confidence: 100%
Detected patterns
  • script /serving-sys\.com\//i

Overall confidence: 100%
Detected patterns
  • html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

319
Requests

96 %
HTTPS

27 %
IPv6

66
Domains

118
Subdomains

93
IPs

8
Countries

2556 kB
Transfer

7574 kB
Size

23
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://info.silobreaker.com/e2t/tc/VWZgF_8HnrbfW3xG1xn7HjZSMW2_PQhc4rpWy9N6YWdrG4Zc_7V3Zsc37CgF2TW2kHFNR17Q2myW5-tWbv5mlhKnW4Ykh-x66x4prW6JBf4B4JTH_5VmQjMG7ry0fdVBrZHm2sGZ4pN1SLFRgVQ62gVM3c-t2_6B5bV-72Hq9hpDG-VXtdRx4R5wSQVvCv_m7F-fSNW81VF226Nx66GVNRmb_8w7TlqW8gD2dn50n7gTVdlPs35YNdDSW5Vl0D43g_28KW5X5hxL5gJXvMN8lBgfS-ddCnW6cDRfc5jzQQRN8NmnH5KxjGbW325DF72PGGCSW6wt8zM5g-kFbW1BMB4k6BHfG5W7rrlgL2Dpn89W4B7cv-4xycfwW3ztvnK78npxdW1FJq9q8dVfX7W6xydZk4BvRK6W2yNLGM4sSnwRW8t3-YM63rrBjW2RsKJC9dCvWvW7FggNC9j3cCP330d1 Page URL
  2. https://info.silobreaker.com/events/public/v1/track/tc/VWZgF_8HnrbfW3xG1xn7HjZSMW2_PQhc4rpWy9N6YWdrG4Zc_7V3Zsc37CgF2TW2kHFNR17Q2myW5-tWbv5mlhKnW4Ykh-x66x4prW6JBf4B4JTH_5VmQjMG7ry0fdVBrZHm2sGZ4pN1SLFRgVQ62gVM3c-t2_6B5bV-72Hq9hpDG-VXtdRx4R5wSQVvCv_m7F-fSNW81VF226Nx66GVNRmb_8w7TlqW8gD2dn50n7gTVdlPs35YNdDSW5Vl0D43g_28KW5X5hxL5gJXvMN8lBgfS-ddCnW6cDRfc5jzQQRN8NmnH5KxjGbW325DF72PGGCSW6wt8zM5g-kFbW1BMB4k6BHfG5W7rrlgL2Dpn89W4B7cv-4xycfwW3ztvnK78npxdW1FJq9q8dVfX7W6xydZk4BvRK6W2yNLGM4sSnwRW8t3-YM63rrBjW2RsKJC9dCvWvW7FggNC9j3cCP330d1?_ud=3a8fa5b1-53d3-49cb-8ae2-d0f83724f3f4&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
    https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8 HTTP 302
    https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fbreaking-news%2fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2fnews-story%2f3bef7d513ccda66e010bbbd78ece65ae%3f_hsmi%3d88974744%26_hsenc%3dp2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8 HTTP 302
    https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8 HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fbreaking-news%2fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2fnews-story%2f3bef7d513ccda66e010bbbd78ece65ae%3f_hsmi%3d88974744%26_hsenc%3dp2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8&1620646181960278902 HTTP 302
    https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8&nk=2d69eb424c415685bfff08b74f9a8dcf-1620646182 HTTP 302
    https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fbreaking-news%2fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2fnews-story%2f3bef7d513ccda66e010bbbd78ece65ae%3f_hsmi%3d88974744%26_hsenc%3dp2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8%26nk%3d2d69eb424c415685bfff08b74f9a8dcf-1620646182 HTTP 302
    https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8&nk=2d69eb424c415685bfff08b74f9a8dcf-1620646182 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1620646188071&ns_c=UTF-8&cv=3.5&c8=Germany%20lifts%20priority%20limits%20to%20offer%20J%26J%20jabs%20to%20all%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2Fnews-story%2F3bef7d513ccda66e010bbbd78ece65ae%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1620646188071&ns_c=UTF-8&cv=3.5&c8=Germany%20lifts%20priority%20limits%20to%20offer%20J%26J%20jabs%20to%20all%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2Fnews-story%2F3bef7d513ccda66e010bbbd78ece65ae%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8&c9=
Request Chain 54
  • https://secure-gl.imrworldwide.com/v60.js HTTP 301
  • https://cdn-gl.imrworldwide.com/v60.js
Request Chain 69
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=c851488c-67d0-4b3e-954e-2c03a13e0d31 HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=c851488c-67d0-4b3e-954e-2c03a13e0d31&tbid=2e64311b-4838-4545-81d5-49292dd702a7-tuct7929eb0&query=taboola_hm%3Dc851488c-67d0-4b3e-954e-2c03a13e0d31&isDirect=0
Request Chain 73
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=mXiAXN1vg9mo&ev=1&orig=trc&pid=562107
Request Chain 75
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEO-bhbT9Log_XwjKSFgCnFo&google_cver=1
Request Chain 77
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=2e64311b-4838-4545-81d5-49292dd702a7-tuct7929eb0
Request Chain 78
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=3ec48305-c26b-496d-8592-383ce55c45cd
Request Chain 79
  • https://ce.lijit.com/merge?pid=42&3pid=12fee572-207f-417d-bc58-05568bc0b3e1-tuct7929eac&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=42&3pid=12fee572-207f-417d-bc58-05568bc0b3e1-tuct7929eac&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Request Chain 83
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=9fd140c8-acb7-4671-8a5b-233fb3a11d21
Request Chain 84
  • https://id5-sync.com/s/464/9.gif?puid=12fee572-207f-417d-bc58-05568bc0b3e1-tuct7929eac&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/464/464/7/1.gif?puid=12fee572-207f-417d-bc58-05568bc0b3e1-tuct7929eac&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOQPJVrgFvioV9LXnGWiugvc8FBGN9xobnSHyQ2g&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOQPJVrgFvioV9LXnGWiugvc8FBGN9xobnSHyQ2g&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/464/124/6/2.gif?puid=04748090-c4a5-4fcf-bf9e-112436e491be&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/19/5/3.gif?puid=f46f22210b798aedf91eefab5b38da78&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/464/101/4/4.gif?puid=1e9c8a39-a608-4fd3-b36f-81f60d88b05a&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/108/3/5.gif?puid=017f1075-1680-4bbb-8494-20746e5f7f8d&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F2%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 301
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F2%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F2%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/464/146/2/6.gif?puid=43102f60-cc0f-4bfd-87b6-366a8a6b8a4a&gdpr=1&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F1%2F7.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/441/1/7.gif?puid=e_5423146e-b2fa-41ff-9ecf-1749d729e45f&gdpr=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=f46f22210b798aedf91eefab5b38da78&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F485%2F0%2F8.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Request Chain 85
  • https://s.c.appier.net/taboola HTTP 302
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=4a0Xx3p7BEOKn4QzNBmZYA
Request Chain 87
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=taboola&bsw_custom_parameter=b5bd4a23-4503-4560-b001-e6ec86c61685 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=taboola&expires=10&bsw_param=b5bd4a23-4503-4560-b001-e6ec86c61685 HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=b5bd4a23-4503-4560-b001-e6ec86c61685
Request Chain 94
  • https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1620646194444 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1620646194444
Request Chain 100
  • https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/undefined HTTP 302
  • https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fbreaking-news%2fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2fnews-story%2fundefined HTTP 302
  • https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/undefined HTTP 302
  • https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fbreaking-news%2fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2fnews-story%2fundefined&1620646197102239796 HTTP 302
  • https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/undefined?nk=6a063a2c444c727a7af7a5c20104e35f-1620646197
Request Chain 140
  • https://cm.everesttech.net/cm/dd?d_uuid=81345772551284393474385986552835357031 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YJkZNgAAABlWfSkN
Request Chain 146
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---&__user_check__=1&sync_id=0d0a96f3-b183-11eb-a60e-1f057aaa0206 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=0d0a96a9-b183-11eb-a60e-1f057aaa0206&orig=video&us_privacy=1---
Request Chain 162
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1270965378263.229 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CNbJ_8eBv_ACFVoC4Aodn6UNfA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1270965378263.229
Request Chain 165
  • https://secure.adnxs.com/px?id=879166&seg=9702347&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Request Chain 166
  • https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1
Request Chain 206
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1620646199967&url=https%3A%2F%2Fwww.heraldsun.com.au%2F HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26time%3D1620646199967%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252F%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1620646199967&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1620646199967&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&liSync=true&e_ipv6=AQIbWpTUwYBdGAAAAXlWCod8Gsrbq-2nD2gERUuRXFB8qe63zK7AuL0g26AYGjVi2NH4a9kC
Request Chain 221
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=6990995679280864852
Request Chain 232
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=3689427079626716088
Request Chain 244
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=ODEzNDU3NzI1NTEyODQzOTM0NzQzODU5ODY1NTI4MzUzNTcwMzE= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPdN81rNgTsTiRzo0uJ09GQ&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 257
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=add346fb-16d5-48b4-8488-78e0c4a84ba5
Request Chain 270
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__ HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YJkZOsBXmjocmPnm.2X0nQAA%261116
Request Chain 271
  • https://dt.scanscout.com/ssframework/uid?UIAA=81345772551284393474385986552835357031&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-bd2675ae2fdaa760b31b18a37927d22c
Request Chain 279
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=81345772551284393474385986552835357031&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Request Chain 281
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=81345772551284393474385986552835357031 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=81345772551284393474385986552835357031
Request Chain 287
  • https://tags.bluekai.com/site/43981?id=81345772551284393474385986552835357031&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=qdBLBQ9999ehLokQ
Request Chain 294
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUprWk5nQUFBQmxXZlNrTg==
Request Chain 295
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YJkZNgAAABlWfSkN&expires=90
Request Chain 299
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YJkZNgAAABlWfSkN
Request Chain 301
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=YJkZNgAAABlWfSkN
Request Chain 302
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YJkZNgAAABlWfSkN HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YJkZNgAAABlWfSkN
Request Chain 303
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJkZNgAAABlWfSkN
Request Chain 304
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YJkZNgAAABlWfSkN&img=1
Request Chain 306
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=YJkZNgAAABlWfSkN&t=2592000&o=0
Request Chain 307
  • https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=147592?dpuuid=4a7e626b-6c11-445c-9258-f39f7823edc6-tuct7929eb4
Request Chain 309
  • https://sync.1rx.io/usersync/adobe/0?dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync/adobe/0?zcc=1&dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D&cb=1620646206088 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-64601681-6e43-4b81-8df4-c734f5098771-003?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3DRX-64601681-6e43-4b81-8df4-c734f5098771-003 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=461447&dpuuid=RX-64601681-6e43-4b81-8df4-c734f5098771-003 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=461447&dpuuid=RX-64601681-6e43-4b81-8df4-c734f5098771-003

319 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
VWZgF_8HnrbfW3xG1xn7HjZSMW2_PQhc4rpWy9N6YWdrG4Zc_7V3Zsc37CgF2TW2kHFNR17Q2myW5-tWbv5mlhKnW4Ykh-x66x4prW6JBf4B4JTH_5VmQjMG7ry0fdVBrZHm2sGZ4pN1SLFRgVQ62gVM3c-t2_6B5bV-72Hq9hpDG-VXtdRx4R5wSQVvCv_m7F-fS...
info.silobreaker.com/e2t/tc/
10 KB
3 KB
Document
General
Full URL
https://info.silobreaker.com/e2t/tc/VWZgF_8HnrbfW3xG1xn7HjZSMW2_PQhc4rpWy9N6YWdrG4Zc_7V3Zsc37CgF2TW2kHFNR17Q2myW5-tWbv5mlhKnW4Ykh-x66x4prW6JBf4B4JTH_5VmQjMG7ry0fdVBrZHm2sGZ4pN1SLFRgVQ62gVM3c-t2_6B5bV-72Hq9hpDG-VXtdRx4R5wSQVvCv_m7F-fSNW81VF226Nx66GVNRmb_8w7TlqW8gD2dn50n7gTVdlPs35YNdDSW5Vl0D43g_28KW5X5hxL5gJXvMN8lBgfS-ddCnW6cDRfc5jzQQRN8NmnH5KxjGbW325DF72PGGCSW6wt8zM5g-kFbW1BMB4k6BHfG5W7rrlgL2Dpn89W4B7cv-4xycfwW3ztvnK78npxdW1FJq9q8dVfX7W6xydZk4BvRK6W2yNLGM4sSnwRW8t3-YM63rrBjW2RsKJC9dCvWvW7FggNC9j3cCP330d1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
info.silobreaker.com
:scheme
https
:path
/e2t/tc/VWZgF_8HnrbfW3xG1xn7HjZSMW2_PQhc4rpWy9N6YWdrG4Zc_7V3Zsc37CgF2TW2kHFNR17Q2myW5-tWbv5mlhKnW4Ykh-x66x4prW6JBf4B4JTH_5VmQjMG7ry0fdVBrZHm2sGZ4pN1SLFRgVQ62gVM3c-t2_6B5bV-72Hq9hpDG-VXtdRx4R5wSQVvCv_m7F-fSNW81VF226Nx66GVNRmb_8w7TlqW8gD2dn50n7gTVdlPs35YNdDSW5Vl0D43g_28KW5X5hxL5gJXvMN8lBgfS-ddCnW6cDRfc5jzQQRN8NmnH5KxjGbW325DF72PGGCSW6wt8zM5g-kFbW1BMB4k6BHfG5W7rrlgL2Dpn89W4B7cv-4xycfwW3ztvnK78npxdW1FJq9q8dVfX7W6xydZk4BvRK6W2yNLGM4sSnwRW8t3-YM63rrBjW2RsKJC9dCvWvW7FggNC9j3cCP330d1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:40 GMT
content-type
text/html;charset=utf-8
cf-ray
64d2d4c36eef2798-PRG
vary
Accept-Encoding
cf-cache-status
MISS
access-control-allow-credentials
false
cf-request-id
09f7a34e2000002798781fd000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy
no-referrer
x-hubspot-correlation-id
1211b026-d77d-4eec-8a2a-c171f86b580f
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1QfAYxMHioBE28%2BxYSsU5HU9%2B%2FupMoV041NbfA14uSzGZ%2FwOh%2BAaDSVso%2BdITPWsWBBP%2BECehQD42gxj%2BOrSz5%2FfXgHx4tWt2DYhPnRR34zfiiZxJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
set-cookie
__cfruid=3c7b017865cad636df1873615692f8d075912992-1620646180; path=/; domain=.info.silobreaker.com; HttpOnly; Secure; SameSite=None
server
cloudflare
content-encoding
br
Primary Request 3bef7d513ccda66e010bbbd78ece65ae
www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/
Redirect Chain
  • https://info.silobreaker.com/events/public/v1/track/tc/VWZgF_8HnrbfW3xG1xn7HjZSMW2_PQhc4rpWy9N6YWdrG4Zc_7V3Zsc37CgF2TW2kHFNR17Q2myW5-tWbv5mlhKnW4Ykh-x66x4prW6JBf4B4JTH_5VmQjMG7ry0fdVBrZHm2sGZ4pN1SL...
  • https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7...
  • https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fbreaking-news%2fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2fnews-story%2f3bef7d513c...
  • https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7...
  • https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fbreaking-news%2fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2fnews-story%2f3bef7d51...
  • https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7...
  • https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fbreaking-news%2fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2fnews-story%2f3bef7d513c...
  • https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7...
217 KB
46 KB
Document
General
Full URL
https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8&nk=2d69eb424c415685bfff08b74f9a8dcf-1620646182
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWZgF_8HnrbfW3xG1xn7HjZSMW2_PQhc4rpWy9N6YWdrG4Zc_7V3Zsc37CgF2TW2kHFNR17Q2myW5-tWbv5mlhKnW4Ykh-x66x4prW6JBf4B4JTH_5VmQjMG7ry0fdVBrZHm2sGZ4pN1SLFRgVQ62gVM3c-t2_6B5bV-72Hq9hpDG-VXtdRx4R5wSQVvCv_m7F-fSNW81VF226Nx66GVNRmb_8w7TlqW8gD2dn50n7gTVdlPs35YNdDSW5Vl0D43g_28KW5X5hxL5gJXvMN8lBgfS-ddCnW6cDRfc5jzQQRN8NmnH5KxjGbW325DF72PGGCSW6wt8zM5g-kFbW1BMB4k6BHfG5W7rrlgL2Dpn89W4B7cv-4xycfwW3ztvnK78npxdW1FJq9q8dVfX7W6xydZk4BvRK6W2yNLGM4sSnwRW8t3-YM63rrBjW2RsKJC9dCvWvW7FggNC9j3cCP330d1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-111.deploy.static.akamaitechnologies.com
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
4fc2c58a06a817ef89a0c00403b7b5b0158f105ff0818f0c91ec274acc73f65e
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

:method
GET
:authority
www.heraldsun.com.au
:scheme
https
:path
/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8&nk=2d69eb424c415685bfff08b74f9a8dcf-1620646182
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
AWSALB=AsBFNuPMsesEMHvkPUPDslABwxykWIBE18kp5MJ/FHhpC7a4kV9KYgtLrXC1HTk0f/nxhYZT5uh/dJgym4pOzdKCT8udPH9qKV9I1G9zT0jxTR8SYkdFvRjd9Btn; AWSALBCORS=AsBFNuPMsesEMHvkPUPDslABwxykWIBE18kp5MJ/FHhpC7a4kV9KYgtLrXC1HTk0f/nxhYZT5uh/dJgym4pOzdKCT8udPH9qKV9I1G9zT0jxTR8SYkdFvRjd9Btn; n_regis=123456789
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://info.silobreaker.com/e2t/tc/VWZgF_8HnrbfW3xG1xn7HjZSMW2_PQhc4rpWy9N6YWdrG4Zc_7V3Zsc37CgF2TW2kHFNR17Q2myW5-tWbv5mlhKnW4Ykh-x66x4prW6JBf4B4JTH_5VmQjMG7ry0fdVBrZHm2sGZ4pN1SLFRgVQ62gVM3c-t2_6B5bV-72Hq9hpDG-VXtdRx4R5wSQVvCv_m7F-fSNW81VF226Nx66GVNRmb_8w7TlqW8gD2dn50n7gTVdlPs35YNdDSW5Vl0D43g_28KW5X5hxL5gJXvMN8lBgfS-ddCnW6cDRfc5jzQQRN8NmnH5KxjGbW325DF72PGGCSW6wt8zM5g-kFbW1BMB4k6BHfG5W7rrlgL2Dpn89W4B7cv-4xycfwW3ztvnK78npxdW1FJq9q8dVfX7W6xydZk4BvRK6W2yNLGM4sSnwRW8t3-YM63rrBjW2RsKJC9dCvWvW7FggNC9j3cCP330d1

Response headers

server
nginx
content-type
text/html; charset=UTF-8
set-cookie
AWSALB=oSLethKtIBkQ2FGAOLuJ5rKDIaiuG21Uv1ZpOBdyOQcjd3y2BE+0L3SqgFdwwkJlUKoE9/L32oS1undJXx5I5BUz8RR8NAd39JfCnUUSzGc32s1/r6ndsvoRw3v0; Expires=Mon, 17 May 2021 11:29:43 GMT; Path=/ nk=2d69eb424c415685bfff08b74f9a8dcf; expires=Thu, 09 May 2024 11:29:44 GMT; path=/; domain=heraldsun.com.au; SameSite=None; Secure; AWSALBCORS=oSLethKtIBkQ2FGAOLuJ5rKDIaiuG21Uv1ZpOBdyOQcjd3y2BE+0L3SqgFdwwkJlUKoE9/L32oS1undJXx5I5BUz8RR8NAd39JfCnUUSzGc32s1/r6ndsvoRw3v0; Expires=Mon, 17 May 2021 11:29:43 GMT; Path=/; SameSite=None; Secure
x-powered-by
WordPress VIP <https://wpvip.com>
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https
true
vary
User-Agent Accept-Encoding
x-arrrg1
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fbreaking-news%2fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2fnews-story%2f3bef7d513ccda66e010bbbd78ece65ae%3f_hsmi%3d88974744%26_hsenc%3dp2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8%26nk%3d2d69eb424c415685bfff08b74f9a8dcf-1620646182&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=3bef7d513ccda66e010bbbd78ece65ae&session=2d69eb424c415685bfff08b74f9a8dcf
x-arrrg5
BlaizeHappened
x-rq
ewr4 114 24 3179
x-xss-protection
1
x-content-type-options
nosniff
host-header
a9130478a60e5f9135f765b23f26593b
content-encoding
gzip
cache-control
max-age=57
expires
Mon, 10 May 2021 11:30:42 GMT
date
Mon, 10 May 2021 11:29:45 GMT

Redirect headers

server
AkamaiNetStorage
content-length
154
content-type
text/html
location
https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8&nk=2d69eb424c415685bfff08b74f9a8dcf-1620646182
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https
true
vary
User-Agent
etag
"8222bdfdf08f1a28312e7d161218ff2d:1551324797"
expires
Mon, 10 May 2021 11:29:43 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Mon, 10 May 2021 11:29:43 GMT
css-metro-desktop-lazy.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/
55 B
674 B
Stylesheet
General
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8&nk=2d69eb424c415685bfff08b74f9a8dcf-1620646182
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path
/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css
pragma
no-cache
cookie
n_regis=123456789; AWSALB=oSLethKtIBkQ2FGAOLuJ5rKDIaiuG21Uv1ZpOBdyOQcjd3y2BE+0L3SqgFdwwkJlUKoE9/L32oS1undJXx5I5BUz8RR8NAd39JfCnUUSzGc32s1/r6ndsvoRw3v0; nk=2d69eb424c415685bfff08b74f9a8dcf; AWSALBCORS=oSLethKtIBkQ2FGAOLuJ5rKDIaiuG21Uv1ZpOBdyOQcjd3y2BE+0L3SqgFdwwkJlUKoE9/L32oS1undJXx5I5BUz8RR8NAd39JfCnUUSzGc32s1/r6ndsvoRw3v0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.heraldsun.com.au
referer
https://www.heraldsun.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:45 GMT
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https
true
content-length
74
x-rq
ewr4 114 24 3161
last-modified
Wed, 10 Mar 2021 01:11:17 GMT
server
nginx
etag
"60481cb5-37"
vary
User-Agent
content-type
text/css
cache-control
max-age=20
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Mon, 10 May 2021 11:30:05 GMT
lux.js
cdn.speedcurve.com/js/
21 KB
7 KB
Script
General
Full URL
https://cdn.speedcurve.com/js/lux.js?id=338391603
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8&nk=2d69eb424c415685bfff08b74f9a8dcf-1620646182
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
1647e28020eaa5351a43d1583a9714bfeedddd6390c1bf4ab3b50f763ac81be5

Request headers

Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:45 GMT
via
1.1 vegur, 1.1 varnish
age
6752
x-cache
HIT
x-cache-hits
39
content-encoding
gzip
content-length
6933
x-served-by
cache-hhn4030-HHN
last-modified
Mon, 10 May 2021 09:37:13 GMT
server
Apache
x-timer
S1620646185.279848,VS0,VE0
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 May 2021 09:37:13 GMT
loader.js
cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/
256 KB
35 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8&nk=2d69eb424c415685bfff08b74f9a8dcf-1620646182
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3b27f022aa501b26e80948155fc3c5ff4967af37488a92ee8975d8cd0cfe9072

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
sr1qIzLrtF7utXXUwDexjW_BsF0h0SRk
content-encoding
gzip
etag
"2cbaa0b26a8fb5405550a4ee5a0edcc5"
age
0
x-cache
HIT
content-length
35561
x-amz-id-2
T7TvnqfRG0nqqMugustCYMfEAfJLXEX9IsM+uZLE1Fs2dnXROuavaDoeXIscxFUlQ1tvN0H87qM=
x-served-by
cache-hhn11561-HHN
last-modified
Thu, 06 May 2021 15:34:59 GMT
server
AmazonS3
x-timer
S1620646185.402257,VS0,VE104
date
Mon, 10 May 2021 11:29:45 GMT
vary
Accept-Encoding
x-amz-request-id
4WYG2SZ9DHE3HAX6
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
51
x-cache-hits
1
heraldsun.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/
37 KB
15 KB
Image
General
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
03cce1892cbfca0c35fe3b1f64307db1269f452bc8eb983a654d68166bfb57c0
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path
/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg
pragma
no-cache
cookie
n_regis=123456789; AWSALB=oSLethKtIBkQ2FGAOLuJ5rKDIaiuG21Uv1ZpOBdyOQcjd3y2BE+0L3SqgFdwwkJlUKoE9/L32oS1undJXx5I5BUz8RR8NAd39JfCnUUSzGc32s1/r6ndsvoRw3v0; nk=2d69eb424c415685bfff08b74f9a8dcf; AWSALBCORS=oSLethKtIBkQ2FGAOLuJ5rKDIaiuG21Uv1ZpOBdyOQcjd3y2BE+0L3SqgFdwwkJlUKoE9/L32oS1undJXx5I5BUz8RR8NAd39JfCnUUSzGc32s1/r6ndsvoRw3v0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.heraldsun.com.au
referer
https://www.heraldsun.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:45 GMT
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https
true
content-length
14385
x-rq
ewr4 114 120 3167
last-modified
Mon, 12 Apr 2021 00:05:02 GMT
server
nginx
etag
W/"60738eae-948d"
vary
User-Agent
content-type
image/svg+xml
cache-control
max-age=1433568
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Thu, 27 May 2021 01:42:33 GMT
heraldsun-white.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/
8 KB
3 KB
Image
General
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun-white.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path
/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun-white.svg
pragma
no-cache
cookie
n_regis=123456789; AWSALB=oSLethKtIBkQ2FGAOLuJ5rKDIaiuG21Uv1ZpOBdyOQcjd3y2BE+0L3SqgFdwwkJlUKoE9/L32oS1undJXx5I5BUz8RR8NAd39JfCnUUSzGc32s1/r6ndsvoRw3v0; nk=2d69eb424c415685bfff08b74f9a8dcf; AWSALBCORS=oSLethKtIBkQ2FGAOLuJ5rKDIaiuG21Uv1ZpOBdyOQcjd3y2BE+0L3SqgFdwwkJlUKoE9/L32oS1undJXx5I5BUz8RR8NAd39JfCnUUSzGc32s1/r6ndsvoRw3v0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.heraldsun.com.au
referer
https://www.heraldsun.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:45 GMT
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https
true
content-length
2891
x-rq
bom2 113 245 3165
last-modified
Tue, 02 Feb 2021 00:35:25 GMT
server
nginx
etag
W/"60189e4d-1e5e"
vary
User-Agent
content-type
image/svg+xml
cache-control
max-age=2317918
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Sun, 06 Jun 2021 07:21:43 GMT
js-critical-desktop.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/
5 KB
2 KB
Script
General
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c90eae5c92821e1331128c9346a7665710813be0bad539e27f94720fcadd970e
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path
/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
pragma
no-cache
cookie
n_regis=123456789; AWSALB=oSLethKtIBkQ2FGAOLuJ5rKDIaiuG21Uv1ZpOBdyOQcjd3y2BE+0L3SqgFdwwkJlUKoE9/L32oS1undJXx5I5BUz8RR8NAd39JfCnUUSzGc32s1/r6ndsvoRw3v0; nk=2d69eb424c415685bfff08b74f9a8dcf; AWSALBCORS=oSLethKtIBkQ2FGAOLuJ5rKDIaiuG21Uv1ZpOBdyOQcjd3y2BE+0L3SqgFdwwkJlUKoE9/L32oS1undJXx5I5BUz8RR8NAd39JfCnUUSzGc32s1/r6ndsvoRw3v0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.heraldsun.com.au
referer
https://www.heraldsun.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:45 GMT
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https
true
content-length
1908
x-rq
ewr4 113 43 3243
last-modified
Thu, 06 May 2021 04:43:50 GMT
server
nginx
etag
W/"60937406-1248"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=30
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Mon, 10 May 2021 11:30:15 GMT
title-arrow.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/
540 B
861 B
Image
General
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8&nk=2d69eb424c415685bfff08b74f9a8dcf-1620646182
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.22.90.129 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-22-90-129.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:45 GMT
last-modified
Wed, 16 Sep 2020 23:56:43 GMT
server
AmazonS3
x-amz-request-id
504D77E5FA85043F
etag
"4d7595f832e4962b83a9428c3723233b"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=290530
accept-ranges
bytes
content-length
540
x-amz-id-2
SfyGNr0xC3gGNdMzZjgt+eJgd3ukJ7Nv6Yl3GvRYVxj6veZ66vLb81mWlvXXQcNgDWF4xt8O4Iw=
expires
Thu, 13 May 2021 20:11:55 GMT
source-sans-pro-600.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/
16 KB
16 KB
Font
General
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-600.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8&nk=2d69eb424c415685bfff08b74f9a8dcf-1620646182
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.22.90.129 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-22-90-129.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Request headers

Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:45 GMT
last-modified
Tue, 22 Sep 2020 06:30:09 GMT
server
AmazonS3
x-amz-request-id
67780F823C891E87
etag
"c85615b296302af51e683eecb5e371d4"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=65506
accept-ranges
bytes
content-length
15948
x-amz-id-2
/GJFFwFIt6FTCvZ3FfKrPlFGPcGgIBPgxyD+gYU0k0OLZ2gu1ijuBM02OF+QSVCwk6uqOIipSaU=
expires
Tue, 11 May 2021 05:41:31 GMT
charter_bold.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/
11 KB
12 KB
Font
General
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8&nk=2d69eb424c415685bfff08b74f9a8dcf-1620646182
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.22.90.129 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-22-90-129.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf

Request headers

Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:45 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
533053FB3A9BBEB1
etag
"c4ced7adf03d84494a6c1da275896d38"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=297098
accept-ranges
bytes
content-length
11472
x-amz-id-2
xBEbiDmsGGltI8Yg/6KV5ma/tLJEH/HiZG5unHSXzQFkD4NszIa428e99eKOR042iS4/6NqWxw8=
expires
Thu, 13 May 2021 22:01:23 GMT
source-sans-pro-regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/
16 KB
16 KB
Font
General
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-regular.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8&nk=2d69eb424c415685bfff08b74f9a8dcf-1620646182
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.22.90.129 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-22-90-129.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Request headers

Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:45 GMT
last-modified
Tue, 01 Sep 2020 04:31:33 GMT
server
AmazonS3
x-amz-request-id
92EFC4E0BE55F80E
etag
"899c8f78ce650d4009d42443897aa723"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=198761
accept-ranges
bytes
content-length
16112
x-amz-id-2
N7ERn0RKwPhA8Zi7U8MQ8VTcyYasxbjcb3W3BBArlCiKt/WLLPLpVxJoOrR6NfrBjc/po+spMTY=
expires
Wed, 12 May 2021 18:42:26 GMT
charter_regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/
11 KB
11 KB
Font
General
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_regular.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8&nk=2d69eb424c415685bfff08b74f9a8dcf-1620646182
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.22.90.129 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-22-90-129.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0

Request headers

Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:45 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
3F5A70DC90317950
etag
"29e85ea235248e0a7761df4fe6643e1a"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=296217
accept-ranges
bytes
content-length
11372
x-amz-id-2
GhbyfZxKs0nm6bFANFLXrysx5G1RRpQV5WOMPiMoq4gBbz09i4y7YGzefvmdaW/PW2mAGUdlO4Y=
expires
Thu, 13 May 2021 21:46:42 GMT
title-arrow-white.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/
535 B
852 B
Image
General
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow-white.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8&nk=2d69eb424c415685bfff08b74f9a8dcf-1620646182
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.22.90.129 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-22-90-129.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:47 GMT
last-modified
Thu, 17 Sep 2020 00:28:25 GMT
server
AmazonS3
x-amz-request-id
7980CE79243196B5
etag
"b0f5ec7455ded53e84de4fee006a5110"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=205532
accept-ranges
bytes
content-length
535
x-amz-id-2
rKrGs4EAQoTEcjzEqvvzWct0qX1GQTXzeknYL5aOnpLO3GvgvzwnTV5gVH06OFBc1onIVCov9h4=
expires
Wed, 12 May 2021 20:35:19 GMT
rampart.js
www.heraldsun.com.au/remote/identity/rampart/latest/
269 KB
83 KB
Script
General
Full URL
https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-111.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
203e6a61b58046221bbf6ade2ba5b3f050244ab0f76e87326bbcc1e9cde86862
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path
/remote/identity/rampart/latest/rampart.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.heraldsun.com.au
referer
https://www.heraldsun.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server
AkamaiNetStorage
etag
"f70e66940635c830184a0ff078903701:1620021396.013982"
vary
User-Agent Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=235
date
Mon, 10 May 2021 11:29:47 GMT
is-https
true
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Mon, 10 May 2021 11:33:42 GMT
js-metro-desktop-lazy.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/
47 KB
15 KB
Script
General
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
919a09d45286a3828a624e7dae7c7ee6b964ba70339274d8e333c5aaaf9c9ec9
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path
/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.heraldsun.com.au
referer
https://www.heraldsun.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:47 GMT
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https
true
content-length
14341
x-rq
ewr4 114 88 3279
last-modified
Mon, 19 Apr 2021 23:52:30 GMT
server
nginx
etag
W/"607e17be-bbb6"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=54
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Mon, 10 May 2021 11:30:41 GMT
js-weather.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/
6 KB
3 KB
Script
General
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-weather.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
6d90199995b493e006d03ef62d624e59120a272ed586ff1496bd7a5c38ccb3fe
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path
/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-weather.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.heraldsun.com.au
referer
https://www.heraldsun.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:47 GMT
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https
true
content-length
1987
x-rq
ewr4 119 71 3093
last-modified
Tue, 13 Apr 2021 00:42:15 GMT
server
nginx
etag
W/"6074e8e7-182d"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Mon, 10 May 2021 11:29:48 GMT
load.js
widget.perfectmarket.com/newscorpau-aud-heraldsun/
3 KB
2 KB
Script
General
Full URL
https://widget.perfectmarket.com/newscorpau-aud-heraldsun/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.137.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c6b30be9e2ecab19294bbf313c1b95df4ef35c8299bbabfd6e4ec67d95a12376

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
7clDTlv1b9nqXkJZmi.ciVRIswky16L3
content-encoding
gzip
etag
"1a868d280f9424f5d82876d6cf0c46b9"
age
0
x-cache
HIT, MISS
content-length
1123
x-amz-id-2
kcRuMjUKDZy/QgjVnixitnXq1pKzXEhNJFAVqAq/5Xvznqahv29zetDZpau9P1fO+Dbj7l6pBzI=
x-served-by
cache-sna10737-LGB, cache-hhn11560-HHN
last-modified
Tue, 07 Apr 2020 10:39:09 GMT
server
AmazonS3
x-timer
S1620646188.755929,VS0,VE155
date
Mon, 10 May 2021 11:29:47 GMT
vary
Accept-Encoding,,
x-amz-request-id
5QX57ZGC36JHMAQP
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1, 0
impl.20210506-7-RELEASE.js
cdn.taboola.com/libtrc/
483 KB
111 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/impl.20210506-7-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
8add9975d90befa00fd949bddf38c8fbde9e000837058684bd26366e71b3ddfb

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
41boWY3bJBMsg5YZKthz6VWW_ra1A1Nu
content-encoding
br
etag
"6d4c8a6b6f8d35505c6e01c7fb07f642"
age
10342
x-cache
HIT
content-length
113273
x-amz-id-2
Jz+mk2WKho6pVenJ+RfhB43/gV2OpeYCHC3M3A3hzF3mg6O2HNBjn0UGO0PBZHwMROEquGuYEoM=
x-served-by
cache-hhn11561-HHN
last-modified
Thu, 06 May 2021 08:25:51 GMT
server
AmazonS3-br
x-timer
S1620646188.638243,VS0,VE0
date
Mon, 10 May 2021 11:29:47 GMT
vary
Accept-Encoding
x-amz-request-id
EX5RYS5ZXRCN50PS
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
43
x-cache-hits
61076
beacon.js
sb.scorecardresearch.com/
1 KB
2 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.95.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-18.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:06:45 GMT
via
1.1 a63182cf51dce7998774e112bf9ee7c6.cloudfront.net (CloudFront)
etag
"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
1383
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-length
1469
x-amz-cf-id
IYsy8TBybwk8oFVURpNj1X3eZhoS9dsynro_2FkgPHi8_fulBU94nA==
authorize
login.newscorpaustralia.com/ Frame 3DB5
2 KB
3 KB
Document
General
Full URL
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=GtBgRgPF233DdAkbvctsulQrEQsbP_IS&nonce=8TerFsUjSNjfZInvA-ih2D0Vpy2dj563&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNi4wIn0%3D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.79.141.98 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-141-98.deploy.static.akamaitechnologies.com
Software
cloudflare /
Resource Hash
38755f4f7f08d98e96a63c2d2af8f815e7c29220a3ece6794ba3f5e1b96df857
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
login.newscorpaustralia.com
:scheme
https
:path
/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=GtBgRgPF233DdAkbvctsulQrEQsbP_IS&nonce=8TerFsUjSNjfZInvA-ih2D0Vpy2dj563&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNi4wIn0%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-type
text/html;charset=UTF-8
cf-ray
64d2d4f5ce0f2484-FRA
strict-transport-security
max-age=31536000
cf-cache-status
DYNAMIC
cf-request-id
09f7a36d9e00002484a183b000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id
64d2d4f5ce0f2484
ot-tracer-sampled
true
ot-tracer-spanid
20e68b6739b40568
ot-tracer-traceid
3952dbac55e1fc0d
x-auth0-requestid
ecfca24e17f72ff7dddb
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1620646189
server
cloudflare
content-encoding
gzip
x-akamai-transformed
9 581 0 pmb=mTOE,3
expires
Mon, 10 May 2021 11:29:48 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Mon, 10 May 2021 11:29:48 GMT
content-length
842
vary
Accept-Encoding
set-cookie
__cfduid=dae5f7b71ad667e4963c04e248bfc84431620646188; expires=Wed, 09-Jun-21 11:29:48 GMT; path=/; domain=.au.auth0.com; HttpOnly; SameSite=Lax; Secure did=s%3Av0%3A074f1ef0-b183-11eb-ba70-9f7620703cdb.%2F%2FZCeWmHgNQjUzvGKJHQgo%2FBM3CcNyp5bEo6SnMyuOw; Max-Age=31557600; Path=/; Expires=Tue, 10 May 2022 17:29:48 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A074f1ef0-b183-11eb-ba70-9f7620703cdb.%2F%2FZCeWmHgNQjUzvGKJHQgo%2FBM3CcNyp5bEo6SnMyuOw; Max-Age=31557600; Path=/; Expires=Tue, 10 May 2022 17:29:48 GMT; HttpOnly; Secure ak_bmsc=C4F4F9B7C702F0FBD48289C9DFC3BE5E021164BF1A2A00002C199960B12CA030~plJgrG/8BONhO1DQ54mrz3tKUcsqKPl9A/tyUIGnYU78rjNQC+cclSMou8ChjQRs90JgaNTaKliA5E+IX8XAkkXLGhAyd/mj3lZGYw42nmF1x6o2wkgUVZSD6U0Dnv2ho0aX3L+gsy8DPnCxulVJ86tVxzYZHfHH/W+lQznt62AvfoaxiFmCvyspsvcsnbq/kY+SeBUYlJq8WS+F15zu2f4Aqkyl/mauPbHKUfOX/U7/giTATZ6aPaqCzTRc7oS5bZ; expires=Mon, 10 May 2021 13:29:48 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=991C918BC55002B950B56B1F8E6E2DDA~WLXrhpF7n6VzdjAg2wWSo9hFRbTUtdh6uLjtUM8KMaU9lq61J97Wj+XWdO+X4SdWsT2ei9CdskTkJYi+aiWFRQS2wdZpvrmuE6W90YvMgmQoTOc4kBS6xqm3Lim9NCqiOSj+QNnz5i2+U1Isax/ThG35+YOwLCBKUMC5+huagNUqdVKoH8UQBcJeLqBGGF5G3Z+s538pyUZM/NpLi4Il7Q7zuYC6h+wB4eMvNC3zTJ1mDSp199q6gZRRVza/MgTF; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=25E93CC303744FBC59C832CF3642FDC4~YAAQv2QRAj27yDN5AQAAAFcKVgsCotk1/pLwM4zoN5IMDSi0vYnxHkACjCtRCIT8fAIqJCFFBV11MdyC4KA2e+NbR9hUoZZKdDLH5GosW1Gr3LKyaQ55eM3A2vN1NugPZsqWYrY05j98EM0p4npzroUYjOuAq3YSHHNeDGes0Zmu17BguALoRf1X8RxhbkEXJqZ5OXkENSIZ0mM=; Domain=.newscorpaustralia.com; Path=/; Expires=Mon, 10 May 2021 15:29:48 GMT; Max-Age=14400; HttpOnly _abck=3D6A600850434B75127A79A6F9DFDBBC~-1~YAAQv2QRAj67yDN5AQAAAFcKVgV/m5rpYGeGy9n/s9+HvesbDaGx7V6CEB666MgPKN2xJ9ijd8qbPyws0lFgpEUa1UMGcfwOL6MzN9vdvwkh2Ez5suNb298BPYyLz+In/XKr9CD1gtGaIl26zYrpsNycdysB/f1n+d5G6NaSeJJ1EhrGPD1V+5Ytv2zb85bHfYmaBTl3lYAA2UXSIWnQLDI4ejYuUyh1HD+F74VR9/9rLglAVPuyVypn/XMScPxhq4HBpsJogK1c5ub+IMsxH4XuyVxW9e3riFTbhU0RNZO1DOK3sbnWIuzs9AQnV3hdOpZdw04RJ/MyBSUKXWcfLR+t015HaquYvyqaIpM7VdDH+LE/CtoFf6tAukUVq4wT1kBoLH7VYA==~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Tue, 10 May 2022 11:29:48 GMT; Max-Age=31536000; Secure
utag.sync.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/
3 KB
1 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.sync.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-77-38.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4379b5695f319d7ad15e6c86346e9117f0b4f4a8d4bcbab18aa840fd9e6d900a

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:48 GMT
content-encoding
gzip
last-modified
Wed, 14 Apr 2021 03:49:38 GMT
server
AkamaiNetStorage
etag
"cd574ccc8294fe1328dbeab462c8cb3f:1618372178.026573"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
1234
expires
Mon, 10 May 2021 11:34:48 GMT
utag.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/
71 KB
19 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-77-38.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
aeff34d9a1c253a230b7436d1f8798f9d4d096c0dd88ac2983997dce9ef88508

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:48 GMT
content-encoding
gzip
last-modified
Wed, 14 Apr 2021 03:49:39 GMT
server
AkamaiNetStorage
etag
"baf18b342a54172ca520ae382752ce1c:1618372179.176935"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
19094
expires
Mon, 10 May 2021 11:34:48 GMT
indies-loader.js
ts2020-indies-client.web.app/
7 KB
3 KB
Script
General
Full URL
https://ts2020-indies-client.web.app/indies-loader.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9c96c025f6aa0b8edff6538d533ddd012d17e860c8fa47140314e81886ce22e0
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
last-modified
Thu, 22 Apr 2021 01:47:05 GMT
x-timer
S1620646188.445309,VS0,VE1
etag
"5c2c9c77edcfefaf1619408144b41c5b44f64c00ae68f3981ff348f0dc03807f-br"
x-served-by
cache-vie21623-VIE
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
date
Mon, 10 May 2021 11:29:48 GMT
accept-ranges
bytes
content-length
2347
x-cache-hits
1
js-c3po-bundle.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/
155 KB
36 KB
Script
General
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-c3po-bundle.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
da4c81ef1f258a59c89e07f6599b86b9716185e7d670448c7ecaa9efe733a439
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path
/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-c3po-bundle.js
pragma
no-cache
cookie
com.auth0.auth.GtBgRgPF233DdAkbvctsulQrEQsbP_IS={%22nonce%22:%228TerFsUjSNjfZInvA-ih2D0Vpy2dj563%22%2C%22state%22:%22GtBgRgPF233DdAkbvctsulQrEQsbP_IS%22}
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.heraldsun.com.au
referer
https://www.heraldsun.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:48 GMT
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https
true
content-length
36438
x-rq
ewr4 113 203 3118
last-modified
Wed, 05 May 2021 01:33:23 GMT
server
nginx
etag
W/"6091f5e3-26ad0"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=54
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Mon, 10 May 2021 11:30:42 GMT
js-vidora-client.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/
7 KB
4 KB
Script
General
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5d630b02705945f83750220e2544986af8ae2699aa1a60cc543dc14f0214888d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path
/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js
pragma
no-cache
cookie
com.auth0.auth.GtBgRgPF233DdAkbvctsulQrEQsbP_IS={%22nonce%22:%228TerFsUjSNjfZInvA-ih2D0Vpy2dj563%22%2C%22state%22:%22GtBgRgPF233DdAkbvctsulQrEQsbP_IS%22}
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.heraldsun.com.au
referer
https://www.heraldsun.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:48 GMT
content-encoding
gzip
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https
true
content-length
2979
x-rq
ewr4 115 233 3223
last-modified
Wed, 05 May 2021 01:32:59 GMT
server
nginx
etag
W/"6091f5cb-1afd"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Mon, 10 May 2021 11:29:49 GMT
6b72aca2abac675a8ce5d1b18f35b4f4
content.api.news/v3/images/bin/
93 KB
93 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/6b72aca2abac675a8ce5d1b18f35b4f4
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
cccb55119ca1004cd1403b4cbff46c008d1445bc2cc564305375f3075e6e8370

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag
6b72aca2abac675a8ce5d1b18f35b4f4
date
Mon, 10 May 2021 11:29:48 GMT
last-modified
Mon, 10 May 2021 09:31:39 GMT
server
Akamai Image Manager
etag
ced407eedcf6e3d6b829df89564f04e9-6b72aca2abac675a8ce5d1b18f35b4f4-0
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5176897
access-control-allow-headers
x-newsapi-api-key
content-length
95036
expires
Fri, 09 Jul 2021 09:31:25 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1620646188071&ns_c=UTF-8&cv=3.5&c8=Germany%20lifts%20priority%20limits%20to%20offer%20J%26J%20jabs%20to%20all%20%7C%20Herald%20Sun&c7=...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1620646188071&ns_c=UTF-8&cv=3.5&c8=Germany%20lifts%20priority%20limits%20to%20offer%20J%26J%20jabs%20to%20all%20%7C%20Herald%20Sun&c7...
64 B
329 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1620646188071&ns_c=UTF-8&cv=3.5&c8=Germany%20lifts%20priority%20limits%20to%20offer%20J%26J%20jabs%20to%20all%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2Fnews-story%2F3bef7d513ccda66e010bbbd78ece65ae%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8&c9=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.95.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-18.zrh50.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:49 GMT
via
1.1 a63182cf51dce7998774e112bf9ee7c6.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
Uyop0ngx_jnf06O25R7KKmuKW6ZSeyt1VA4qnMjErr_DER1-ugd4eA==

Redirect headers

date
Mon, 10 May 2021 11:29:48 GMT
via
1.1 a63182cf51dce7998774e112bf9ee7c6.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1620646188071&ns_c=UTF-8&cv=3.5&c8=Germany%20lifts%20priority%20limits%20to%20offer%20J%26J%20jabs%20to%20all%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2Fnews-story%2F3bef7d513ccda66e010bbbd78ece65ae%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8&c9=
content-length
537
x-amz-cf-id
5HBRXUy52QLumHRWzGrC8SezDpAsJXGDD731icP-7tSNks9VLRkrkA==
all.css
use.fontawesome.com/releases/v5.6.3/css/
52 KB
13 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:48 GMT
content-encoding
gzip
last-modified
Thu, 20 Dec 2018 17:45:13 GMT
server
NetDNA-cache/2.2
etag
W/"dc93d584e41f8417f6b7163320d34329"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
json
trc.taboola.com/newscorpau-aud-heraldsun/trc/3/
19 KB
7 KB
XHR
General
Full URL
https://trc.taboola.com/newscorpau-aud-heraldsun/trc/3/json?tim=13%3A29%3A48.656&lti=deflated&data=%7B%22id%22%3A991%2C%22ii%22%3A%22%2Fbreaking-news%2Fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2Fnews-story%2F3bef7d513ccda66e010bbbd78ece65ae%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1620315297435%2C%22vi%22%3A1620646188583%2C%22cv%22%3A%2220210506-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.news.com.au%2Fbreaking-news%2Fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2Fnews-story%2F3bef7d513ccda66e010bbbd78ece65ae%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A2128%2C%22qs%22%3A%22%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-bc-desktop-article-02-native%3Aabp%3D0%22%2C%22uip%22%3A%22Desktop%20Below%20Article%20Native%22%2C%22orig_uip%22%3A%22Desktop%20Below%20Article%20Native%22%2C%22cd%22%3A934%2C%22mw%22%3A705.296875%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A934%2C%22mw%22%3A705.296875%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210506-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3bb30175b6cfcb8f16994fcb4021621905649d6768f50e8eea582af5d5fc1485

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
392
date
Mon, 10 May 2021 11:29:49 GMT
content-encoding
gzip
server
nginx
x-timer
S1620646189.718194,VS0,VE392
x-served-by
cache-hhn11561-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
pmk-202003261.4.js
widget.perfectmarket.com/newscorpau-aud-heraldsun/
111 KB
31 KB
Script
General
Full URL
https://widget.perfectmarket.com/newscorpau-aud-heraldsun/pmk-202003261.4.js
Requested by
Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/newscorpau-aud-heraldsun/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.137.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6f9b28ce46bc46d6dc12b7a3e09437e46b159144cf7ea835cfd4702cad05ad8

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
vvUnpxiCp2d1vGKAsSzC893juA9_vk_J
content-encoding
gzip
etag
"b7fcedf037c57085d364b689ca46f32e"
age
3446601
x-cache
HIT, HIT
content-length
30954
x-amz-id-2
CJwikwwZxQyH18OUOXiJXbj2eJMHVh0cLtSyhrNU23WheEY5kZ4IZiaT3pkyXUxrvuw1K4chqIQ=
x-served-by
cache-lax10649-LGB, cache-hhn11560-HHN
last-modified
Tue, 07 Apr 2020 10:39:09 GMT
server
AmazonS3
x-timer
S1620646189.181735,VS0,VE1
date
Mon, 10 May 2021 11:29:49 GMT
vary
Accept-Encoding,,
x-amz-request-id
S3DM0CK1FSSZD79G
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1, 1
authorize
login.newscorpaustralia.com/ Frame DEAA
2 KB
3 KB
Document
General
Full URL
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=08D9axwvT3gBmE~DNoU3R_~Ll7cJSBKm&nonce=2Zdzt2-1UCxxe-oeBw0BEerQ6aEwR7QU&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNi4wIn0%3D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.79.141.98 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-141-98.deploy.static.akamaitechnologies.com
Software
cloudflare /
Resource Hash
48fa84ace8346ffa2987bc0c581604a77d113e603a871ffcb808607e6a0cbea7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
login.newscorpaustralia.com
:scheme
https
:path
/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=08D9axwvT3gBmE~DNoU3R_~Ll7cJSBKm&nonce=2Zdzt2-1UCxxe-oeBw0BEerQ6aEwR7QU&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNi4wIn0%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
did=s%3Av0%3A074f1ef0-b183-11eb-ba70-9f7620703cdb.%2F%2FZCeWmHgNQjUzvGKJHQgo%2FBM3CcNyp5bEo6SnMyuOw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-type
text/html;charset=UTF-8
cf-ray
64d2d4fb193a2b1a-FRA
strict-transport-security
max-age=31536000
cf-cache-status
DYNAMIC
cf-request-id
09f7a370f500002b1abb0f8000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id
64d2d4fb193a2b1a
ot-tracer-sampled
true
ot-tracer-spanid
52381ffa30ca8cfc
ot-tracer-traceid
4d17cb621c98119d
x-auth0-requestid
6112be6e003fae47bebf
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1620646190
server
cloudflare
content-encoding
gzip
x-akamai-transformed
9 573 0 pmb=mTOE,3
expires
Mon, 10 May 2021 11:29:49 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Mon, 10 May 2021 11:29:49 GMT
content-length
843
vary
Accept-Encoding
set-cookie
__cfduid=d4dea62af61482e116c265ad8fcba214b1620646189; expires=Wed, 09-Jun-21 11:29:49 GMT; path=/; domain=.au.auth0.com; HttpOnly; SameSite=Lax; Secure did=s%3Av0%3A074f1ef0-b183-11eb-ba70-9f7620703cdb.%2F%2FZCeWmHgNQjUzvGKJHQgo%2FBM3CcNyp5bEo6SnMyuOw; Max-Age=31557600; Path=/; Expires=Tue, 10 May 2022 17:29:49 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A074f1ef0-b183-11eb-ba70-9f7620703cdb.%2F%2FZCeWmHgNQjUzvGKJHQgo%2FBM3CcNyp5bEo6SnMyuOw; Max-Age=31557600; Path=/; Expires=Tue, 10 May 2022 17:29:49 GMT; HttpOnly; Secure ak_bmsc=72D36813D59687136039287B277CCD3C021164BF1A2A00002D199960C7B7A56E~plFahfU5Xth4bnTXxsEYBQaMgXcBQ0JvlpK4itQ+MA2G5yHlZta7THHIPtvuS9O82+Id8Dwd7frWULSNraaJCYakEEoiEtpJClmsHsf9IhvKsKf5Nznyl0NhMB22xZbLYNq4hjFP/uoP1oku0XI9B34sULnLQq0dd9VisGAHKsT1L5/MFDyct25qXf8IRiv+Bxu3AIHCj6k8o1uN+cszyj+433mf/NAvWiTtiqNaJ1PMtXtXRTxXB3mZy4b4PB5Oiq; expires=Mon, 10 May 2021 13:29:49 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=482E405A6C57A7715816A25C3BB061B3~WLXrhpF7n6VzdjAg2wWSo8Pl3Ph262RbuuGtY6mT7SeK6Ldz77HNd+l9wWFYEze1xfiQsIFe0WaTYyREgQcY+xJN7BtxaN7FgHrA0v15jlj1wBpS6nnAMIMkaaroCU5y0wMgoLMhtiDS/2XZMo/4IbewGvtE+HAZi75fB6C/VfyzGYIkdmSkkSO5idppK4QhWbhOtcr0cw6Pk2TLlGuwOTA73pFamUA5MZs01gkgANa/Dj+KDWxFxxvrRxCOHCFp; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=C03CE5C7661F6CAD161488FD2DCEF601~YAAQv2QRAj+7yDN5AQAAYFoKVgtowXcQo02Q0KtgOqEkCu/Fa2sMWDSIF7TcpceS4/8dhXm6ygmF0J+/b9y0Z7191MKm7/PPGEcs+tuZS8fbU40lqE+xM6EH6AdSjv+wvMTfVu2tiv+O8QzB13mF6KHm5D6J9bJ2YFiJRZhOiWB0HwjMbL8dkMAtycSmdxi17JEVOfSfqE46Vng=; Domain=.newscorpaustralia.com; Path=/; Expires=Mon, 10 May 2021 15:29:49 GMT; Max-Age=14400; HttpOnly _abck=92FFB323A19BB5861887732AA9C5B5A5~-1~YAAQv2QRAkC7yDN5AQAAYFoKVgVFv5QjO1N0Uaaoq/uYxvilsRbDArct+aQczwaRgfDbkK2AfRY04vpFSYvIlWnx0G8sfkhkasm/g+uQakU6YotfZOtyZWwPAKdu+w/Y9QyMyd0i1zaWgS1zfEJAnhmUl6BAQaKiw9mDQ2XEIqwt9C/dvNH7J4PiG8q+mazL/Lr8GhPLCa9mJHkDyBsF0c6lzPpSvIgYIR/AOhg1L2fhufy2dTEwoO8zaUxE1q8BIuMCbb8SWnqA7ZnoGuJ5zEvRwcLsQWUG3ol+UL3rb+c0IZwazuwKTHWTxS5TU6UVgjcT35cKd/wXWFnjEKLn9KHdLyIA1AriWy3tp1DJtjTYO9EIuaq+NJ+e4O3u7NYkgL9sK4qQtw==~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Tue, 10 May 2022 11:29:49 GMT; Max-Age=31536000; Secure
vidora-client.1.x.x.min.js
assets.vidora.com/js/
8 KB
4 KB
Script
General
Full URL
https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:6800:4:77d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4754c1f1fb712883286295c92774dddebef215996cfdfab9fd972d265473f025

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 May 2021 12:50:17 GMT
content-encoding
gzip
etag
W/"0d9785869d3d057828f29bcf6b0f8119"
last-modified
Mon, 15 Mar 2021 13:51:58 GMT
server
AmazonS3
age
81573
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
ygcy8AoBFxkD-1vE4VTYjf3QY9G3gxJMrscbiFEy8wqn_rJJmACWbw==
authorize
login.newscorpaustralia.com/ Frame 796C
2 KB
3 KB
Document
General
Full URL
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=cxSL9k01hZ0UusaQ8HGq13vin2LFyGf1&nonce=BcEjJie12RJZw.L07sw1tOVNzscX87jh&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNi4wIn0%3D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.79.141.98 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-141-98.deploy.static.akamaitechnologies.com
Software
cloudflare /
Resource Hash
37b4c988b99e3d4d6551acde1da66511e684b1990ff7364786a1a14716392317
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
login.newscorpaustralia.com
:scheme
https
:path
/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=cxSL9k01hZ0UusaQ8HGq13vin2LFyGf1&nonce=BcEjJie12RJZw.L07sw1tOVNzscX87jh&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNi4wIn0%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
did=s%3Av0%3A074f1ef0-b183-11eb-ba70-9f7620703cdb.%2F%2FZCeWmHgNQjUzvGKJHQgo%2FBM3CcNyp5bEo6SnMyuOw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-type
text/html;charset=UTF-8
cf-ray
64d2d4fc2f704dc4-FRA
strict-transport-security
max-age=31536000
cf-cache-status
DYNAMIC
cf-request-id
09f7a3719c00004dc4dc1a9000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id
64d2d4fc2f704dc4
ot-tracer-sampled
true
ot-tracer-spanid
3452836e697e2fbf
ot-tracer-traceid
0008f0bc7dd2f6af
x-auth0-requestid
93816f9d37c619910e43
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1620646190
server
cloudflare
content-encoding
gzip
x-akamai-transformed
9 543 0 pmb=mTOE,3
expires
Mon, 10 May 2021 11:29:49 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Mon, 10 May 2021 11:29:49 GMT
content-length
844
vary
Accept-Encoding
set-cookie
did=s%3Av0%3A074f1ef0-b183-11eb-ba70-9f7620703cdb.%2F%2FZCeWmHgNQjUzvGKJHQgo%2FBM3CcNyp5bEo6SnMyuOw; Max-Age=31557600; Path=/; Expires=Tue, 10 May 2022 17:29:49 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A074f1ef0-b183-11eb-ba70-9f7620703cdb.%2F%2FZCeWmHgNQjUzvGKJHQgo%2FBM3CcNyp5bEo6SnMyuOw; Max-Age=31557600; Path=/; Expires=Tue, 10 May 2022 17:29:49 GMT; HttpOnly; Secure ak_bmsc=4E5AB227BF2CFE8EDC57435ED627F417021164BF1A2A00002D199960B0F6F307~plp7Z8ZIWCgRMfKbaS1l5YGyYOkLizB9AJNeackzJ+S7xs70Z9ikU3ge4e/iywW4Ie8alhmbZCrgZ1DIA5CiB6WfeYaCplvxkf95M4MDJaO/SrLDaLVzm6FsPBu6Xxe8/0KV6EmC6BIVNtKVtv84d2OTT+45lsllwPJZM8X46N1KXqjdexGcdOUA5Vg3wekkvGvtPISIRUAdagk5bolkHFMUmuhC/cwP4K6G0N/rX2y+yTehu3T81amvCdVEULOsP1; expires=Mon, 10 May 2021 13:29:49 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=7FA964146E48EC9577923105AF382F99~WLXrhpF7n6VzdjAg2wWSo7T/E+bA72AJRSy5qJXthLuIJ48T0p4GMefkpDyzQTbJh8U1xNJQwF00icob4uiXG4ndR7uGDH55u/xR0SVuzQ59nrz1b28canmB4YM6jiuf0DcdFZVP6Q4SO6zud6rL+akikNaV/ZHHqeCuq1JJUqDQC/1RqE0P3y0NX3k6OP3m5IwLlJioWuw8HePaMf/HwRoSL+G0dKVGUBYFaVKo47WKfZ6tC5MHWb4lFykolQkS; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=993CF7F2F7FCD3DA6EB2E579B990ACD7~YAAQv2QRAkG7yDN5AQAA7VoKVgsR0frUX3hoCKB7lYDvaTmTclTMd5Dt8BnXthw4Zg3OObvWg7OKzXrUUiWjG4QqbFUx2CK4KYUCCrldn9/WsSEDEfuEEq3pYOiPZ5LGLNyz1GdpER8wgaHlLl4sIAKBULSiIthiwKA1OHpzr9+pLozcCOrVuKrdL0+wCGbvK2UulYcXLF/CSi8=; Domain=.newscorpaustralia.com; Path=/; Expires=Mon, 10 May 2021 15:29:49 GMT; Max-Age=14400; HttpOnly _abck=61FA0BD798753D39F783C9BB9500824F~-1~YAAQv2QRAkK7yDN5AQAA7VoKVgUfE/sh1uAyIZp4hJVVVmg2zM7hovL3byJ6x/VCxvElH3krVRPukRIa3QCf+UVdbHR+wrGBf18IE9xpqzVRW/IXrfhDkofzvyn4b9RDNANGlTfjxROvLlBfzsZJQoDwMpiWVbX1H5Dtog+SGAwD6VdkcafXeuyGd/uwoALMdx4NIbryW1FQskX2vTtwD/b8ZoSSUd151NQ03gF8/w650UT/W8wdvPWYflwxiTFLWBpIKSDBEcF/9GmsMKpWI48nZavqeo9v2nj0os0DJXJAbZn0OZ3AcMPRawWFVJGYz+1HfZ2Xjoqw859nVwB4ub5Ty8spVfpHkBInw5xnNCvD3GKdj6N7I6FEzsPJHRc3SAu9JE+PgA==~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Tue, 10 May 2022 11:29:49 GMT; Max-Age=31536000; Secure
utrack.js
tags.news.com.au/prod/utrack/
2 KB
1 KB
Script
General
Full URL
https://tags.news.com.au/prod/utrack/utrack.js?cb=16206461893950.7443023561868312
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
0a5c20fa498bbe10bf8d2cf7618fac06f7c2b0f64541d1613298d44059b532af

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:29:49 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"ab4f3fe7c5c43b61d4377ef72d3952fa:1558613430"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=0, no-cache, no-store
content-type
application/x-javascript
content-length
831
expires
Mon, 10 May 2021 11:29:49 GMT
mitas.js
tags.news.com.au/prod/mitas/
666 B
905 B
Script
General
Full URL
https://tags.news.com.au/prod/mitas/mitas.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:49 GMT
cache-control
max-age=75839
server
AkamaiNetStorage
content-type
application/x-javascript
etag
"83a2bbd4d3829f1d4278f4ff0988804c:1490850995"
content-length
666
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
B7670439;dcadv=4149947;sz=1x2;ord=699509165847.2974
ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/
19 KB
8 KB
Script
General
Full URL
https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=699509165847.2974?
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f102.1e100.net
Software
cafe /
Resource Hash
2fe7f70a0b45b7560102d96f7a01ed4a77734bd9c7bdcb29dc491c47db63f56e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:29:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7104
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
authorize
login.newscorpaustralia.com/ Frame C587
2 KB
3 KB
Document
General
Full URL
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=90dluJCK8o7g7GH-qPIOqY9XXzcPPyG8&nonce=n7uyiJX4E7m4lBQwAFXxktAYTM3ZQs9t&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNi4wIn0%3D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.79.141.98 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-141-98.deploy.static.akamaitechnologies.com
Software
cloudflare /
Resource Hash
ef709e777d80faa6c525302f27dfba5c66d58dc0a77e693784ac71e09a063e42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
login.newscorpaustralia.com
:scheme
https
:path
/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=90dluJCK8o7g7GH-qPIOqY9XXzcPPyG8&nonce=n7uyiJX4E7m4lBQwAFXxktAYTM3ZQs9t&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNi4wIn0%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
did=s%3Av0%3A074f1ef0-b183-11eb-ba70-9f7620703cdb.%2F%2FZCeWmHgNQjUzvGKJHQgo%2FBM3CcNyp5bEo6SnMyuOw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-type
text/html;charset=UTF-8
cf-ray
64d2d5031bc32b1a-FRA
strict-transport-security
max-age=31536000
cf-cache-status
DYNAMIC
cf-request-id
09f7a375f400002b1aba996000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id
64d2d5031bc32b1a
ot-tracer-sampled
true
ot-tracer-spanid
23995a8b4334db04
ot-tracer-traceid
7a7fca4c1d1fac7e
x-auth0-requestid
17860e7f9dbc2a0217c2
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1620646192
server
cloudflare
content-encoding
gzip
x-akamai-transformed
9 538 0 pmb=mTOE,3
expires
Mon, 10 May 2021 11:29:51 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Mon, 10 May 2021 11:29:51 GMT
content-length
846
vary
Accept-Encoding
set-cookie
__cfduid=d9e6c0b478837d2f61947ec61e3e2076e1620646190; expires=Wed, 09-Jun-21 11:29:50 GMT; path=/; domain=.au.auth0.com; HttpOnly; SameSite=Lax; Secure did=s%3Av0%3A074f1ef0-b183-11eb-ba70-9f7620703cdb.%2F%2FZCeWmHgNQjUzvGKJHQgo%2FBM3CcNyp5bEo6SnMyuOw; Max-Age=31557600; Path=/; Expires=Tue, 10 May 2022 17:29:51 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A074f1ef0-b183-11eb-ba70-9f7620703cdb.%2F%2FZCeWmHgNQjUzvGKJHQgo%2FBM3CcNyp5bEo6SnMyuOw; Max-Age=31557600; Path=/; Expires=Tue, 10 May 2022 17:29:51 GMT; HttpOnly; Secure ak_bmsc=7244E03224C4738CD7EB05E8735EC398021164BF1A2A00002F199960F5EDC354~plABaJMvTB+hPGk+uAPLrtitOonnxf1dAz5rVvL1oCQBZdQFDABwNmKPvza0ZQKM47d04yb1sYrKlbUPbEjztIkjesMQJFh6gx/i8M0EtEFOP5+etgGQPZHPdSBrf8FphXnVikoZ0XpehyIcZrc4u8mp6rRPrDtSvxnVOuZilLIJLeMbWMC08awmR4xS9BnIO3wODfzNyInV4AytTBHM4RffAefmVg5DwHsjpiiDdQnUnBFPrRVC1xHJ/fzwIvpGRy; expires=Mon, 10 May 2021 13:29:51 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=F979E19A9AE087043E9DF1804FED99C9~WLXrhpF7n6VzdjAg2wWSo/snjlyo8GuOo+SzgwVsELDxxVDTmvbNOsEAYDM+2NDnttquM5aCuktljtZHa0Ou02IA3Y4AEkU1dCUyFNbehDYPC9zXDAxekABWRi6AsDABa1ZIRbCC0owdzRN4waDKBnQ9xU7Pi2N1ZZ8r1rbPzUc2fTsNebe+LJI1nI+zX4eFCp8Gy3X+pW3iKwXuRFurW3uhU2CIsXd1OOECKl4ywCKrlHSoBhiQ95dLkfM7VyfA; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=69C41A6C51035E5A1E37CBA05CD55AF8~YAAQv2QRAkW7yDN5AQAAZmAKVgvgeJp7rkVJ+dZ2ln4gC7IOnWgD7cRH9Uh37PxIPlYL79SfOKImP7QGt6kNavjfk2avmq+6SMNNGfOMjY/IrA2rnGXY3MQ1U2peD5lYQMFzkFVG6n/9SLMhT69v3JkGquyIxOpFF8v6jqKVcPDB6S/N7+NDHxM2AMAfBgYcCP+QkuNLXwjwPhI=; Domain=.newscorpaustralia.com; Path=/; Expires=Mon, 10 May 2021 15:29:50 GMT; Max-Age=14399; HttpOnly _abck=BA5AA6B91098E7237788D46E69B6C3EA~-1~YAAQv2QRAka7yDN5AQAAZmAKVgVzFKrh97vQwsrz/M3QhErNqDOWbAZSrpe0QC4+aX2++BZmJb3mObrrSiakkNc8fC/3YrQYypEuIVHX6Jxszkvdy5B+zJynyCg2q3pFn6z07A/bENtT9rZc19mmDZLlqyduF6kzr3e99kNGw/3ZhU9WhPImmbORAsR0bTWl1oaOsU0D+YpamRIZ1MCbJk5O8h65HFLMeTHwxHNEOn6byuPimSzxsNWWY9H3CGO6JkgOADjBWKy+SZxnEA9duPJcG6rQUNpnFMfHy/1PduQITUsv8x+b3Fw2CXRRkpNhglxANRz6vygs9fST41d3W5X/WXXbpI8rkjFnwsvsV923WUG3GA/DdxBtoAkMBuvi1ot7HHlXKQ==~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Tue, 10 May 2022 11:29:51 GMT; Max-Age=31536000; Secure
cta-branding.js
cdn.taboola.com/demand-formats/cta-branding/
19 KB
6 KB
Script
General
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210506-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f2f6d277e9a00330022be2b7ef4441ed84127e2359bfe7f7800c10f294e81917

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
scc9i0WjBcezJETEcKeKlmIHFeg5X8y4
content-encoding
gzip
etag
"559c107d74fc83d8062b2553a1818b07"
age
24361
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5911
x-amz-id-2
PcZdxd4MAAFykcoOHYcgyv+TEhcU7OKI7t0br8QAKbOSr4qga/V09bIEDue+m1dl1lmqkJ1sz9E=
x-served-by
cache-hhn11561-HHN
last-modified
Mon, 03 May 2021 12:43:43 GMT
server
AmazonS3
x-timer
S1620646191.691834,VS0,VE0
date
Mon, 10 May 2021 11:29:50 GMT
vary
Accept-Encoding
x-amz-request-id
7QPCNXQEEQ4QGPWX
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
43
x-cache-hits
467759
cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/
2 KB
1 KB
Stylesheet
General
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210506-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
10qGt8O9hKdbB5IigEtXn8Bn._HPfO8j
content-encoding
gzip
etag
"10c372ee2c83a7fd12df18aebc5320c6"
age
16851
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
719
x-amz-id-2
WKHOafpT9qf7ClanGhqGwcczB303Ax3znQ9/m3xHolnoZIR6HeT7S39m4QTumo+QVxjz+gbVzlI=
x-served-by
cache-hhn11561-HHN
last-modified
Tue, 06 Apr 2021 14:48:01 GMT
server
AmazonS3
x-timer
S1620646191.596080,VS0,VE0
date
Mon, 10 May 2021 11:29:50 GMT
vary
Accept-Encoding
x-amz-request-id
CR4E2RJ6SANDVYVF
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
text/css
abp
43
x-cache-hits
236830
tfa-eid.20210506-7-RELEASE.es6.js
cdn.taboola.com/libtrc/
13 KB
5 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20210506-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
59587e68ed187fdfda4f5f89b3e97a64690a13463dfefc1141eaea03bebdc1eb

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
JeTFio8RB25hb0.b.oW6hIUHdtaChnl.
content-encoding
gzip
etag
"497313b7766db3c042e0e09e5eb6bd83"
age
1
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4868
x-amz-id-2
mNAf6v7XIkSrHnQ0CP489T5Dldb9y8HC3AhOD//Y5bc8UFADX80Nn7qfBDGzyjamh5WIWUIlUPc=
x-served-by
cache-hhn11561-HHN
last-modified
Thu, 06 May 2021 12:09:39 GMT
server
AmazonS3
x-timer
S1620646191.278899,VS0,VE0
date
Mon, 10 May 2021 11:29:51 GMT
vary
Accept-Encoding
x-amz-request-id
45124AK31RQCJDKT
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
43
x-cache-hits
11
sha256.20210506-7-RELEASE.es6.js
cdn.taboola.com/libtrc/
6 KB
3 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/sha256.20210506-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ee0a7fdd5b315817774fc9f3c302bb1470236e0e177fe8ef8334c2f6f75afc1d

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
VgwndrRwnm.4MEVGa4FKVyvAo_uRUKgE
content-encoding
gzip
etag
"9006e6d602ca140d7ed04ab61f41eaed"
age
107
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2595
x-amz-id-2
ulfU/GCX3l0AyYgfZRtv/XBPFIrHOw7nIqN0EtXeYlRNP8u6Xp6cUeng2qKhT0EBxITvAIeb/Ao=
x-served-by
cache-hhn11561-HHN
last-modified
Thu, 06 May 2021 12:09:48 GMT
server
AmazonS3
x-timer
S1620646191.308103,VS0,VE0
date
Mon, 10 May 2021 11:29:51 GMT
vary
Accept-Encoding
x-amz-request-id
PR1ADEEJP1DY8GPM
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
43
x-cache-hits
907
tb
15.taboola.com/
36 KB
10 KB
XHR
General
Full URL
https://15.taboola.com/tb?oid=15&pubnm=newscorpau-aud-heraldsun&unitType=244&tbloc=&pageType=text&pstn=Below%20Article%20Thumbnails&uuip=Feed%20-%20Below%20Article%20Thumbnails&cisrf=&cirf=https%3A%2F%2Fwww.news.com.au%2Fbreaking-news%2Fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2Fnews-story%2F3bef7d513ccda66e010bbbd78ece65ae&encoded=1&uid=12fee572-207f-417d-bc58-05568bc0b3e1-tuct7929eac&variant=-100|1260357984&callback=TRC.videoTagCallbacks.videoCallback1&cb=1620646190693&tagid=&cntry=CZ&platform=1&sesid=339c9e640fe88a2c090452e2454edcfe&itemid=/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae&viewid=1620646188583&geolat=&geoing=&deviceifa=&appid=&sd=v2_339c9e640fe88a2c090452e2454edcfe_12fee572-207f-417d-bc58-05568bc0b3e1-tuct7929eac_1620646188_1620646188_CNawjgYQgPNHGKesqbCVLyABKAEwNzjBqwhA5okQSL6G2ANQ____________AVgAYABosa_ptcr9986tAQ&ri=6ef26aa14f93041c796f624056753e61&appname=&cdb=&gdprApplies=true&rid=&sii=&oee=true&tpubid=1177984&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=10&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1177516&prcnt=&layer=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210506-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0159b2f042d5d98536190f932081e3dfc03adcba92604265705d9979abe3ba85

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 10 May 2021 11:29:51 GMT
content-encoding
gzip
access-control-allow-origin
https://www.heraldsun.com.au
machineid
1415
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-hhn11561-HHN
pragma
no-cache
server
nginx
x-timer
S1620646191.307917,VS0,VE18
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://am-wf.taboola.com>; rel=preconnect
x-cache-hits
0
feed-card-placeholder.20210506-7-RELEASE.es6.js
cdn.taboola.com/libtrc/
5 KB
1 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20210506-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
73854a96802204f2318120247a7be8c22098bf32c657877d95072c85a75ec7ce

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
kVuT2vxA65uo_EhMdqh4WJzjh5eNqPM.
content-encoding
gzip
etag
"f00ede3e1da15b3b67ec373cb6e7436d"
age
79
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1268
x-amz-id-2
ruvZPNfOjGX8OYFMIuTYfX5a6T1ScgfcV5FFThcxqMXjPw8X65rFuSTBSF9PIBWjLKHZxNQ8oR0=
x-served-by
cache-hhn11561-HHN
last-modified
Thu, 06 May 2021 12:10:06 GMT
server
AmazonS3
x-timer
S1620646191.325038,VS0,VE0
date
Mon, 10 May 2021 11:29:51 GMT
vary
Accept-Encoding
x-amz-request-id
97R1R36RPZN2DS08
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
43
x-cache-hits
435
distance-from-article.20210506-7-RELEASE.es6.js
cdn.taboola.com/libtrc/
2 KB
1 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20210506-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5fdc9cb116e3a6cb2363710075fbff64f49b72356d6130f60e39070501c571a7

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
5c1C6.P51BoSihLxM32pPReCHLPgRly0
content-encoding
gzip
etag
"5638fd0ca273cbfb111c199d788ff8d8"
age
79
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1012
x-amz-id-2
fZ3MHH0dG0Z/RNrNNXpvoxovHPUFjOtz7uDz/wWh6nP/aPXl2c44hLwurJqTWbsaM/XF8wohRwA=
x-served-by
cache-hhn11561-HHN
last-modified
Thu, 06 May 2021 12:10:13 GMT
server
AmazonS3
x-timer
S1620646192.512946,VS0,VE0
date
Mon, 10 May 2021 11:29:51 GMT
vary
Accept-Encoding
x-amz-request-id
0B72YWRKX4PKC61S
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
43
x-cache-hits
82
article-detection.20210506-7-RELEASE.es6.js
cdn.taboola.com/libtrc/
2 KB
1 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/article-detection.20210506-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d73e6fc5c61e17b7539da439f8a6903ffd613270b379c9a54a96124ce1b99c4

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
l58JSFNc50ci_4ePYBM_w15ppHgDe_5p
content-encoding
gzip
etag
"cd3b6cdbb2e3168ac2ba767a5f501dae"
age
14
x-cache
HIT
x-amz-replication-status
PENDING
content-length
865
x-amz-id-2
Xwtso86u3CRAGStClLoKZVF2sc6aqfQhcKNmjWtDl7NCMx3GMnYi0u/CdLQjrvISEqWV1HYe6d4=
x-served-by
cache-hhn11561-HHN
last-modified
Thu, 06 May 2021 12:10:22 GMT
server
AmazonS3
x-timer
S1620646192.513207,VS0,VE0
date
Mon, 10 May 2021 11:29:51 GMT
vary
Accept-Encoding
x-amz-request-id
NHTAKTAHZJAAFXKB
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
43
x-cache-hits
15
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/
4 KB
2 KB
Image
General
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
age
22
via
1.1 varnish
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
MHo+h4SoT9nIl+iTFr0eBqIFJsdjM/PW3dROcF0Vbjf9W3gHxeZjU84QhwGuF7PBRzQ/WZD+oK0=
x-served-by
cache-hhn11561-HHN
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1620646192.559775,VS0,VE0
date
Mon, 10 May 2021 11:29:51 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-request-id
2XWHXYWBFGD3A262
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/svg+xml
access-control-allow-headers
*
abp
43
x-cache-hits
73
74529a0b-e967-4975-b8c8-e0c0c4f966b0.woff2
cdn.taboola.com/static/74/
15 KB
15 KB
Font
General
Full URL
https://cdn.taboola.com/static/74/74529a0b-e967-4975-b8c8-e0c0c4f966b0.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0f961c62a5d3faf422bafd5ce3c490a54b95c68a1bb5aaca37b66a8257fe02ea

Request headers

Origin
https://www.heraldsun.com.au
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
lTPw_HQcAdyouGxJIVR7UXSSSYo5BGPI
via
1.1 varnish
etag
"587de8ec039052f50e69c9654439b991"
age
138
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
15332
x-amz-id-2
yy+RfKMlFtUdyL3t/nkfyYJUBIiRCI+ETfINTqoBxypeMkkSQ2dphK47xSo2G1xo1QROwWW/SM0=
x-served-by
cache-hhn11561-HHN
last-modified
Wed, 16 Jan 2019 04:43:39 GMT
server
AmazonS3
x-timer
S1620646193.687071,VS0,VE1
date
Mon, 10 May 2021 11:29:52 GMT
access-control-allow-methods
GET
x-amz-request-id
F5RE0M56M8CHBN6Z
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/octet-stream
access-control-allow-headers
*
abp
43
x-cache-hits
1
fa-solid-900.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/
77 KB
78 KB
Font
General
Full URL
https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903

Request headers

Origin
https://www.heraldsun.com.au
Referer
https://use.fontawesome.com/releases/v5.6.3/css/all.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:51 GMT
last-modified
Thu, 20 Dec 2018 17:45:39 GMT
server
NetDNA-cache/2.2
etag
"5dc01cfcd5336f696cb85da7ce53fa9b"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
accept-ranges
bytes
content-length
79100
chartbeat_video.js
static.chartbeat.com/js/
69 KB
23 KB
Script
General
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e8:7800:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
59bf4920a322377c761eec2dba5b7de57b64267e82b0d3a7e9fafcfd4a954e34

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 10:55:06 GMT
content-encoding
gzip
last-modified
Fri, 02 Apr 2021 00:06:15 GMT
server
nginx
age
2086
etag
W/"60665ff7-11377"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 a57d5819527c444e16b1875e3bd28970.cloudfront.net (CloudFront)
cache-control
max-age=7200
x-amz-cf-pop
TXL52-C1
x-amz-cf-id
-O60m_UX-OkkUKNQf_RtdpWGXKRMxUyByJVQc0myuMGCr3ALBrvvUQ==
expires
Mon, 10 May 2021 12:55:06 GMT
metrics.js
tags.news.com.au/prod/metrics/
177 KB
61 KB
Script
General
Full URL
https://tags.news.com.au/prod/metrics/metrics.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
fb2cb737a3db9426e955b9ae803f952b73786fa129fbed049e59ef40fce288c9

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:51 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"b6f3fb4b5431948f6d38c971b9b271fe:1620103281.390794"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=10208
content-type
application/x-javascript
tad.js
tags.news.com.au/prod/tad/
99 KB
29 KB
Script
General
Full URL
https://tags.news.com.au/prod/tad/tad.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2b23e426180b375a90ef49bce5c63b7b251f0fccc97f1dff3d00aa473dda857f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:51 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"0478954be2f30a1d640ba571e85c8eab:1619404494.178138"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=22863
content-type
application/x-javascript
content-length
29556
gpt.js
securepubads.g.doubleclick.net/tag/js/
61 KB
21 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
sffe /
Resource Hash
76c701242dd43847e2d4a8141f86d6a278372bb9610fd6f33931a39d03a9e9e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"867 / 582 of 1000 / last-modified: 1620645092"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21221
x-xss-protection
0
expires
Mon, 10 May 2021 11:29:51 GMT
prebid.js
tags.news.com.au/prod/prebid/
382 KB
114 KB
Script
General
Full URL
https://tags.news.com.au/prod/prebid/prebid.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
efcd038fff3becbe148fefb893ed26081fd0d8e7293fcd49d470c13fcd522e02

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:51 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"fb921cb139744e2aabd21ff0559deaa9:1617770917.60892"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=14835
content-type
application/x-javascript
nielsen.js
tags.news.com.au/prod/nielsen/
31 KB
10 KB
Script
General
Full URL
https://tags.news.com.au/prod/nielsen/nielsen.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f1ee7667b8d20bbe534936e8c50e5fd9f86af66f5d6929d63729470d3520bebc

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:51 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"7f6276beec1257abdf772958c0e16aab:1620093019.307325"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=77649
content-type
application/x-javascript
content-length
10388
v60.js
cdn-gl.imrworldwide.com/
Redirect Chain
  • https://secure-gl.imrworldwide.com/v60.js
  • https://cdn-gl.imrworldwide.com/v60.js
21 KB
7 KB
Script
General
Full URL
https://cdn-gl.imrworldwide.com/v60.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:8400:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
75481bc06d1b02e50fd1cc921a7838e3af6caa9b8c0745b50182ebf29f195e20

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
.KrDWJ6YcsmnfI6j8sx8eWw9CjCealBE
content-encoding
gzip
etag
W/"cc7339d315e5ab16597dd66d153a0e7e"
last-modified
Mon, 12 Oct 2020 13:35:53 GMT
server
AmazonS3
age
46859
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Sun, 09 May 2021 22:28:58 GMT
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
OhFauOpRkTizBU2lTbniIXLPAgVaRFnLDWidpVr19IdqWHrGpCaaSg==

Redirect headers

date
Mon, 10 May 2021 11:29:52 GMT
via
1.1 d92debab8d9ca0518390aebaec8733a7.cloudfront.net (CloudFront)
server
awselb/2.0
x-amz-cf-pop
ZRH50-C1
x-cache
Miss from cloudfront
content-type
text/html
location
https://cdn-gl.imrworldwide.com:443/v60.js
content-length
134
x-amz-cf-id
X6ew9-G5TakqT_QYeGiPBv6vAgq7l___3OfnC6jOI5C5H1L064BvSg==
ncg.js
au.tags.newscgp.com/prod/ncg/
155 KB
48 KB
Script
General
Full URL
https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-49.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89868194e8809928df37974211d2477ad0723d6aee71386fb438b3e939eb5bce

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 10 May 2021 10:59:39 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 16 Dec 2020 00:19:19 GMT
Server
AmazonS3
Age
1814
ETag
W/"a0ed145148d17426a72696cecfa585ae"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)
Cache-Control
max-age=3600
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA2-C2
X-Amz-Cf-Id
mAwgwQFw7-JqSoJeL-0wuaeh46UFK8AmcmM0l1dgq5MkhgXyNcejpg==
2988.js
script.crazyegg.com/pages/scripts/0018/
4 KB
2 KB
Script
General
Full URL
https://script.crazyegg.com/pages/scripts/0018/2988.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fd1737f4343dbfc7a9b915eaf41e30b6f114d254d7043d13b4faa370a36589c

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:51 GMT
content-encoding
gzip
cf-cache-status
HIT
age
257105
cf-polished
origSize=4157
ce-version
11.1.292
cf-request-id
09f7a37acb00002b221d1fc000000001
timing-allow-origin
*
last-modified
Fri, 07 May 2021 12:04:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
cf-ray
64d2d50ade972b22-FRA
cf-bgj
minify
utag.903.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/
2 KB
1 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.903.js?utv=ut4.46.202009280518
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-77-38.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c7a8d4e8c6cad88c36def71504911446af10622eddf2c23004e9cb586fcd7db6

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:51 GMT
content-encoding
gzip
last-modified
Mon, 28 Sep 2020 05:18:23 GMT
server
AkamaiNetStorage
etag
"d32b6958018409f79ae783037f4eb748:1601270303.476185"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1032
expires
Tue, 25 May 2021 11:29:51 GMT
utag.985.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/
2 KB
1 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.985.js?utv=ut4.46.201911200449
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-77-38.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d5ba954163b526260314b95b75779981e8bc6645c4b3a7bd40cede3ba2799c80

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:51 GMT
content-encoding
gzip
last-modified
Wed, 20 Nov 2019 04:49:47 GMT
server
AkamaiNetStorage
etag
"a2af0d00bb0e150c0e6e47d44b9436d7:1574225387.905732"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
900
expires
Tue, 25 May 2021 11:29:51 GMT
8e4dd95879be16c55f50e29c8b7071db.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
16 KB
16 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e4dd95879be16c55f50e29c8b7071db.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
843b6a1b611f1736a75913ef5f29a81cfd6e12677de275ce9a4c666b604856dc

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 10 May 2021 11:29:51 GMT
via
1.1 varnish, 1.1 varnish
age
2402157
edge-cache-tag
322089413535885002890087190934422546620,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e4dd95879be16c55f50e29c8b7071db.jpg
content-length
15920
x-request-id
96460faa200de5ec0609200bbfa84298
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Tue, 30 Mar 2021 21:06:50 GMT
server
nginx
x-timer
S1620646192.868557,VS0,VE0
etag
"e707a8fe0e601a6c0ec57048f7975486"
x-served-by
cache-wdc5567-WDC, cache-dca17782-DCA, cache-hhn11561-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 53
4def6df2115bc0cea867470c716b3e03.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
32 KB
32 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4def6df2115bc0cea867470c716b3e03.jpeg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
42d46de83f0f3568252f90ea95d4ca2997e0f2040f0435ae227d764641699a08

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 10 May 2021 11:29:51 GMT
via
1.1 varnish, 1.1 varnish
age
2216100
edge-cache-tag
605508262898155247126897647160468307805,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
expiration
expiry-date="Fri, 07 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4def6df2115bc0cea867470c716b3e03.jpeg
content-length
32372
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified
Tue, 06 Apr 2021 06:37:33 GMT
server
nginx
x-timer
S1620646192.874987,VS0,VE0
etag
"bf0fc269007d60032a6f5e3d56631cad"
x-served-by
cache-wdc5537-WDC, cache-dca17723-DCA, cache-hhn11561-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 4
debug
trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/
0
278 B
Image
General
Full URL
https://trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/debug?tim=13%3A29%3A51.859&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbnails-bc-desktop-article-02-native&id=1521&cv=20210506-7-RELEASE&lt=deflated&pct=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:29:52 GMT
server
nginx
x-fastly-to-nlb-rtt
16692
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
tbl-x-upstream
10.41.14.127:10213
json
trc.taboola.com/newscorpau-aud-heraldsun/trc/3/
11 KB
5 KB
XHR
General
Full URL
https://trc.taboola.com/newscorpau-aud-heraldsun/trc/3/json?tim=13%3A29%3A51.861&route=IL:IL:V&tvi2=2512&lti=deflated&data=%7B%22id%22%3A718%2C%22ii%22%3A%22%2Fbreaking-news%2Fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2Fnews-story%2F3bef7d513ccda66e010bbbd78ece65ae%22%2C%22it%22%3A%22text%22%2C%22sd%22%3A%22v2_339c9e640fe88a2c090452e2454edcfe_12fee572-207f-417d-bc58-05568bc0b3e1-tuct7929eac_1620646188_1620646188_CNawjgYQgPNHGKesqbCVLyABKAEwNzjBqwhA5okQSL6G2ANQ____________AVgAYABosa_ptcr9986tAQ%22%2C%22ui%22%3A%2212fee572-207f-417d-bc58-05568bc0b3e1-tuct7929eac%22%2C%22uifp%22%3A%2212fee572-207f-417d-bc58-05568bc0b3e1-tuct7929eac%22%2C%22lbt%22%3A1620315297435%2C%22vi%22%3A1620646188583%2C%22cv%22%3A%2220210506-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.news.com.au%2Fbreaking-news%2Fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2Fnews-story%2F3bef7d513ccda66e010bbbd78ece65ae%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A2714%2C%22qs%22%3A%22%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A934%2C%22mw%22%3A705.296875%2C%22fi%22%3A3%2C%22fb%22%3A2%2C%22fti%22%3A%22newscorpau-aud-heraldsun-newscorpau-aud-newscomau-mobile-feed-action-bucket-1557203444418-2%22%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210506-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6f0ca792ec208f397ce0c6c2c618e589caafc5f89513fada42f74afc93757513

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
342
date
Mon, 10 May 2021 11:29:52 GMT
content-encoding
gzip
server
nginx
x-timer
S1620646192.875850,VS0,VE342
x-served-by
cache-hhn11561-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
a36dc1a8b1fe1f70d2ed1c6e0719b33d.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
3 KB
4 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a36dc1a8b1fe1f70d2ed1c6e0719b33d.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf103e9bc0c68d131d1e72f3a0ca735940b78f346c77ada13c5604e3bd25ad44

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 10 May 2021 11:29:51 GMT
via
1.1 varnish, 1.1 varnish
age
3991484
edge-cache-tag
400800494721569960401926620182476764265,541962383303260471128292306466498964506,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a36dc1a8b1fe1f70d2ed1c6e0719b33d.png
content-length
3260
x-request-id
f92b03943504b92ac76bca5fb52d7ea4
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified
Tue, 16 Mar 2021 06:47:03 GMT
server
nginx
x-timer
S1620646192.953496,VS0,VE1
etag
"4d55cf7124e768bdd85fc4d73573556f"
x-served-by
cache-wdc5539-WDC, cache-dca17749-DCA, cache-hhn11561-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
6d9d091f778ae1303465a3adcec388b2.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
6 KB
6 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6d9d091f778ae1303465a3adcec388b2.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f38157169b04e155407cd1e52fe8b438a50392ded1586889d950fbe032ddcef9

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 10 May 2021 11:29:51 GMT
via
1.1 varnish, 1.1 varnish
age
2179104
edge-cache-tag
426828508233309334864017710208071264195,541962383303260471128292306466498964506,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
expiration
expiry-date="Sat, 01 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6d9d091f778ae1303465a3adcec388b2.jpg
content-length
5758
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified
Wed, 31 Mar 2021 21:52:43 GMT
server
nginx
x-timer
S1620646192.953570,VS0,VE1
etag
"c5f60a4ce5862d48c2110681fc4b72d7"
x-served-by
cache-wdc5536-WDC, cache-dca17746-DCA, cache-hhn11561-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
8aca802dedc8d7191a63819cce3af6ee.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
4 KB
4 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8aca802dedc8d7191a63819cce3af6ee.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e622f972a533e836c93c8b54e7df050987b19c41291fdeaee4e058893ef62e7c

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 10 May 2021 11:29:51 GMT
via
1.1 varnish, 1.1 varnish
age
1408225
edge-cache-tag
338097364106022612484342047486377793376,541962383303260471128292306466498964506,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
expiration
expiry-date="Thu, 29 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8aca802dedc8d7191a63819cce3af6ee.jpg
content-length
3770
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified
Mon, 29 Mar 2021 15:19:39 GMT
server
nginx
x-timer
S1620646192.953545,VS0,VE1
etag
"724515ab93fc2cdbf172834ccf2210ae"
x-served-by
cache-wdc5522-WDC, cache-dca17783-DCA, cache-hhn11561-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
7c94bf2b
login.newscorpaustralia.com/akam/11/ Frame 3DB5
0
0

fbc6eb3f718ti1818f0a460e313428da5
login.newscorpaustralia.com/staticweb/ Frame 3DB5
0
0

social
trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/
0
277 B
Image
General
Full URL
https://trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/social?route=IL:IL:V&tvi2=2512&lti=deflated&ri=35ddfdd139cd8c39bb99c25a58a6f7e6&sd=v2_339c9e640fe88a2c090452e2454edcfe_12fee572-207f-417d-bc58-05568bc0b3e1-tuct7929eac_1620646188_1620646188_CNawjgYQgPNHGKesqbCVLyABKAEwNzjBqwhA5okQSL6G2ANQ____________AVgAYABosa_ptcr9986tAQ&ui=12fee572-207f-417d-bc58-05568bc0b3e1-tuct7929eac&pi=/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae&wi=-3377029827975301954&pt=text&vi=1620646188583&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.news.com.au%2Fbreaking-news%2Fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2Fnews-story%2F3bef7d513ccda66e010bbbd78ece65ae%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_undefined_%22%2C%22hdl%22%3A%22Germany%20lifts%20priority%20limits%20to%20offer%20J%26%23038%3BJ%20jabs%20to%20all%22%2C%22sec%22%3A%22news%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=13%3A29%3A52.163&id=2154&llvl=1&cv=20210506-7-RELEASE&
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:29:52 GMT
server
nginx
x-fastly-to-nlb-rtt
16692
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
tbl-x-upstream
10.41.10.199:10213
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame AD90
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=c851488c-67d0-4b3e-954e-2c03a13e0d31
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=c851488c-67d0-4b3e-954e-2c03a13e0d31&tbid=2e64311b-4838-4545-81d5-49292dd702a7-tuct7929eb0&query=taboola_hm%3Dc851488c-67d0-...
0
53 B
Image
General
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=c851488c-67d0-4b3e-954e-2c03a13e0d31&tbid=2e64311b-4838-4545-81d5-49292dd702a7-tuct7929eb0&query=taboola_hm%3Dc851488c-67d0-4b3e-954e-2c03a13e0d31&isDirect=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:55 GMT
via
1.1 varnish
server
nginx
x-timer
S1620646196.768584,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn11561-HHN

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=c851488c-67d0-4b3e-954e-2c03a13e0d31&tbid=2e64311b-4838-4545-81d5-49292dd702a7-tuct7929eb0&query=taboola_hm%3Dc851488c-67d0-4b3e-954e-2c03a13e0d31&isDirect=0
tbl-x-upstream
10.41.22.181:10213
date
Mon, 10 May 2021 11:29:55 GMT
server
nginx
x-fastly-to-nlb-rtt
16724
sd
u.openx.net/w/1.0/ Frame AD90
43 B
243 B
Image
General
Full URL
https://u.openx.net/w/1.0/sd?id=543998486&val=12fee572-207f-417d-bc58-05568bc0b3e1-tuct7929eac&gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:29:53 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
sync
dsp.adkernel.com/ Frame AD90
42 B
233 B
Image
General
Full URL
https://dsp.adkernel.com/sync?exchange=281&r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fadkernelrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%7BUID%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 May 2021 11:29:53 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
sync.php
pixel.rubiconproject.com/exchange/ Frame AD90
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Content-Type
image/gif
/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame AD90
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=mXiAXN1vg9mo&ev=1&orig=trc&pid=562107
0
219 B
Image
General
Full URL
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=mXiAXN1vg9mo&ev=1&orig=trc&pid=562107
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.12.133:10213
date
Mon, 10 May 2021 11:29:55 GMT
server
nginx
x-fastly-to-nlb-rtt
16720

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=mXiAXN1vg9mo&ev=1&orig=trc&pid=562107
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7c488d4f5b-7246v
expires
-1
getuidnb
ib.adnxs.com/ Frame AD90
43 B
697 B
Image
General
Full URL
https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 May 2021 11:29:52 GMT
X-Proxy-Origin
89.187.189.187; 89.187.189.187; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.84:80
AN-X-Request-Uuid
06e31c98-3177-47d2-872a-bd0a0dea6b24
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame AD90
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEO-bhbT9Log_XwjKSFgCnFo&google_cver=1
0
188 B
Image
General
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEO-bhbT9Log_XwjKSFgCnFo&google_cver=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
58
date
Mon, 10 May 2021 11:29:52 GMT
via
1.1 varnish
server
nginx
x-timer
S1620646193.508117,VS0,VE58
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn11561-HHN

Redirect headers

pragma
no-cache
date
Mon, 10 May 2021 11:29:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEO-bhbT9Log_XwjKSFgCnFo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame AD90
42 B
805 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=12fee572-207f-417d-bc58-05568bc0b3e1-tuct7929eac:$UID
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 10 May 2021 11:29:56 GMT
X-lat
lhrpug016:0:423
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42
pixel
cm.g.doubleclick.net/ Frame AD90
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=2e64311b-4838-4545-81d5-49292dd702a7-tuct7929eb0
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=2e64311b-4838-4545-81d5-49292dd702a7-tuct7929eb0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:29:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=2e64311b-4838-4545-81d5-49292dd702a7-tuct7929eb0
tbl-x-upstream
10.41.14.95:10213
date
Mon, 10 May 2021 11:29:53 GMT
server
nginx
x-fastly-to-nlb-rtt
16734
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame AD90
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=3ec48305-c26b-496d-8592-383ce55c45cd
0
198 B
Image
General
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=3ec48305-c26b-496d-8592-383ce55c45cd
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
58
date
Mon, 10 May 2021 11:29:55 GMT
via
1.1 varnish
server
nginx
x-timer
S1620646196.517977,VS0,VE58
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn11561-HHN

Redirect headers

pragma
no-cache
date
Mon, 10 May 2021 11:29:55 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=3ec48305-c26b-496d-8592-383ce55c45cd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
merge
ce.lijit.com/ Frame AD90
Redirect Chain
  • https://ce.lijit.com/merge?pid=42&3pid=12fee572-207f-417d-bc58-05568bc0b3e1-tuct7929eac&us_privacy=&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=42&3pid=12fee572-207f-417d-bc58-05568bc0b3e1-tuct7929eac&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
0
433 B
Image
General
Full URL
https://ce.lijit.com/merge?pid=42&3pid=12fee572-207f-417d-bc58-05568bc0b3e1-tuct7929eac&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 May 2021 11:29:56 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 10 May 2021 11:29:56 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=42&3pid=12fee572-207f-417d-bc58-05568bc0b3e1-tuct7929eac&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame AD90
49 B
406 B
Image
General
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=12fee572-207f-417d-bc58-05568bc0b3e1-tuct7929eac
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-US
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-7c488d4f5b-lvdgj
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame AD90
43 B
697 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=12fee572-207f-417d-bc58-05568bc0b3e1-tuct7929eac&gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:29:56 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
put
e1.emxdgt.com/ Frame AD90
0
59 B
Image
General
Full URL
https://e1.emxdgt.com/put?d=d41&uid=12fee572-207f-417d-bc58-05568bc0b3e1-tuct7929eac
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:56 GMT
content-length
0
content-type
text/html
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame AD90
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=9fd140c8-acb7-4671-8a5b-233fb3a11d21
0
227 B
Image
General
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=9fd140c8-acb7-4671-8a5b-233fb3a11d21
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.40.0.134:10213
date
Mon, 10 May 2021 11:29:56 GMT
server
nginx
x-fastly-to-nlb-rtt
16727

Redirect headers

pragma
no-cache
x-errorlevel
0
server
Microsoft-IIS/10.0
date
Mon, 10 May 2021 11:29:55 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=9fd140c8-acb7-4671-8a5b-233fb3a11d21
cache-control
no-cache
server-processing-duration-in-ticks
3704
content-type
text/html; charset=utf-8
content-length
222
expires
Mon, 10 May 2021 00:00:00 GMT
ibs:dpid=121998&dpuuid=f46f22210b798aedf91eefab5b38da78&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F485%2F0%2F8.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
dpm.demdex.net/ Frame AD90
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=12fee572-207f-417d-bc58-05568bc0b3e1-tuct7929eac&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://id5-sync.com/c/464/464/7/1.gif?puid=12fee572-207f-417d-bc58-05568bc0b3e1-tuct7929eac&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOQPJVrgFvioV9LXnGWiugvc8FBGN9xobnSHyQ2g&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOQPJVrgFvioV9LXnGWiugvc8FBGN9xobnSHyQ2g&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp...
  • https://id5-sync.com/cq/464/124/6/2.gif?puid=04748090-c4a5-4fcf-bf9e-112436e491be&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/464/19/5/3.gif?puid=f46f22210b798aedf91eefab5b38da78&gdpr=1&gdpr_consent=
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/464/101/4/4.gif?puid=1e9c8a39-a608-4fd3-b36f-81f60d88b05a&gdpr=1&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gd...
  • https://id5-sync.com/c/464/108/3/5.gif?puid=017f1075-1680-4bbb-8494-20746e5f7f8d&gdpr=1&gdpr_consent=
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F2%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F2%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F2%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/464/146/2/6.gif?puid=43102f60-cc0f-4bfd-87b6-366a8a6b8a4a&gdpr=1&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F1%2F7.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/464/441/1/7.gif?puid=e_5423146e-b2fa-41ff-9ecf-1749d729e45f&gdpr=1&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=f46f22210b798aedf91eefab5b38da78&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F485%2F0%2F8.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gd...
0
0

rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame AD90
Redirect Chain
  • https://s.c.appier.net/taboola
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=4a0Xx3p7BEOKn4QzNBmZYA
0
218 B
Image
General
Full URL
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=4a0Xx3p7BEOKn4QzNBmZYA
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.14.57:10213
date
Mon, 10 May 2021 11:29:57 GMT
server
nginx
x-fastly-to-nlb-rtt
16759

Redirect headers

location
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=4a0Xx3p7BEOKn4QzNBmZYA
date
Mon, 10 May 2021 11:29:56 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
110
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cookiesync
bttrack.com/pixel/ Frame AD90
35 B
380 B
Image
General
Full URL
https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName
Track003-dc3
Pragma
no-cache
Date
Mon, 10 May 2021 11:29:25 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame AD90
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=taboola&bsw_custom_parameter=b5bd4a23-4503-4560-b001-e6ec86c61685
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=taboola&expires=10&bsw_param=b5bd4a23-4503-4560-b001-e6ec86c61685
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=b5bd4a23-4503-4560-b001-e6ec86c61685
0
228 B
Image
General
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=b5bd4a23-4503-4560-b001-e6ec86c61685
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.10.199:10213
date
Mon, 10 May 2021 11:29:58 GMT
server
nginx
x-fastly-to-nlb-rtt
16730

Redirect headers

location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=b5bd4a23-4503-4560-b001-e6ec86c61685
date
Mon, 10 May 2021 11:29:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
cds.js
cdn.taboola.com/scripts/
3 KB
2 KB
Script
General
Full URL
https://cdn.taboola.com/scripts/cds.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210506-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
916d29998baf302ea3c88e031e6f77370ef2aff02258f1b53557599099d27cdc

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
qAC_83v.ruQxT.EBjAF212Y3Xw1cEshk
content-encoding
gzip
etag
"fe3141b1cffc47b284c82d96b098b304"
age
1395
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1181
x-amz-id-2
i42wDgzNjIRrbICyL56uZvk6UZlXA/ux6CF8Z618XGeUERc/82YlIPnWpu43Ye2+Lpy0hY5jQx0=
x-served-by
cache-hhn11561-HHN
last-modified
Wed, 10 Mar 2021 13:27:13 GMT
server
AmazonS3
x-timer
S1620646193.109545,VS0,VE0
date
Mon, 10 May 2021 11:29:53 GMT
vary
Accept-Encoding
x-amz-request-id
8G72GPESSN3T79N7
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
85
x-cache-hits
21145
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/3.4.2/
96 KB
28 KB
Script
General
Full URL
https://vidstat.taboola.com/lite-unit/3.4.2/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210506-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2479d8751b0a3c14caa2be2b548f4555e7e44bbdfa06e11116646c076d0a55eb

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:56 GMT
via
1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront), 1.1 varnish
age
786350
x-cache
Miss from cloudfront, HIT
content-encoding
gzip
content-length
28078
x-served-by
cache-hhn11561-HHN
last-modified
Sat, 01 May 2021 09:03:06 GMT
server
AmazonS3
x-timer
S1620646196.400617,VS0,VE0
etag
"808853a427f985ebd48211ec341fa062"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
Ws7iKIihQhSEXMxB-lKqACgClTHZPzCa2l-jMLicnuZZmmLKAmuH0g==
x-cache-hits
263785
7c94bf2b
login.newscorpaustralia.com/akam/11/ Frame DEAA
0
0

fbc6eb3f718ti1818f0a460e313428da5
login.newscorpaustralia.com/staticweb/ Frame DEAA
0
0

7c94bf2b
login.newscorpaustralia.com/akam/11/ Frame 796C
32 KB
0
Script
General
Full URL
https://login.newscorpaustralia.com/akam/11/7c94bf2b
Requested by
Host: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=cxSL9k01hZ0UusaQ8HGq13vin2LFyGf1&nonce=BcEjJie12RJZw.L07sw1tOVNzscX87jh&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNi4wIn0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.79.141.98 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-141-98.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=cxSL9k01hZ0UusaQ8HGq13vin2LFyGf1&nonce=BcEjJie12RJZw.L07sw1tOVNzscX87jh&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNi4wIn0%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:29:53 GMT
content-encoding
gzip
last-modified
Thu, 02 May 2019 20:01:42 GMT
etag
"65fd974fa513b3e84a52890c5e2c6bd29eeb8805da28ad8e616afbfff9179788"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
content-length
10391
expires
Mon, 10 May 2021 11:29:53 GMT
fbc6eb3f718ti1818f0a460e313428da5
login.newscorpaustralia.com/staticweb/ Frame 796C
77 KB
0
Script
General
Full URL
https://login.newscorpaustralia.com/staticweb/fbc6eb3f718ti1818f0a460e313428da5
Requested by
Host: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=cxSL9k01hZ0UusaQ8HGq13vin2LFyGf1&nonce=BcEjJie12RJZw.L07sw1tOVNzscX87jh&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNi4wIn0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.79.141.98 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-141-98.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=cxSL9k01hZ0UusaQ8HGq13vin2LFyGf1&nonce=BcEjJie12RJZw.L07sw1tOVNzscX87jh&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNi4wIn0%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:53 GMT
content-encoding
gzip
last-modified
Mon, 26 Apr 2021 16:10:06 GMT
etag
"d1dbb955755ca44a0b872a64f97c471a45b14e941f69d082c19f792576ae34fb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=21600
content-length
19642
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1620646194444
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1620646194444
110 B
821 B
XHR
General
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1620646194444
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.47.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-47-58.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a56e82f34c03b1bed67b86e8b09d36303d6204eeb04b968f8fe38077753606ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v005-00a91d7f9.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Error
172
X-TID
Lt5+AUapRkY=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
124
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v005-0e715f246.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Origin
https://www.heraldsun.com.au
X-TID
mDjmmsoVQ+E=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1620646194444
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
iasPET.1.js
cdn.adsafeprotected.com/
22 KB
7 KB
Script
General
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/tad/tad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.156.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-156-4.txl52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
54138d578ed166d5381db70b3dd14a16830233553b6e4213402bae2fdb0564b4

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 23:57:23 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 08 Jul 2020 20:34:30 GMT
Server
AmazonS3
Age
127955
ETag
W/"a8663f72a1dbe614b19f167a59af368d"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 b88825ad151091557d336c3519215162.cloudfront.net (CloudFront)
Cache-Control
max-age=604800
Transfer-Encoding
chunked
X-Amz-Cf-Pop
TXL52-C1
X-Amz-Cf-Id
x0oqgb4dMJmDUMcZ9Oze2wh73bMCSdVwvxmovoVnwcjIv8rNxnz8jQ==
pubads_impl_2021050501.js
securepubads.g.doubleclick.net/gpt/
303 KB
107 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061027
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
sffe /
Resource Hash
9cd58fce5ff7afd625c8e887719242e31afdc0bbfd418eb34d1eb8c9789b84a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 05 May 2021 08:38:25 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
109323
x-xss-protection
0
expires
Mon, 10 May 2021 11:29:54 GMT
ggcmb510.js
seccdn-gl.imrworldwide.com/novms/js/2/
12 KB
5 KB
Script
General
Full URL
https://seccdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:8400:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
K4aOLy49NXAaSrZ_0U6RL8YfHaZQdTea
content-encoding
gzip
etag
W/"afa0d379b1e6e0a61fad577d0043ff26"
last-modified
Wed, 28 Apr 2021 14:18:22 GMT
server
AmazonS3
age
755
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Mon, 10 May 2021 11:17:22 GMT
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
zcb-b4no6AMwTimlUPG6VdiDiIe5uVqHtaNgHewhvdtK4wOovKym1g==
bulk
trc.taboola.com/newscorpau-aud-heraldsun/log/3/
0
305 B
XHR
General
Full URL
https://trc.taboola.com/newscorpau-aud-heraldsun/log/3/bulk?tvi2=2512&route=IL%3AIL%3AV&lti=deflated&bulkSize=3
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210506-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
58
pragma
no-cache
date
Mon, 10 May 2021 11:29:55 GMT
via
1.1 varnish
server
nginx
x-timer
S1620646195.978545,VS0,VE58
x-served-by
cache-hhn11561-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
visible
trc.taboola.com/newscorpau-aud-heraldsun/log/3/
0
56 B
XHR
General
Full URL
https://trc.taboola.com/newscorpau-aud-heraldsun/log/3/visible?tvi2=2512&route=IL%3AIL%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210506-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
58
pragma
no-cache
date
Mon, 10 May 2021 11:29:55 GMT
via
1.1 varnish
server
nginx
x-timer
S1620646195.006511,VS0,VE58
x-served-by
cache-hhn11561-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
undefined
www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/
Redirect Chain
  • https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/undefined
  • https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fbreaking-news%2fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2fnews-story%2fundefined
  • https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/undefined
  • https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fbreaking-news%2fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2fnews-story%2fundefine...
  • https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/undefined?nk=6a063a2c444c727a7af7a5c20104e35f-1620646197
0
0
Script
General
Full URL
https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/undefined?nk=6a063a2c444c727a7af7a5c20104e35f-1620646197
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-111.deploy.static.akamaitechnologies.com
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

:path
/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/undefined?nk=6a063a2c444c727a7af7a5c20104e35f-1620646197
pragma
no-cache
cookie
n_regis=123456789
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.heraldsun.com.au
referer
https://www.heraldsun.com.au/
:scheme
https
sec-fetch-site
cross-site
:method
GET
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
x-content-type-options
nosniff
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-powered-by
WordPress VIP <https://wpvip.com>
is-https
true
host-header
a9130478a60e5f9135f765b23f26593b
x-xss-protection
1
x-rq
ewr4 118 215 3273
server
nginx
date
Mon, 10 May 2021 11:30:00 GMT
vary
User-Agent Accept-Encoding
content-type
text/html; charset=UTF-8
x-arrrg5
BlaizeHappened
cache-control
max-age=58
x-arrrg1
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fbreaking-news%2fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2fnews-story%2fundefined%3fnk%3d6a063a2c444c727a7af7a5c20104e35f-1620646197&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=undefined&session=6a063a2c444c727a7af7a5c20104e35f
set-cookie
AWSALB=fhWf32fxVXGApsN6Wf+aa/RopcJavaSI+2wpwmE8WkBz092lf4JY6Ob1mlyt59hebSId3GE+7YcafC7b485o5MmMaFcK4+lUph2l/eGFYphoGaFyguYPi0vLuJ/W; Expires=Mon, 17 May 2021 11:29:59 GMT; Path=/ nk=6a063a2c444c727a7af7a5c20104e35f; expires=Thu, 09 May 2024 11:30:00 GMT; path=/; domain=heraldsun.com.au; SameSite=None; Secure; AWSALBCORS=fhWf32fxVXGApsN6Wf+aa/RopcJavaSI+2wpwmE8WkBz092lf4JY6Ob1mlyt59hebSId3GE+7YcafC7b485o5MmMaFcK4+lUph2l/eGFYphoGaFyguYPi0vLuJ/W; Expires=Mon, 17 May 2021 11:29:59 GMT; Path=/; SameSite=None; Secure
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Mon, 10 May 2021 11:30:58 GMT

Redirect headers

pragma
no-cache
date
Mon, 10 May 2021 11:29:57 GMT
server
AkamaiGHost
mime-version
1.0
etag
"05563c72b22b39afb384f19701c03047:1600838589.100191"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
location
https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/undefined?nk=6a063a2c444c727a7af7a5c20104e35f-1620646197
cache-control
max-age=0, no-cache
content-type
text/html
content-length
154
expires
Mon, 10 May 2021 11:29:57 GMT
eadafcad67e3d54d5fb825bec486e135.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
22 KB
23 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eadafcad67e3d54d5fb825bec486e135.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3161995ac3982486cbce792367f4ebb2290978058b9f4fdcb40f6aaa76c7b94f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 10 May 2021 11:29:56 GMT
via
1.1 varnish, 1.1 varnish
age
1395311
edge-cache-tag
411907142504635666297386841823132749850,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
expiration
expiry-date="Sat, 15 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eadafcad67e3d54d5fb825bec486e135.jpg
content-length
22316
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Wed, 14 Apr 2021 01:05:53 GMT
server
nginx
x-timer
S1620646197.824188,VS0,VE1
etag
"51b3fa1e108f7b5bae8cb2c7b30d2273"
x-served-by
cache-wdc5566-WDC, cache-dca17754-DCA, cache-hhn11561-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
34ae3d8438b9f0684092dd84dd25fdb9.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
41 KB
41 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/34ae3d8438b9f0684092dd84dd25fdb9.jpeg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
67e952054c1ddf72b415a0752bc36f02602170a1521daf25c8da2fc6aae0901f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 10 May 2021 11:29:56 GMT
via
1.1 varnish, 1.1 varnish
age
5188307
edge-cache-tag
501898018763052567145069362010418137997,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/34ae3d8438b9f0684092dd84dd25fdb9.jpeg
content-length
41950
x-request-id
22a5fdc127f014b3b5cfbe250479ef60
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Thu, 04 Mar 2021 09:27:15 GMT
server
nginx
x-timer
S1620646197.840586,VS0,VE0
etag
"07a3b85759b6142cb27dcee742c6a4e7"
x-served-by
cache-wdc5571-WDC, cache-dca17747-DCA, cache-hhn11561-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 9
0e1d8c38-3fbf-4c3e-bff1-8c48b1662e4c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/static/0e/
8 KB
9 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/static/0e/0e1d8c38-3fbf-4c3e-bff1-8c48b1662e4c.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d1c5be6d1dd5d44c04629c07cdc5a156568bf10bb05a5534a3d57988b6de3778

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 10 May 2021 11:29:56 GMT
via
1.1 varnish, 1.1 varnish
age
1712158
edge-cache-tag
439461114552251663913772479301797950195,541962383303260471128292306466498964506,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/static/0e/0e1d8c38-3fbf-4c3e-bff1-8c48b1662e4c.png
content-length
8634
x-request-id
cdbcc085222acc4fda6025693854bfe4
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Mon, 05 Apr 2021 18:17:57 GMT
server
nginx
x-timer
S1620646197.897947,VS0,VE1
etag
"b9e980d1e77fca2ae578b5c2325b1850"
x-served-by
cache-wdc5536-WDC, cache-dca17756-DCA, cache-hhn11561-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
d553e3bd87bc5f153c97bdd8d5fc160c.gif
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
30 KB
30 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d553e3bd87bc5f153c97bdd8d5fc160c.gif
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
a6a0a880b5769e74039e7ec403414810372d896d37135a19873550d77a0a9db3

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 10 May 2021 11:29:56 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
438450
edge-cache-tag
544972003441114490402095008537297987287,541962383303260471128292306466498964506,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d553e3bd87bc5f153c97bdd8d5fc160c.gif
content-length
30241
x-request-id
5a81f1a2c3fa9995fc87a8bd3434c47b
x-backend-name
CLOUDINARY:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
last-modified
Sun, 11 Apr 2021 19:12:07 GMT
server
cloudinary
x-timer
S1620646197.898232,VS0,VE1
etag
"5b120ee24b7e01be62ad7729b895c3e0"
x-served-by
cache-dca17747-DCA, cache-dca17761-DCA, cache-hhn11561-HHN
vary
ImageFormat
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
7a78383a3d233de544d5b4236bbdee05.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
6 KB
6 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7a78383a3d233de544d5b4236bbdee05.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a9d96c8f52514ad48275a1129da67f48c472099bd5e3a24dda11da2051deab34

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 10 May 2021 11:29:56 GMT
via
1.1 varnish, 1.1 varnish
age
2330102
edge-cache-tag
574339113713207261039971214023080229945,541962383303260471128292306466498964506,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_156%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7a78383a3d233de544d5b4236bbdee05.jpg
content-length
6058
x-request-id
c82e3c9903fce9d9af6cdd12fcc394f9
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Sun, 14 Mar 2021 23:30:17 GMT
server
nginx
x-timer
S1620646197.898207,VS0,VE1
etag
"d955ae9a08b3ef971932b60e6919484c"
x-served-by
cache-wdc5524-WDC, cache-dca17764-DCA, cache-hhn11561-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
campaigns
resourcesssl.newscdn.com.au/indies/
3 KB
1 KB
XHR
General
Full URL
https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22article%22,site:%22heraldsun.com.au%22,section:%22/news/breaking-news%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Requested by
Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.22.90.129 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-22-90-129.deploy.static.akamaitechnologies.com
Software
Google Frontend / Express
Resource Hash
acfb1f0de15111045cdd0e765b51a974602fed8d35459a3fad5e1b02d09b7dba

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 10 May 2021 11:29:55 GMT
content-encoding
gzip
etag
W/"a86-9Cgurj3mQkWki9/cFyEOFLiz4rY"
x-powered-by
Express
x-cache-hits
0
content-length
769
x-served-by
cache-ams21041-AMS
server
Google Frontend
x-timer
S1620632067.366912,VS0,VE284
x-i
true
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
fb4dc3288c38260d343445d4d9792e99
cache-control
private, max-age=590749
function-execution-id
u0ojwcdumsvi
accept-ranges
bytes
x-orig-accept-language
hr-HR,hr;q=0.9,en-GB;q=0.8,en;q=0.7,en-US;q=0.6,bs;q=0.5
x-country-code
DE
expires
Mon, 17 May 2021 07:35:44 GMT
2988.json
script.crazyegg.com/pages/data-scripts/0018/
23 KB
2 KB
XHR
General
Full URL
https://script.crazyegg.com/pages/data-scripts/0018/2988.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0018/2988.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e2a0d6a2f566493f135e5b9c181125638478aeb8126131dce1a595ed5b52d61

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:55 GMT
content-encoding
gzip
cf-cache-status
HIT
age
257136
ce-version
11.1.292
content-length
1655
cf-request-id
09f7a3886600002b1ae785a000000001
timing-allow-origin
*
last-modified
Fri, 07 May 2021 12:04:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
cf-ray
64d2d520af3e2b1a-FRA
7c94bf2b
login.newscorpaustralia.com/akam/11/ Frame C587
0
0

fbc6eb3f718ti1818f0a460e313428da5
login.newscorpaustralia.com/staticweb/ Frame C587
0
0

ebOneTag.js
secure-ds.serving-sys.com/SemiCachedScripts/
52 KB
16 KB
Script
General
Full URL
https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.247.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-247-190.deploy.static.akamaitechnologies.com
Software
/ ARR/3.0
Resource Hash
560ff2564fbf2bef305cf0e9533c4db2671c96297d978fd31ac0310727fe455f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:57 GMT
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 15:15:57 GMT
server
x-powered-by
ARR/3.0
etag
"84a7fce7aaabd61:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=784
accept-ranges
bytes
content-length
15848
utag.v.js
tags.tiqcdn.com/utag/tiqapp/
2 B
202 B
Script
General
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsltd/hwt/202104140349&cb=1620646195339
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-77-38.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:55 GMT
last-modified
Thu, 14 Apr 2016 16:57:51 GMT
server
AkamaiNetStorage
etag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type
application/x-javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Mon, 10 May 2021 11:39:55 GMT
ping
ping.chartbeat.net/
43 B
169 B
Image
General
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2Fnews%2Fbreaking-news%2Fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2Fnews-story%2F3bef7d513ccda66e010bbbd78ece65ae&u=Di5OaOD1OGSJCDUO7h&d=heraldsun.com.au&g=36976&g0=news%2Cbreaking-news%2Cstory%2Cno_video%2Cpc.ct.free&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=3216&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=14925&t=CE2Sb6Mk8ViBNtnaPB4oK2be448r&V=126&i=Germany%20lifts%20priority%20limits%20to%20offer%20J%26J%20jabs%20to%20all%20%7C%20Herald%20Sun&tz=-120&_acct=anon&sn=1&sv=BzZ5AKD7fDrnBTu546D5wQuYCuKWxy&sd=1&im=06530c52&_
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.81.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-81-52.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:29:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0
gdpr_user_check.esi
tags.news.com.au/prod/data-esi/top/
61 B
359 B
XHR
General
Full URL
https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi?
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-190.deploy.static.akamaitechnologies.com
Software
AkamaiGHost /
Resource Hash
edd73ff142720afe38347d11e0988873aec974007ccc0bbbc47b13d3eaf67822

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:29:56 GMT
server
AkamaiGHost
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
etag
"f1d1adc077c1f1f826a151ee3db530bc:1600839199.327003"
content-type
text/plain
access-control-allow-origin
*
cache-control
max-age=0, no-cache
content-length
61
mime-version
1.0
expires
Mon, 10 May 2021 11:29:56 GMT
/
t1.taboola.com/
2 B
181 B
XHR
General
Full URL
https://t1.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.201 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
3514acf61732f662da19625f7fe781c3e483f2dce8506012f3bb393f5003e105

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:56 GMT
last-modified
Thu, 21 Jan 2021 15:58:32 GMT
server
nginx
etag
"6009a4a8-2"
content-type
text/html
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-store
accept-ranges
bytes
content-length
2
/
t2.taboola.com/
2 B
181 B
XHR
General
Full URL
https://t2.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.235 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
ecc2853c85e37f5544d87b8c8322b33bcb8986bf36e480d404da04bc221adb04

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:56 GMT
last-modified
Thu, 21 Jan 2021 15:59:24 GMT
server
nginx
etag
"6009a4dc-2"
content-type
text/html
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-store
accept-ranges
bytes
content-length
2
/
t3.taboola.com/
2 B
181 B
XHR
General
Full URL
https://t3.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.234 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
b2239ae33d9bc5614aeb2e439e5032b1fe77c32f7080d3211c1d03f1b17ffcf6

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:56 GMT
last-modified
Sun, 24 Jan 2021 15:03:24 GMT
server
nginx
etag
"600d8c3c-2"
content-type
text/html
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-store
accept-ranges
bytes
content-length
2
/
t4.taboola.com/
2 B
181 B
XHR
General
Full URL
https://t4.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.208 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
4a44dc15364204a80fe80e9039455cc1608281820fe2b24f1e5233ade6af1dd5

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:56 GMT
last-modified
Thu, 21 Jan 2021 15:58:42 GMT
server
nginx
etag
"6009a4b2-2"
content-type
text/html
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-store
accept-ranges
bytes
content-length
2
/
t5.taboola.com/
2 B
181 B
XHR
General
Full URL
https://t5.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.235 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
ecc2853c85e37f5544d87b8c8322b33bcb8986bf36e480d404da04bc221adb04

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:56 GMT
last-modified
Sun, 24 Jan 2021 15:03:24 GMT
server
nginx
etag
"600d8c3c-2"
content-type
text/html
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-store
accept-ranges
bytes
content-length
2
/
t6.taboola.com/
2 B
181 B
XHR
General
Full URL
https://t6.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.205 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
2215f50cb99824ed2786a5d12df72b5dbc304b85f28cd5b873b645cccc3b7411

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:56 GMT
last-modified
Sun, 24 Jan 2021 15:03:23 GMT
server
nginx
etag
"600d8c3b-2"
content-type
text/html
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-store
accept-ranges
bytes
content-length
2
/
t7.taboola.com/
2 B
181 B
XHR
General
Full URL
https://t7.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.205 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
2215f50cb99824ed2786a5d12df72b5dbc304b85f28cd5b873b645cccc3b7411

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:56 GMT
last-modified
Thu, 21 Jan 2021 15:58:38 GMT
server
nginx
etag
"6009a4ae-2"
content-type
text/html
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-store
accept-ranges
bytes
content-length
2
/
t8.taboola.com/
2 B
181 B
XHR
General
Full URL
https://t8.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.229 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
b7a56873cd771f2c446d369b649430b65a756ba278ff97ec81bb6f55b2e73569

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:56 GMT
last-modified
Sun, 24 Jan 2021 15:03:23 GMT
server
nginx
etag
"600d8c3b-2"
content-type
text/html
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-store
accept-ranges
bytes
content-length
2
/
pips.taboola.com/
64 B
245 B
XHR
General
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:62::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
b8d54469be918f4a8dee30d099dc5bcce1eb96307d53c68e6e4fac7f1e7b1783

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:56 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-hhn11544-HHN
access-control-allow-methods
GET
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210505/r20110914/elements/html/
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210505/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=699509165847.2974?
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
118
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 May 2021 11:27:57 GMT
view
googleads4.g.doubleclick.net/pcs/
0
528 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssPSOwU4_tkWIDPVc46iNZe4TzO86u58E9W0wxyQgUw_cdEHqQRljhOYV-umYndy0El2O6Uv2No7c5x4czq1fAsd-CQQTLE81XLJvNyESa0hz0yRbQTw7TLNMEL73Htc3op&sig=Cg0ArKJSzEPPUpZQukTJEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20210505.38983&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=699509165847.2974?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Mon, 10 May 2021 11:29:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
bulk
trc.taboola.com/newscorpau-aud-heraldsun/log/3/
0
84 B
XHR
General
Full URL
https://trc.taboola.com/newscorpau-aud-heraldsun/log/3/bulk?tvi2=2512&route=IL%3AIL%3AV&lti=deflated&bulkSize=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210506-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
59
pragma
no-cache
date
Mon, 10 May 2021 11:29:56 GMT
via
1.1 varnish
server
nginx
x-timer
S1620646196.049623,VS0,VE59
x-served-by
cache-hhn11561-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
campaigns
resourcesssl.newscdn.com.au/indies/ Frame
0
0
Preflight
General
Full URL
https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22article%22,site:%22heraldsun.com.au%22,section:%22/news/breaking-news%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Protocol
H2
Server
2.22.90.129 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-22-90-129.deploy.static.akamaitechnologies.com
Software
Google Frontend / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.heraldsun.com.au
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
content-type
text/html
function-execution-id
u0ojsgvg5bdj
server
Google Frontend
x-cloud-trace-context
71ebc122fcad6d6bace4d91bbb5ed7fd
x-country-code
DE
x-orig-accept-language
en-US
x-powered-by
Express
accept-ranges
bytes
x-served-by
cache-ams21048-AMS
x-cache-hits
0
x-timer
S1620646195.107162,VS0,VE262
cache-control
private, max-age=604757
expires
Mon, 17 May 2021 11:29:12 GMT
date
Mon, 10 May 2021 11:29:55 GMT
x-i
true
id
metrics.heraldsun.com.au/
48 B
655 B
XHR
General
Full URL
https://metrics.heraldsun.com.au/id?d_visid_ver=5.1.1&d_fieldgroup=MC&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&ts=1620646196263
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.237.136.106 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-237-136-106.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
af5bbafcef5026ac024c9528dd0b97282f13e1b7d10067e3ab8a9b911ed49d1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 10 May 2021 11:29:57 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-76898875b9-t9n97
vary
Origin
x-c
main-1461.Id0ac08.M0-490
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
content-length
48
x-xss-protection
1; mode=block
11.1.292.js
script.crazyegg.com/pages/versioned/common-scripts/
62 KB
21 KB
Script
General
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/11.1.292.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0018/2988.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a2c0fa57655ccdccf8f7279e06d01c8bd1a2629c867273a353cf1716be25c2f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:56 GMT
content-encoding
gzip
cf-cache-status
HIT
age
257138
cf-ray
64d2d52ae8d62b22-FRA
content-length
20993
cf-request-id
09f7a38ed000002b22b8ada000000001
last-modified
Tue, 04 May 2021 14:40:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
show_companion_ad.js
pagead2.googlesyndication.com/pagead/
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061027
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 10:35:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3254
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5863
x-xss-protection
0
server
cafe
etag
12453517290502062038
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Mon, 10 May 2021 11:35:42 GMT
m
secure-gl.imrworldwide.com/cgi-bin/
44 B
493 B
Image
General
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1620646197011&ci=newscorp&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2Fnews-story%2F3bef7d513ccda66e010bbbd78ece65ae%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8&sr=1600x1200&tz=2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:d600:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:29:57 GMT
via
1.1 d92debab8d9ca0518390aebaec8733a7.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
ZRH50-C1
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
x-cache
Miss from cloudfront
content-type
image/gif
content-length
44
x-amz-cf-id
rd7O2WJXILaGARfvkh8_T6j6YrCuSrFOFCSZnigrzql9BvObO5XM7w==
expires
Thu, 01 Dec 1994 16:00:00 GMT
/
cds.taboola.com/
0
155 B
XHR
General
Full URL
https://cds.taboola.com/?uid=12fee572-207f-417d-bc58-05568bc0b3e1-tuct7929eac&dnid=092b2a102b0d0d25&uad=88fe5298c7fea4f29eb9f5eecd3ca68f39c1a33001a95f1237681695a706b75d
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 10 May 2021 11:29:57 GMT
Cache-Control
no-store
Server
nginx
Connection
close
st
imprammp.taboola.com/ Frame 09B8
973 B
615 B
Document
General
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66334005&crid=5473015&dast=V7fSYCFgN0YPKIb7SU6gR0YPKIb7SU6gUAAAAGBvQHHDOjzEjLCWM4XA2Wm-FiN5gMFoPlbrdZjobAMTPKjLScMIbD1WC5GS5my8lgt1mtdrvFZgofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwIP0XQ6fK57ve73u8tdvs9d43fbFa6_xPJyeJ12n1vu8n3-Opfl7bA732KnzfR5Cy5Pv-Vper7FTrfT9HmL_m69zeayvKVWt9Rh8bxFf7fCbPbLXb7PW3P6W55_zcRl841ci83GY3LYZivDYjCxWEy-4crjsq0WLjsAAAAAPABMCd5D_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAIOiMaQDkcBjA5eFzvfwBAPBQAAIAIIBBAlCwV1wCsDHSfwIAAAAAAAAAwPL___8fM0DfUiMDEHKW0APw4APwQFRwWMQIAAAAIGu3d_doUidUFlUAAATpVgBXAAABeVYKYNFhAAAABGML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NCOnINS3ojCtF7RcQAGDtFxAAgE3dAADeAuCCjqAVg8HqFGIyG2xWu-VwNDsAAACAu____389kNksN86VbTSYuYzDhWVjWA5Gq8nKMlqNViaPzeU9IWjOc5PgCfu-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGFiMnO5XLvJWjLYzdyixW7klnhcw7VgtZoNJx7DxLNyrEWvj-m3nCxXDo8XBQMi9yK4SCdyl-_z8VsOD9db4Tq5hS7Lw2zyvO4WsURzskgnssu-s1lunCvbaDBzGYcLy8awHIxWk5VltBqtTB6by9-YzFwu126ylgx2M7dosRu5JR7XcC1YrWbDiccw8awca9HrY_otJ8uVw-NvzCaD2Wi2GA73jdlkMBvNFsPhvkNn-K4-Z6NnqBN5XJbncfHQyswHhctg8e7Uq4XxOzpYe6-jU6btKAs6o9_v9_v9fr_f7_cbtJ6D2aDwPQ9_4fSxPJfD2ejBqIglgtNFOhG9jKeLWCJ5WqQT2cpmmS0cjtHMuRmMFhvfcjazTUaD1Wy32qxsi4lYojRdpBO9xPJyeJ12n1vu8n3-Opfl7bA732KnzfR5Cy5Pv-Vper7FTrfT9HmL_m69zeayvKVWt9Rh8bxFf7fCbPbLXb7PW3P6W55_zcRl841ci83GY3LYZivDYjCxWEy-4crjsq0WLov6jw64nCuGu7liuJwrhrtVAgAAAAAAAABYwpx5EwAAAIDTYFbLzWy1XICIfEBdYBAAAAAAAIDixo8x3OX7fPyWw8P1VrhObqHL8jCbPK-7lQEi7lmZN3smiLVaLWsAAAABbAAAgABu3bwFYjBy!&cmcv=&pix=undefined&cb=1620646197175&uv=2967&tms=1620646197175&abt=aat1_vA!adh5c-1_vA!insc_vA!spa2_vA!sre_vB!t45!ufm!ul2967_vA&ft=0&unm=FEED_MANAGER&aure=false&agl=1&cirid=3F2F49B188509381702010977394&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.2/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c23d2c9f5b7e41763b497c7692a53ce1e675ae659bdc34465ca28ab0303f0720

Request headers

:method
GET
:authority
imprammp.taboola.com
:scheme
https
:path
/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66334005&crid=5473015&dast=V7fSYCFgN0YPKIb7SU6gR0YPKIb7SU6gUAAAAGBvQHHDOjzEjLCWM4XA2Wm-FiN5gMFoPlbrdZjobAMTPKjLScMIbD1WC5GS5my8lgt1mtdrvFZgofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwIP0XQ6fK57ve73u8tdvs9d43fbFa6_xPJyeJ12n1vu8n3-Opfl7bA732KnzfR5Cy5Pv-Vper7FTrfT9HmL_m69zeayvKVWt9Rh8bxFf7fCbPbLXb7PW3P6W55_zcRl841ci83GY3LYZivDYjCxWEy-4crjsq0WLjsAAAAAPABMCd5D_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAIOiMaQDkcBjA5eFzvfwBAPBQAAIAIIBBAlCwV1wCsDHSfwIAAAAAAAAAwPL___8fM0DfUiMDEHKW0APw4APwQFRwWMQIAAAAIGu3d_doUidUFlUAAATpVgBXAAABeVYKYNFhAAAABGML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NCOnINS3ojCtF7RcQAGDtFxAAgE3dAADeAuCCjqAVg8HqFGIyG2xWu-VwNDsAAACAu____389kNksN86VbTSYuYzDhWVjWA5Gq8nKMlqNViaPzeU9IWjOc5PgCfu-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGFiMnO5XLvJWjLYzdyixW7klnhcw7VgtZoNJx7DxLNyrEWvj-m3nCxXDo8XBQMi9yK4SCdyl-_z8VsOD9db4Tq5hS7Lw2zyvO4WsURzskgnssu-s1lunCvbaDBzGYcLy8awHIxWk5VltBqtTB6by9-YzFwu126ylgx2M7dosRu5JR7XcC1YrWbDiccw8awca9HrY_otJ8uVw-NvzCaD2Wi2GA73jdlkMBvNFsPhvkNn-K4-Z6NnqBN5XJbncfHQyswHhctg8e7Uq4XxOzpYe6-jU6btKAs6o9_v9_v9fr_f7_cbtJ6D2aDwPQ9_4fSxPJfD2ejBqIglgtNFOhG9jKeLWCJ5WqQT2cpmmS0cjtHMuRmMFhvfcjazTUaD1Wy32qxsi4lYojRdpBO9xPJyeJ12n1vu8n3-Opfl7bA732KnzfR5Cy5Pv-Vper7FTrfT9HmL_m69zeayvKVWt9Rh8bxFf7fCbPbLXb7PW3P6W55_zcRl841ci83GY3LYZivDYjCxWEy-4crjsq0WLov6jw64nCuGu7liuJwrhrtVAgAAAAAAAABYwpx5EwAAAIDTYFbLzWy1XICIfEBdYBAAAAAAAIDixo8x3OX7fPyWw8P1VrhObqHL8jCbPK-7lQEi7lmZN3smiLVaLWsAAAABbAAAgABu3bwFYjBy!&cmcv=&pix=undefined&cb=1620646197175&uv=2967&tms=1620646197175&abt=aat1_vA!adh5c-1_vA!insc_vA!spa2_vA!sre_vB!t45!ufm!ul2967_vA&ft=0&unm=FEED_MANAGER&aure=false&agl=1&cirid=3F2F49B188509381702010977394&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=4a7e626b-6c11-445c-9258-f39f7823edc6-tuct7929eb4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

server
nginx
content-type
text/html;charset=ISO-8859-1
content-encoding
gzip
accept-ranges
bytes
date
Mon, 10 May 2021 11:29:57 GMT
via
1.1 varnish
x-served-by
cache-hhn11561-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1620646197.483168,VS0,VE10
vary
Accept-Encoding
st
am-vid-events.taboola.com/
0
43 B
Image
General
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66334005&crid=5473015&dast=V7fSYCFgN0YPKIb7SU6gR0YPKIb7SU6gUAAAAGBvQHHDOjzEjLCWM4XA2Wm-FiN5gMFoPlbrdZjobAMTPKjLScMIbD1WC5GS5my8lgt1mtdrvFZgofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwIP0XQ6fK57ve73u8tdvs9d43fbFa6_xPJyeJ12n1vu8n3-Opfl7bA732KnzfR5Cy5Pv-Vper7FTrfT9HmL_m69zeayvKVWt9Rh8bxFf7fCbPbLXb7PW3P6W55_zcRl841ci83GY3LYZivDYjCxWEy-4crjsq0WLjsAAAAAPABMCd5D_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAIOiMaQDkcBjA5eFzvfwBAPBQAAIAIIBBAlCwV1wCsDHSfwIAAAAAAAAAwPL___8fM0DfUiMDEHKW0APw4APwQFRwWMQIAAAAIGu3d_doUidUFlUAAATpVgBXAAABeVYKYNFhAAAABGML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NCOnINS3ojCtF7RcQAGDtFxAAgE3dAADeAuCCjqAVg8HqFGIyG2xWu-VwNDsAAACAu____389kNksN86VbTSYuYzDhWVjWA5Gq8nKMlqNViaPzeU9IWjOc5PgCfu-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGFiMnO5XLvJWjLYzdyixW7klnhcw7VgtZoNJx7DxLNyrEWvj-m3nCxXDo8XBQMi9yK4SCdyl-_z8VsOD9db4Tq5hS7Lw2zyvO4WsURzskgnssu-s1lunCvbaDBzGYcLy8awHIxWk5VltBqtTB6by9-YzFwu126ylgx2M7dosRu5JR7XcC1YrWbDiccw8awca9HrY_otJ8uVw-NvzCaD2Wi2GA73jdlkMBvNFsPhvkNn-K4-Z6NnqBN5XJbncfHQyswHhctg8e7Uq4XxOzpYe6-jU6btKAs6o9_v9_v9fr_f7_cbtJ6D2aDwPQ9_4fSxPJfD2ejBqIglgtNFOhG9jKeLWCJ5WqQT2cpmmS0cjtHMuRmMFhvfcjazTUaD1Wy32qxsi4lYojRdpBO9xPJyeJ12n1vu8n3-Opfl7bA732KnzfR5Cy5Pv-Vper7FTrfT9HmL_m69zeayvKVWt9Rh8bxFf7fCbPbLXb7PW3P6W55_zcRl841ci83GY3LYZivDYjCxWEy-4crjsq0WLov6jw64nCuGu7liuJwrhrtVAgAAAAAAAABYwpx5EwAAAIDTYFbLzWy1XICIfEBdYBAAAAAAAIDixo8x3OX7fPyWw8P1VrhObqHL8jCbPK-7lQEi7lmZN3smiLVaLWsAAAABbAAAgABu3bwFYjBy!&cmcv=&pix=31589837&cb=1620646197174&uv=2967&tms=1620646197174&abt=aat1_vA!adh5c-1_vA!insc_vA!spa2_vA!sre_vB!t45!ufm!ul2967_vA&ft=0&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1620646180558.9492!ts:1620646197174&mntl=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:57 GMT
content-length
0
server
nginx
glcfg510.js
cdn-gl.imrworldwide.com/novms/js/2/configs/
2 KB
1 KB
Script
General
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/configs/glcfg510.js
Requested by
Host: seccdn-gl.imrworldwide.com
URL: https://seccdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:8400:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
INm4zoPCwSXZbYfWdFRn_D.hZjwdgfCD
content-encoding
gzip
etag
W/"931051f801612c3a0e2782961ac3d56c"
last-modified
Wed, 28 Apr 2021 14:18:22 GMT
server
AmazonS3
age
3388
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Mon, 10 May 2021 10:33:30 GMT
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
MQjq1-gDLWSztsuebKXGL4OeFO0EvYFiSTo_54p-2fdMVYyqmDbTiQ==
PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
cdn-gl.imrworldwide.com/conf/
32 KB
7 KB
Script
General
Full URL
https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Requested by
Host: secure-gl.imrworldwide.com
URL: https://secure-gl.imrworldwide.com/v60.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:8400:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bea52b91b6dbf31fcf8408d0044f09af2e60861ef77139eb9b8449aa0054dc27

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
qEesNwUlGSc.3cyMQqp2rhy49zhZqx7_
content-encoding
gzip
etag
W/"08f5a1d366d24c1b07c48a025cdb7c6a"
last-modified
Mon, 10 May 2021 09:18:06 GMT
server
AmazonS3
x-amz-cf-pop
ZRH50-C1
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
cache-control
max-age=86400,s-maxage=86400
date
Mon, 10 May 2021 11:29:57 GMT
x-amz-cf-id
g_7NGYNT3y1fB_fbeg3_RJnRZ_wwIXcJjEUqvps_4iX7o9cf61x2bw==
2988.json
script.crazyegg.com/pages/sampling-data-scripts/0018/
2 KB
693 B
XHR
General
Full URL
https://script.crazyegg.com/pages/sampling-data-scripts/0018/2988.json?t=450179
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.292.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
452f6b1cd9c500d27a27a99770be327180c3f50de3cc67890e60bca7393c5f7a

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:57 GMT
content-encoding
gzip
cf-cache-status
HIT
age
62980
ce-version
11.1.292
content-length
551
cf-request-id
09f7a3912400002b1ad3821000000001
timing-allow-origin
*
last-modified
Sun, 09 May 2021 18:00:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
cf-ray
64d2d52e9e0b2b1a-FRA
id
dpm.demdex.net/
5 KB
2 KB
XHR
General
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=81367023538408189854383879081738332285&ts=1620646197631
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.47.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-47-58.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3dc57c5171ff92684ab5076a6d01666bccb089546d28a7bbcfafb6d0d31371e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-1-v005-02a349794.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
FOccSSipShY=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1537
Expires
Thu, 01 Jan 1970 00:00:00 UTC
dest5.html
newscorpau.demdex.net/ Frame 1DC2
7 KB
3 KB
Document
General
Full URL
https://newscorpau.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.115.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
newscorpau.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.heraldsun.com.au/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
demdex=81345772551284393474385986552835357031
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
Content-Type
text/html;charset=UTF-8
date
Mon, 10 May 2021 11:29:58 GMT
DCS
dcs-prod-irl1-1-v005-0bfa53a0d.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Thu, 22 Apr 2021 14:22:49 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
vary
accept-encoding
X-TID
5qsrD/vxSQ4=
Content-Length
2791
Connection
keep-alive
s98150290216936
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.0/
43 B
466 B
Image
General
Full URL
https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.0/s98150290216936?AQB=1&ndh=1&pf=1&t=10%2F4%2F2021%2013%3A29%3A57%201%20-120&mid=81367023538408189854383879081738332285&aamlh=6&ce=UTF-8&ns=newscorpau&cdp=3&g=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2Fnews-story%2F3bef7d513ccda66e010bbbd78ece65ae%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3&cc=AUD&ch=D%3Dv4&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&c1=D%3Dv1&v1=news%20corp%20au&h1=news%20corp%20au%7Cherald%20sun%7Cherald%20sun%20web%7Cnews%7Cbreaking-news&c2=D%3Dv2&v2=herald%20sun&c3=D%3Dv3&v3=herald%20sun%20web&c4=D%3Dv4&v4=news&c5=D%3Dv5&v5=breaking-news&c9=D%3Dv9&v9=story&c10=D%3Dg&v10=D%3DpageName&c11=D%3Dv11&v11=D%3Dvid&c14=D%3Dv14&v14=anonymous&c15=D%3Dv15&v15=free&c16=D%3Dv16&v16=3bef7d513ccda66e010bbbd78ece65ae&c17=D%3Dv17&v17=germany%20lifts%20priority%20limits%20to%20offer%20j%26amp%3Bj%20jabs%20to%20all&c19=D%3Dv19&v19=afp&c20=D%3Dv20&v20=2021-05-10%2018%3A27%3A24&c22=D%3Dv22&v22=9%3A29%20PM%7CMonday&c24=D%3Dv24&v24=New&c30=First%20Visit&v34=D%3Dg&c46=D%3Dv46&v46=not%20logged%20in&c50=D%3Dv50&v50=2021-05-10%2018%3A14%3A06&v52=1600x1200%7Cwindows%7C10&c60=TypeError%3A%20Cannot%20read%20property%20%27getItem%27%20of%20null&v77=D%3Dmid&v111=0&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&-g=TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&AQE=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.237.136.106 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-237-136-106.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:58 GMT
x-content-type-options
nosniff
x-c
main-1461.Id0ac08.M0-490
p3p
CP="This is not a P3P policy"
vary
*
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Tue, 11 May 2021 11:29:58 GMT
server
jag
xserver
anedge-76898875b9-z4l5z
etag
3480311210919755776-4621795569693153993
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Sun, 09 May 2021 11:29:58 GMT
ibs:dpid=411&dpuuid=YJkZNgAAABlWfSkN
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=81345772551284393474385986552835357031
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YJkZNgAAABlWfSkN
42 B
973 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YJkZNgAAABlWfSkN
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.47.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-47-58.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v005-0c009086c.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
w1xNrC+pS1I=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YJkZNgAAABlWfSkN
Date
Mon, 10 May 2021 11:29:58 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
6630
secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/
16 KB
1 KB
XHR
General
Full URL
https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/6630
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.247.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-247-190.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
584ebca28b361c3381c686b75b71c2cb4cdc074bc0ba6e44980c9db33c5cdf1c

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
wNcZVqk5y.Y6LUl0L8PK4xYsYrqrcsAQ
content-encoding
gzip
last-modified
Tue, 09 Mar 2021 03:28:57 GMT
server
ATS/7.1.0
x-amz-request-id
9SXCG9AF7TZDXKC9
etag
"14ead9bc02aa8f3cf645cfb425ed68e2"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=393
date
Mon, 10 May 2021 11:29:58 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
1179
x-amz-id-2
qODc3EVBxwWnUAdpAcEznlFoZUk4IKA2wyvb2jU7EwliWGb84PPp49dZ0r4oqpJsi4U9cUkyWFM=
pub
pixel.adsafeprotected.com/services/
818 B
1 KB
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10507&slot=%7Bid:ad-block-728x90-1,ss:%5B728.90,970.250,970.50,1000.100%5D,p:/5129/ndm.hwt/news/breakingnews,t:display%7D&slot=%7Bid:ad-block-728x90-2,ss:%5B728.90%5D,p:/5129/ndm.hwt/news/breakingnews,t:display%7D&slot=%7Bid:ad-block-300x250-1,ss:%5B300.250,300.600%5D,p:/5129/ndm.hwt/news/breakingnews,t:display%7D&slot=%7Bid:ad-block-300x250-2,ss:%5B300.250%5D,p:/5129/ndm.hwt/news/breakingnews,t:display%7D&slot=%7Bid:ad-block-1000x50-1,ss:%5B1000.50,728.1%5D,p:/5129/ndm.hwt/news/breakingnews,t:display%7D&slot=%7Bid:ad-block-300x90-1,ss:%5B300.90,315.90%5D,p:/5129/ndm.hwt/news/breakingnews,t:display%7D&slot=%7Bid:ad-out-of-page,ss:%5B1.1%5D,p:/5129/ndm.hwt/news/breakingnews,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=c2f3a958-b649-d4d2-5191-1173e9eef2e0&url=https%253A%252F%252Fwww.heraldsun.com.au%252Fnews%252Fbreaking-news%252Fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%252Fnews-story%252F3bef7d513ccda66e010bbbd78ece65ae%253F_hsmi%253D88974744%2526_hsenc%253Dp2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.0.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b0432bf9dca6f2e848c24bb292d10c9d033d2810d2693aec548b9615adf31afa

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:58 GMT
x-server-name
app25.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
server
nginx
generic
match.adsrvr.org/track/cmf/ Frame 09B8
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66334005&crid=5473015&dast=V7fSYCFgN0YPKIb7SU6gR0YPKIb7SU6gUAAAAGBvQHHDOjzEjLCWM4XA2Wm-FiN5gMFoPlbrdZjobAMTPKjLScMIbD1WC5GS5my8lgt1mtdrvFZgofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwIP0XQ6fK57ve73u8tdvs9d43fbFa6_xPJyeJ12n1vu8n3-Opfl7bA732KnzfR5Cy5Pv-Vper7FTrfT9HmL_m69zeayvKVWt9Rh8bxFf7fCbPbLXb7PW3P6W55_zcRl841ci83GY3LYZivDYjCxWEy-4crjsq0WLjsAAAAAPABMCd5D_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAIOiMaQDkcBjA5eFzvfwBAPBQAAIAIIBBAlCwV1wCsDHSfwIAAAAAAAAAwPL___8fM0DfUiMDEHKW0APw4APwQFRwWMQIAAAAIGu3d_doUidUFlUAAATpVgBXAAABeVYKYNFhAAAABGML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NCOnINS3ojCtF7RcQAGDtFxAAgE3dAADeAuCCjqAVg8HqFGIyG2xWu-VwNDsAAACAu____389kNksN86VbTSYuYzDhWVjWA5Gq8nKMlqNViaPzeU9IWjOc5PgCfu-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGFiMnO5XLvJWjLYzdyixW7klnhcw7VgtZoNJx7DxLNyrEWvj-m3nCxXDo8XBQMi9yK4SCdyl-_z8VsOD9db4Tq5hS7Lw2zyvO4WsURzskgnssu-s1lunCvbaDBzGYcLy8awHIxWk5VltBqtTB6by9-YzFwu126ylgx2M7dosRu5JR7XcC1YrWbDiccw8awca9HrY_otJ8uVw-NvzCaD2Wi2GA73jdlkMBvNFsPhvkNn-K4-Z6NnqBN5XJbncfHQyswHhctg8e7Uq4XxOzpYe6-jU6btKAs6o9_v9_v9fr_f7_cbtJ6D2aDwPQ9_4fSxPJfD2ejBqIglgtNFOhG9jKeLWCJ5WqQT2cpmmS0cjtHMuRmMFhvfcjazTUaD1Wy32qxsi4lYojRdpBO9xPJyeJ12n1vu8n3-Opfl7bA732KnzfR5Cy5Pv-Vper7FTrfT9HmL_m69zeayvKVWt9Rh8bxFf7fCbPbLXb7PW3P6W55_zcRl841ci83GY3LYZivDYjCxWEy-4crjsq0WLov6jw64nCuGu7liuJwrhrtVAgAAAAAAAABYwpx5EwAAAIDTYFbLzWy1XICIfEBdYBAAAAAAAIDixo8x3OX7fPyWw8P1VrhObqHL8jCbPK-7lQEi7lmZN3smiLVaLWsAAAABbAAAgABu3bwFYjBy!&cmcv=&pix=undefined&cb=1620646197175&uv=2967&tms=1620646197175&abt=aat1_vA!adh5c-1_vA!insc_vA!spa2_vA!sre_vB!t45!ufm!ul2967_vA&ft=0&unm=FEED_MANAGER&aure=false&agl=1&cirid=3F2F49B188509381702010977394&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.153.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-153-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:29:58 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
taboola-supply-partners.tremorhub.com/ Frame 09B8
43 B
183 B
Image
General
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66334005&crid=5473015&dast=V7fSYCFgN0YPKIb7SU6gR0YPKIb7SU6gUAAAAGBvQHHDOjzEjLCWM4XA2Wm-FiN5gMFoPlbrdZjobAMTPKjLScMIbD1WC5GS5my8lgt1mtdrvFZgofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwIP0XQ6fK57ve73u8tdvs9d43fbFa6_xPJyeJ12n1vu8n3-Opfl7bA732KnzfR5Cy5Pv-Vper7FTrfT9HmL_m69zeayvKVWt9Rh8bxFf7fCbPbLXb7PW3P6W55_zcRl841ci83GY3LYZivDYjCxWEy-4crjsq0WLjsAAAAAPABMCd5D_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAIOiMaQDkcBjA5eFzvfwBAPBQAAIAIIBBAlCwV1wCsDHSfwIAAAAAAAAAwPL___8fM0DfUiMDEHKW0APw4APwQFRwWMQIAAAAIGu3d_doUidUFlUAAATpVgBXAAABeVYKYNFhAAAABGML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NCOnINS3ojCtF7RcQAGDtFxAAgE3dAADeAuCCjqAVg8HqFGIyG2xWu-VwNDsAAACAu____389kNksN86VbTSYuYzDhWVjWA5Gq8nKMlqNViaPzeU9IWjOc5PgCfu-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGFiMnO5XLvJWjLYzdyixW7klnhcw7VgtZoNJx7DxLNyrEWvj-m3nCxXDo8XBQMi9yK4SCdyl-_z8VsOD9db4Tq5hS7Lw2zyvO4WsURzskgnssu-s1lunCvbaDBzGYcLy8awHIxWk5VltBqtTB6by9-YzFwu126ylgx2M7dosRu5JR7XcC1YrWbDiccw8awca9HrY_otJ8uVw-NvzCaD2Wi2GA73jdlkMBvNFsPhvkNn-K4-Z6NnqBN5XJbncfHQyswHhctg8e7Uq4XxOzpYe6-jU6btKAs6o9_v9_v9fr_f7_cbtJ6D2aDwPQ9_4fSxPJfD2ejBqIglgtNFOhG9jKeLWCJ5WqQT2cpmmS0cjtHMuRmMFhvfcjazTUaD1Wy32qxsi4lYojRdpBO9xPJyeJ12n1vu8n3-Opfl7bA732KnzfR5Cy5Pv-Vper7FTrfT9HmL_m69zeayvKVWt9Rh8bxFf7fCbPbLXb7PW3P6W55_zcRl841ci83GY3LYZivDYjCxWEy-4crjsq0WLov6jw64nCuGu7liuJwrhrtVAgAAAAAAAABYwpx5EwAAAIDTYFbLzWy1XICIfEBdYBAAAAAAAIDixo8x3OX7fPyWw8P1VrhObqHL8jCbPK-7lQEi7lmZN3smiLVaLWsAAAABbAAAgABu3bwFYjBy!&cmcv=&pix=undefined&cb=1620646197175&uv=2967&tms=1620646197175&abt=aat1_vA!adh5c-1_vA!insc_vA!spa2_vA!sre_vB!t45!ufm!ul2967_vA&ft=0&unm=FEED_MANAGER&aure=false&agl=1&cirid=3F2F49B188509381702010977394&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:3a2c:3c86:af1b:2715 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:58 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
sync
pixel.advertising.com/ups/58166/ Frame 09B8
0
125 B
Script
General
Full URL
https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66334005&crid=5473015&dast=V7fSYCFgN0YPKIb7SU6gR0YPKIb7SU6gUAAAAGBvQHHDOjzEjLCWM4XA2Wm-FiN5gMFoPlbrdZjobAMTPKjLScMIbD1WC5GS5my8lgt1mtdrvFZgofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwIP0XQ6fK57ve73u8tdvs9d43fbFa6_xPJyeJ12n1vu8n3-Opfl7bA732KnzfR5Cy5Pv-Vper7FTrfT9HmL_m69zeayvKVWt9Rh8bxFf7fCbPbLXb7PW3P6W55_zcRl841ci83GY3LYZivDYjCxWEy-4crjsq0WLjsAAAAAPABMCd5D_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAIOiMaQDkcBjA5eFzvfwBAPBQAAIAIIBBAlCwV1wCsDHSfwIAAAAAAAAAwPL___8fM0DfUiMDEHKW0APw4APwQFRwWMQIAAAAIGu3d_doUidUFlUAAATpVgBXAAABeVYKYNFhAAAABGML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NCOnINS3ojCtF7RcQAGDtFxAAgE3dAADeAuCCjqAVg8HqFGIyG2xWu-VwNDsAAACAu____389kNksN86VbTSYuYzDhWVjWA5Gq8nKMlqNViaPzeU9IWjOc5PgCfu-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGFiMnO5XLvJWjLYzdyixW7klnhcw7VgtZoNJx7DxLNyrEWvj-m3nCxXDo8XBQMi9yK4SCdyl-_z8VsOD9db4Tq5hS7Lw2zyvO4WsURzskgnssu-s1lunCvbaDBzGYcLy8awHIxWk5VltBqtTB6by9-YzFwu126ylgx2M7dosRu5JR7XcC1YrWbDiccw8awca9HrY_otJ8uVw-NvzCaD2Wi2GA73jdlkMBvNFsPhvkNn-K4-Z6NnqBN5XJbncfHQyswHhctg8e7Uq4XxOzpYe6-jU6btKAs6o9_v9_v9fr_f7_cbtJ6D2aDwPQ9_4fSxPJfD2ejBqIglgtNFOhG9jKeLWCJ5WqQT2cpmmS0cjtHMuRmMFhvfcjazTUaD1Wy32qxsi4lYojRdpBO9xPJyeJ12n1vu8n3-Opfl7bA732KnzfR5Cy5Pv-Vper7FTrfT9HmL_m69zeayvKVWt9Rh8bxFf7fCbPbLXb7PW3P6W55_zcRl841ci83GY3LYZivDYjCxWEy-4crjsq0WLov6jw64nCuGu7liuJwrhrtVAgAAAAAAAABYwpx5EwAAAIDTYFbLzWy1XICIfEBdYBAAAAAAAIDixo8x3OX7fPyWw8P1VrhObqHL8jCbPK-7lQEi7lmZN3smiLVaLWsAAAABbAAAgABu3bwFYjBy!&cmcv=&pix=undefined&cb=1620646197175&uv=2967&tms=1620646197175&abt=aat1_vA!adh5c-1_vA!insc_vA!spa2_vA!sre_vB!t45!ufm!ul2967_vA&ft=0&unm=FEED_MANAGER&aure=false&agl=1&cirid=3F2F49B188509381702010977394&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.63.176 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:58 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 09B8
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=0d0a96a9-b183-11eb-a60e-1f057aaa0206&orig=video&us_privacy=1---
0
227 B
Script
General
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=0d0a96a9-b183-11eb-a60e-1f057aaa0206&orig=video&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66334005&crid=5473015&dast=V7fSYCFgN0YPKIb7SU6gR0YPKIb7SU6gUAAAAGBvQHHDOjzEjLCWM4XA2Wm-FiN5gMFoPlbrdZjobAMTPKjLScMIbD1WC5GS5my8lgt1mtdrvFZgofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwIP0XQ6fK57ve73u8tdvs9d43fbFa6_xPJyeJ12n1vu8n3-Opfl7bA732KnzfR5Cy5Pv-Vper7FTrfT9HmL_m69zeayvKVWt9Rh8bxFf7fCbPbLXb7PW3P6W55_zcRl841ci83GY3LYZivDYjCxWEy-4crjsq0WLjsAAAAAPABMCd5D_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAIOiMaQDkcBjA5eFzvfwBAPBQAAIAIIBBAlCwV1wCsDHSfwIAAAAAAAAAwPL___8fM0DfUiMDEHKW0APw4APwQFRwWMQIAAAAIGu3d_doUidUFlUAAATpVgBXAAABeVYKYNFhAAAABGML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NCOnINS3ojCtF7RcQAGDtFxAAgE3dAADeAuCCjqAVg8HqFGIyG2xWu-VwNDsAAACAu____389kNksN86VbTSYuYzDhWVjWA5Gq8nKMlqNViaPzeU9IWjOc5PgCfu-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGFiMnO5XLvJWjLYzdyixW7klnhcw7VgtZoNJx7DxLNyrEWvj-m3nCxXDo8XBQMi9yK4SCdyl-_z8VsOD9db4Tq5hS7Lw2zyvO4WsURzskgnssu-s1lunCvbaDBzGYcLy8awHIxWk5VltBqtTB6by9-YzFwu126ylgx2M7dosRu5JR7XcC1YrWbDiccw8awca9HrY_otJ8uVw-NvzCaD2Wi2GA73jdlkMBvNFsPhvkNn-K4-Z6NnqBN5XJbncfHQyswHhctg8e7Uq4XxOzpYe6-jU6btKAs6o9_v9_v9fr_f7_cbtJ6D2aDwPQ9_4fSxPJfD2ejBqIglgtNFOhG9jKeLWCJ5WqQT2cpmmS0cjtHMuRmMFhvfcjazTUaD1Wy32qxsi4lYojRdpBO9xPJyeJ12n1vu8n3-Opfl7bA732KnzfR5Cy5Pv-Vper7FTrfT9HmL_m69zeayvKVWt9Rh8bxFf7fCbPbLXb7PW3P6W55_zcRl841ci83GY3LYZivDYjCxWEy-4crjsq0WLov6jw64nCuGu7liuJwrhrtVAgAAAAAAAABYwpx5EwAAAIDTYFbLzWy1XICIfEBdYBAAAAAAAIDixo8x3OX7fPyWw8P1VrhObqHL8jCbPK-7lQEi7lmZN3smiLVaLWsAAAABbAAAgABu3bwFYjBy!&cmcv=&pix=undefined&cb=1620646197175&uv=2967&tms=1620646197175&abt=aat1_vA!adh5c-1_vA!insc_vA!spa2_vA!sre_vB!t45!ufm!ul2967_vA&ft=0&unm=FEED_MANAGER&aure=false&agl=1&cirid=3F2F49B188509381702010977394&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.40.0.134:10213
date
Mon, 10 May 2021 11:29:58 GMT
server
nginx
x-fastly-to-nlb-rtt
16732

Redirect headers

Date
Mon, 10 May 2021 11:29:58 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=0d0a96a9-b183-11eb-a60e-1f057aaa0206&orig=video&us_privacy=1---
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
68
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame 09B8
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66334005&crid=5473015&dast=V7fSYCFgN0YPKIb7SU6gR0YPKIb7SU6gUAAAAGBvQHHDOjzEjLCWM4XA2Wm-FiN5gMFoPlbrdZjobAMTPKjLScMIbD1WC5GS5my8lgt1mtdrvFZgofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwIP0XQ6fK57ve73u8tdvs9d43fbFa6_xPJyeJ12n1vu8n3-Opfl7bA732KnzfR5Cy5Pv-Vper7FTrfT9HmL_m69zeayvKVWt9Rh8bxFf7fCbPbLXb7PW3P6W55_zcRl841ci83GY3LYZivDYjCxWEy-4crjsq0WLjsAAAAAPABMCd5D_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAIOiMaQDkcBjA5eFzvfwBAPBQAAIAIIBBAlCwV1wCsDHSfwIAAAAAAAAAwPL___8fM0DfUiMDEHKW0APw4APwQFRwWMQIAAAAIGu3d_doUidUFlUAAATpVgBXAAABeVYKYNFhAAAABGML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NCOnINS3ojCtF7RcQAGDtFxAAgE3dAADeAuCCjqAVg8HqFGIyG2xWu-VwNDsAAACAu____389kNksN86VbTSYuYzDhWVjWA5Gq8nKMlqNViaPzeU9IWjOc5PgCfu-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGFiMnO5XLvJWjLYzdyixW7klnhcw7VgtZoNJx7DxLNyrEWvj-m3nCxXDo8XBQMi9yK4SCdyl-_z8VsOD9db4Tq5hS7Lw2zyvO4WsURzskgnssu-s1lunCvbaDBzGYcLy8awHIxWk5VltBqtTB6by9-YzFwu126ylgx2M7dosRu5JR7XcC1YrWbDiccw8awca9HrY_otJ8uVw-NvzCaD2Wi2GA73jdlkMBvNFsPhvkNn-K4-Z6NnqBN5XJbncfHQyswHhctg8e7Uq4XxOzpYe6-jU6btKAs6o9_v9_v9fr_f7_cbtJ6D2aDwPQ9_4fSxPJfD2ejBqIglgtNFOhG9jKeLWCJ5WqQT2cpmmS0cjtHMuRmMFhvfcjazTUaD1Wy32qxsi4lYojRdpBO9xPJyeJ12n1vu8n3-Opfl7bA732KnzfR5Cy5Pv-Vper7FTrfT9HmL_m69zeayvKVWt9Rh8bxFf7fCbPbLXb7PW3P6W55_zcRl841ci83GY3LYZivDYjCxWEy-4crjsq0WLov6jw64nCuGu7liuJwrhrtVAgAAAAAAAABYwpx5EwAAAIDTYFbLzWy1XICIfEBdYBAAAAAAAIDixo8x3OX7fPyWw8P1VrhObqHL8jCbPK-7lQEi7lmZN3smiLVaLWsAAAABbAAAgABu3bwFYjBy!&cmcv=&pix=undefined&cb=1620646197175&uv=2967&tms=1620646197175&abt=aat1_vA!adh5c-1_vA!insc_vA!spa2_vA!sre_vB!t45!ufm!ul2967_vA&ft=0&unm=FEED_MANAGER&aure=false&agl=1&cirid=3F2F49B188509381702010977394&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.102.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/
188 KB
53 KB
Script
General
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:8400:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e9b1e9b290756c5ebc9849983de1f7d7db1685f76386ada579863f26897ec5f

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 10 May 2021 11:18:31 GMT
content-encoding
gzip
last-modified
Wed, 28 Apr 2021 14:18:22 GMT
server
AmazonS3
age
688
etag
W/"60cee9f8a6ab7076638a1b6a01bc9269"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
peRL4Yb0Ubr51vTPkyyXuScofZHOG6Uw
via
1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
ZRH50-C1
content-type
application/javascript
x-amz-cf-id
G7_WimVlMucATHBeIGGE5INM4s5LWDIN1uk0GMtC_Bx5vM7FsjFohA==
Serving
bs.serving-sys.com/
8 KB
3 KB
Script
General
Full URL
https://bs.serving-sys.com/Serving?cn=ot&onetagid=6630&dispType=js&sync=0&sessionid=4365857347824270382&pageurl=$$https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2Fnews-story%2F3bef7d513ccda66e010bbbd78ece65ae%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8$$&activityValues=$$Session%3D4514862347476485380$$&ns=0&rnd=9966511788795616
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
82.199.68.72 Lemelerveld, Netherlands, ASN15830 (EQUINIX-CONNECT, GB),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
b29931367cd621ea1692edbea60116c047e03b3f875d30de895014968cbd2a23

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 May 2021 11:29:57 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
P3P
CP="NOI DEVa OUR BUS UNI"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store
Content-Type
text/html; charset=UTF-8
Content-Length
2361
Expires
Sun, 05-Jun-2005 22:00:00 GMT
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 2309
12 KB
4 KB
Document
General
Full URL
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:8400:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

:method
GET
:authority
cdn-gl.imrworldwide.com
:scheme
https
:path
/novms/html/ls.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

content-type
text/html
last-modified
Wed, 28 Apr 2021 14:18:22 GMT
x-amz-server-side-encryption
AES256
x-amz-version-id
qVegwTBMlTpBRiATWIEjsovJ4qexekXG
server
AmazonS3
content-encoding
gzip
date
Mon, 10 May 2021 11:06:08 GMT
cache-control
max-age=86400
etag
W/"7fa83dfc7b78314b137e2eb13834daa7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
AFBmerKyEOOPxGiv7d4cWJg5mmUAUVWtPcbUNJqtzUtTELt0bIQG7A==
age
1431
integrator.js
adservice.google.cz/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.cz/adsid/integrator.js?domain=www.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061027
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 May 2021 11:29:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061027
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 May 2021 11:29:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
188 KB
22 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1543304471652086&correlator=3626279735672017&output=ldjh&impl=fifs&hxva=1&scor=2504103597107047&eid=31060989%2C31061027%2C21064371%2C21068030&vrg=2021050501&ptt=17&co=1&npa=1&sc=1&sfv=1-0-38&ecs=20210510&iu_parts=5129%2Cndm.hwt%2Cnews%2Cbreakingnews&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x250%7C970x50%7C1000x100%2C728x90%2C300x250%7C300x600%2C300x250%2C1000x50%7C728x1%2C300x90%7C315x90%2C1x1&ists=1&prev_scp=pos%3D1%26id%3D0d0d27b0-b183-11eb-9f88-06a809c23df0%7Cpos%3D2%26id%3D0d0d27b1-b183-11eb-9f88-06a809c23df0%7Cpos%3D1%26id%3D0d0d27b2-b183-11eb-9f88-06a809c23df0%26vw%3D40%2C50%2C60%2C70%2C80%26vw05%3D40%2C50%2C60%2C70%26vw15%3D40%2C50%2C60%26grm%3D40%2C50%2C60%2C70%26vw10%3D40%2C50%2C60%26pub%3D40%2C50%2C60%2C70%7Cpos%3D2%26id%3D0d0d27b3-b183-11eb-9f88-06a809c23df0%7Cpos%3D1%26id%3D0d0d27b4-b183-11eb-9f88-06a809c23df0%7Cpos%3D1%26id%3D0d0d27b5-b183-11eb-9f88-06a809c23df0%7Cpos%3D1%26id%3D0d0d27b6-b183-11eb-9f88-06a809c23df0&eri=1&cust_params=tts%3Dn%26ttm%3Dn%26us%3Db%26s%3D0%26co%3D1%26kw%3DBreaking%2520News%252CJens%2520Spahn%252CONLINENEWSEN%252CHealth%252Cvaccines%252CONLINENEWSEN_BREAKINGNEWS%252CBerlin%252Cvirus%252CGermany%252CJJ%26sec1%3Dnews%26sec2%3Dbreakingnews%26ksgmnt%3D%26siteview%3D1%26pagetype%3Dstory%26aid%3D3bef7d513ccda66e010bbbd78ece65ae%26adl%3Dfalse%26pvid%3D00000000000000000000000000000000-3bef7d513ccda66e010bbbd78ece65ae-1620646192123-861118%26fr%3Dtrue%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_UNSCORED_PG&bc=31&abxe=1&lmt=1620646198&dt=1620646198506&dlt=1620646185176&idt=11306&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C176%2C1124%2C1124%2C176%2C1124%2C0&adys=48%2C2566%2C638%2C1586%2C2566%2C612%2C3216&adks=3343294207%2C2808698625%2C1478358836%2C2507937728%2C1895762110%2C1679177193%2C2353233395&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2Fnews-story%2F3bef7d513ccda66e010bbbd78ece65ae%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x134%7C1248x0%7C299x0%7C299x0%7C1248x0%7C299x0%7C1600x3216&msz=728x93%7C728x0%7C299x276%7C299x276%7C1000x0%7C300x90%7C0x0&ga_vid=466461599.1620646199&ga_sid=1620646199&ga_hid=627766294&ga_fc=false&fws=640%2C128%2C640%2C640%2C128%2C644%2C128&ohw=0%2C0%2C0%2C0%2C0%2C300%2C0&btvi=0%7C1%7C0%7C2%7C3%7C0%7C4&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061027
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
11b0c2bf6a32399b56dc48d1e3a184553c4f4628cb9a35c0c09d1c1857d496d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:58 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22123
x-xss-protection
0
google-lineitem-id
4682990628,4682990628,4682990628,4682990628,4682990628,4795254195,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138234025560,138234025551,138234092471,138234092456,138234082178,138345071646,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c0e85838e9fd350298632fb9d31b4a24.safeframe.googlesyndication.com/safeframe/1-0-38/html/
0
0
Other
General
Full URL
https://c0e85838e9fd350298632fb9d31b4a24.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061027
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/
0
0
Other
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061027
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

up_loader.1.1.0.js
js.adsrvr.org/ Frame F6A3
4 KB
2 KB
Script
General
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.157.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-157-54.txl52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 18:52:41 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
59838
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 6c0a96db840a3c501e2558c2b46fd7ec.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
TXL52-C1
X-Amz-Cf-Id
c9eeMeA4wWg6PfM7ayu884beqqq-mm2RYSvlNK3IWLL5R67MyHrBKQ==
uwt.js
static.ads-twitter.com/ Frame 1A89
5 KB
2 KB
Script
General
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWZgF_8HnrbfW3xG1xn7HjZSMW2_PQhc4rpWy9N6YWdrG4Zc_7V3Zsc37CgF2TW2kHFNR17Q2myW5-tWbv5mlhKnW4Ykh-x66x4prW6JBf4B4JTH_5VmQjMG7ry0fdVBrZHm2sGZ4pN1SLFRgVQ62gVM3c-t2_6B5bV-72Hq9hpDG-VXtdRx4R5wSQVvCv_m7F-fSNW81VF226Nx66GVNRmb_8w7TlqW8gD2dn50n7gTVdlPs35YNdDSW5Vl0D43g_28KW5X5hxL5gJXvMN8lBgfS-ddCnW6cDRfc5jzQQRN8NmnH5KxjGbW325DF72PGGCSW6wt8zM5g-kFbW1BMB4k6BHfG5W7rrlgL2Dpn89W4B7cv-4xycfwW3ztvnK78npxdW1FJq9q8dVfX7W6xydZk4BvRK6W2yNLGM4sSnwRW8t3-YM63rrBjW2RsKJC9dCvWvW7FggNC9j3cCP330d1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:58 GMT
via
1.1 varnish
last-modified
Fri, 04 Dec 2020 00:21:46 GMT
age
38301
etag
"cbc512946c8abb461c6215ed5b454e5f+gzip"
vary
Accept-Encoding,Host
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding
gzip
cache-control
no-cache
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
1957
x-timer
S1620646199.849324,VS0,VE0
x-served-by
cache-hhn11542-HHN
insight.min.js
snap.licdn.com/li.lms-analytics/ Frame 7439
4 KB
2 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWZgF_8HnrbfW3xG1xn7HjZSMW2_PQhc4rpWy9N6YWdrG4Zc_7V3Zsc37CgF2TW2kHFNR17Q2myW5-tWbv5mlhKnW4Ykh-x66x4prW6JBf4B4JTH_5VmQjMG7ry0fdVBrZHm2sGZ4pN1SLFRgVQ62gVM3c-t2_6B5bV-72Hq9hpDG-VXtdRx4R5wSQVvCv_m7F-fSNW81VF226Nx66GVNRmb_8w7TlqW8gD2dn50n7gTVdlPs35YNdDSW5Vl0D43g_28KW5X5hxL5gJXvMN8lBgfS-ddCnW6cDRfc5jzQQRN8NmnH5KxjGbW325DF72PGGCSW6wt8zM5g-kFbW1BMB4k6BHfG5W7rrlgL2Dpn89W4B7cv-4xycfwW3ztvnK78npxdW1FJq9q8dVfX7W6xydZk4BvRK6W2yNLGM4sSnwRW8t3-YM63rrBjW2RsKJC9dCvWvW7FggNC9j3cCP330d1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b0::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 10 May 2021 11:29:58 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Jan 2021 22:14:03 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=10175
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1855
js
www.googletagmanager.com/gtag/ Frame BF71
84 KB
34 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-707564276
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4f4d00e7aed59025a4848820e55d40fa73a09943e767d4870414d8be3102d5f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:58 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34215
x-xss-protection
0
last-modified
Mon, 10 May 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 10 May 2021 11:29:58 GMT
up_loader.1.1.0.js
js.adsrvr.org/ Frame A51D
4 KB
2 KB
Script
General
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.157.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-157-54.txl52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 18:52:41 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
59838
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 6c0a96db840a3c501e2558c2b46fd7ec.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
TXL52-C1
X-Amz-Cf-Id
C1T8o-ICDBAMBkBS2mJileepk0ih7KAKVKeFaB58v8jNtqICOtiMbw==
pixie.js
acdn.adnxs.com/dmp/up/ Frame D1E5
7 KB
3 KB
Script
General
Full URL
https://acdn.adnxs.com/dmp/up/pixie.js
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWZgF_8HnrbfW3xG1xn7HjZSMW2_PQhc4rpWy9N6YWdrG4Zc_7V3Zsc37CgF2TW2kHFNR17Q2myW5-tWbv5mlhKnW4Ykh-x66x4prW6JBf4B4JTH_5VmQjMG7ry0fdVBrZHm2sGZ4pN1SLFRgVQ62gVM3c-t2_6B5bV-72Hq9hpDG-VXtdRx4R5wSQVvCv_m7F-fSNW81VF226Nx66GVNRmb_8w7TlqW8gD2dn50n7gTVdlPs35YNdDSW5Vl0D43g_28KW5X5hxL5gJXvMN8lBgfS-ddCnW6cDRfc5jzQQRN8NmnH5KxjGbW325DF72PGGCSW6wt8zM5g-kFbW1BMB4k6BHfG5W7rrlgL2Dpn89W4B7cv-4xycfwW3ztvnK78npxdW1FJq9q8dVfX7W6xydZk4BvRK6W2yNLGM4sSnwRW8t3-YM63rrBjW2RsKJC9dCvWvW7FggNC9j3cCP330d1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3883ff2a5b46193da5464f5ae5fb94169d1361cfecedbd187439d459dc669f31

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 10 May 2021 11:29:58 GMT
Content-Encoding
gzip
Age
56990
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
2601
X-Served-By
cache-lga13627-LGA, cache-hhn4072-HHN
Access-Control-Allow-Origin
*
Last-Modified
Thu, 14 May 2020 21:04:36 GMT
Server
nginx/1.13.10
X-Timer
S1620646199.995030,VS0,VE0
ETag
W/"5ebdb264-1cfb"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish, 1.1 varnish
Expires
Thu, 10 Dec 2020 19:35:03 GMT
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
1, 15576
activityi;dc_pre=CNbJ_8eBv_ACFVoC4Aodn6UNfA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1270965378263.229
8228261.fls.doubleclick.net/ Frame 2D56
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1270965378263.229?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CNbJ_8eBv_ACFVoC4Aodn6UNfA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=127096537826...
507 B
415 B
Document
General
Full URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=CNbJ_8eBv_ACFVoC4Aodn6UNfA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1270965378263.229?
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWZgF_8HnrbfW3xG1xn7HjZSMW2_PQhc4rpWy9N6YWdrG4Zc_7V3Zsc37CgF2TW2kHFNR17Q2myW5-tWbv5mlhKnW4Ykh-x66x4prW6JBf4B4JTH_5VmQjMG7ry0fdVBrZHm2sGZ4pN1SLFRgVQ62gVM3c-t2_6B5bV-72Hq9hpDG-VXtdRx4R5wSQVvCv_m7F-fSNW81VF226Nx66GVNRmb_8w7TlqW8gD2dn50n7gTVdlPs35YNdDSW5Vl0D43g_28KW5X5hxL5gJXvMN8lBgfS-ddCnW6cDRfc5jzQQRN8NmnH5KxjGbW325DF72PGGCSW6wt8zM5g-kFbW1BMB4k6BHfG5W7rrlgL2Dpn89W4B7cv-4xycfwW3ztvnK78npxdW1FJq9q8dVfX7W6xydZk4BvRK6W2yNLGM4sSnwRW8t3-YM63rrBjW2RsKJC9dCvWvW7FggNC9j3cCP330d1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f6.1e100.net
Software
cafe /
Resource Hash
88e3ab3726a717c924e5a6e053d7de073775f949b9f37dd605c926bc894f70e3
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8228261.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CNbJ_8eBv_ACFVoC4Aodn6UNfA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1270965378263.229?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 10 May 2021 11:29:59 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
390
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 10-May-2021 11:44:59 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 10 May 2021 11:29:59 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8228261.fls.doubleclick.net/activityi;dc_pre=CNbJ_8eBv_ACFVoC4Aodn6UNfA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1270965378263.229?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
conversion.js
www.googleadservices.com/pagead/ Frame 290D
43 KB
17 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
8719e7caa8c8992a1d546c7a38c708d4929dd04bde1be9381def52752fd2a97f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16618
x-xss-protection
0
server
cafe
etag
786077497703709746
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 10 May 2021 11:29:59 GMT
activity
au-gmtdmp.mookie1.com/t/v2/ Frame F189
43 B
607 B
Image
General
Full URL
https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296557&src.rand=[timestamp]
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.202.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
26.202.227.35.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:29:59 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
bounce
secure.adnxs.com/ Frame 8B6F
Redirect Chain
  • https://secure.adnxs.com/px?id=879166&seg=9702347&t=2
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
43 B
1 KB
Image
General
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 May 2021 11:29:59 GMT
X-Proxy-Origin
89.187.189.187; 89.187.189.187; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.103:80
AN-X-Request-Uuid
02ccd201-0e0f-4251-bf0d-c3656e150601
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 10 May 2021 11:29:59 GMT
X-Proxy-Origin
89.187.189.187; 89.187.189.187; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.40:80
AN-X-Request-Uuid
623c8f22-4c0d-46b9-b211-0e3cd09675fe
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1
0
1 KB
Image
General
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 May 2021 11:29:59 GMT
X-Proxy-Origin
89.187.189.187; 89.187.189.187; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.69:80
AN-X-Request-Uuid
bd95d015-af70-49b2-8af9-fdf986652d64
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 10 May 2021 11:29:59 GMT
X-Proxy-Origin
89.187.189.187; 89.187.189.187; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.237:80
AN-X-Request-Uuid
dff3ab39-5da2-4be7-aa8a-ca2dfddf155d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1698
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4X2fHkiPRHxj51jRwjVLhVFZmzdGWE-IhZ_qKfah-92MAnUjH2RinkQ2voiHVSQ1jjJzxTnFEp_ewu1SSb2DkcLylYULm6mviZQvZOZG2-DTPkFvwB_tN5p_FudX2ApRsCd3S4TTmWAHQYVAAVCLu2-p7QvaN-3-Rjf3j1RcVUGbkanMNaudwp54Oh9-U2v1lap7u6NDDeqJRjCHkjAkEAkL2ncJgvidHwzAs2SDAdDbzJWd2PLc43nx7dUE3oRjRVAcg5s4ofp5Bq_L9RX55GLaB6PYc6ihIHZDP36m4Votc73gcIpQJ8P01w7ZdVsU&sai=AMfl-YRcIe1S7c59SAMg6R9BnrDTEszhYT-MpxjMLZExtujEff70QrCS5QmrejdeZSQcKE4cm1b1NftOHzlp&sig=Cg0ArKJSzAZVuw7Sy3ySEAE&adurl=
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWZgF_8HnrbfW3xG1xn7HjZSMW2_PQhc4rpWy9N6YWdrG4Zc_7V3Zsc37CgF2TW2kHFNR17Q2myW5-tWbv5mlhKnW4Ykh-x66x4prW6JBf4B4JTH_5VmQjMG7ry0fdVBrZHm2sGZ4pN1SLFRgVQ62gVM3c-t2_6B5bV-72Hq9hpDG-VXtdRx4R5wSQVvCv_m7F-fSNW81VF226Nx66GVNRmb_8w7TlqW8gD2dn50n7gTVdlPs35YNdDSW5Vl0D43g_28KW5X5hxL5gJXvMN8lBgfS-ddCnW6cDRfc5jzQQRN8NmnH5KxjGbW325DF72PGGCSW6wt8zM5g-kFbW1BMB4k6BHfG5W7rrlgL2Dpn89W4B7cv-4xycfwW3ztvnK78npxdW1FJq9q8dVfX7W6xydZk4BvRK6W2yNLGM4sSnwRW8t3-YM63rrBjW2RsKJC9dCvWvW7FggNC9j3cCP330d1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 May 2021 11:29:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210505/r20110914/ Frame 1698
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210505/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061027
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5254f094364127f251dd78e3d1f019b8e09529469689d2d419e9de8458a0289f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:27:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
139
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7043
x-xss-protection
0
server
cafe
etag
3975852021068510888
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 May 2021 11:27:40 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/ Frame 1698
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061027
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:27:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
178
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 May 2021 11:27:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1698
116 KB
35 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061027
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d0699772b8ca80d6ef1ac55871141afd77cda372f15f1a97b74b41dae70ab25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1620386788828326"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36100
x-xss-protection
0
expires
Mon, 10 May 2021 11:29:59 GMT
7114969398400660195
tpc.googlesyndication.com/simgad/ Frame 1698
68 B
98 B
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/7114969398400660195
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061027
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 May 2021 10:06:19 GMT
x-content-type-options
nosniff
age
91420
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
x-xss-protection
0
last-modified
Wed, 23 May 2018 07:39:36 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 09 May 2022 10:06:19 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame BBC2
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstFu1q-scSMQngWghJFMZ7V_QpEk10-yxe1BsONN9qxrB1k7MLGlFDi3KrMJQnzMQUz1iEqVWJga2xJkYoZxmPzi18otRTao3dGWsEYpquT605ctWC-M3DCivypKUH-tUddfGMMukmccgaaObS2vyc_pvdJra7nJrhGjirpm6DebgFotXmbOhHAW-ZhsKFQVZxirLRpna40FuNH3YFQZT-brHJ1r7dqXdY7OopN65_ouuuSSOTfOABUQzIYFWYS2Q11_33NOeVwJOi7guAjrq3RaokVwyyayhNggD_OjiUoseMLXuGrEXqeOEqfBfthC20&sai=AMfl-YRJ7G8Z5fRHLSHKd1wlEjFqYGkLXaIflykVkkMrI3Ie40xJOs-kPfTk1diFuwI2IPCeBV397eT5u-A7&sig=Cg0ArKJSzKgxllEtaGjmEAE&adurl=
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWZgF_8HnrbfW3xG1xn7HjZSMW2_PQhc4rpWy9N6YWdrG4Zc_7V3Zsc37CgF2TW2kHFNR17Q2myW5-tWbv5mlhKnW4Ykh-x66x4prW6JBf4B4JTH_5VmQjMG7ry0fdVBrZHm2sGZ4pN1SLFRgVQ62gVM3c-t2_6B5bV-72Hq9hpDG-VXtdRx4R5wSQVvCv_m7F-fSNW81VF226Nx66GVNRmb_8w7TlqW8gD2dn50n7gTVdlPs35YNdDSW5Vl0D43g_28KW5X5hxL5gJXvMN8lBgfS-ddCnW6cDRfc5jzQQRN8NmnH5KxjGbW325DF72PGGCSW6wt8zM5g-kFbW1BMB4k6BHfG5W7rrlgL2Dpn89W4B7cv-4xycfwW3ztvnK78npxdW1FJq9q8dVfX7W6xydZk4BvRK6W2yNLGM4sSnwRW8t3-YM63rrBjW2RsKJC9dCvWvW7FggNC9j3cCP330d1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 May 2021 11:29:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
7114969398400660195
tpc.googlesyndication.com/simgad/ Frame BBC2
68 B
98 B
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/7114969398400660195
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061027
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 May 2021 10:06:19 GMT
x-content-type-options
nosniff
age
91420
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
x-xss-protection
0
last-modified
Wed, 23 May 2018 07:39:36 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 09 May 2022 10:06:19 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210505/r20110914/ Frame BBC2
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210505/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061027
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5254f094364127f251dd78e3d1f019b8e09529469689d2d419e9de8458a0289f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:27:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
139
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7043
x-xss-protection
0
server
cafe
etag
3975852021068510888
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 May 2021 11:27:40 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/ Frame BBC2
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061027
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:27:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
178
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 May 2021 11:27:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BBC2
116 KB
35 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061027
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d0699772b8ca80d6ef1ac55871141afd77cda372f15f1a97b74b41dae70ab25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1620386788828326"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36100
x-xss-protection
0
expires
Mon, 10 May 2021 11:29:59 GMT
l
www.google.com/ads/measurement/ Frame BBC2
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTCILrDWHYhugQn1dAUNXX6cSplouBYuzHKlM8QfhxVKQv21YdbhzSs1BSy80V2mRjFjDkP
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061027
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

osd.js
www.googletagservices.com/activeview/js/current/
73 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061027
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0248976da97cef9d507c26ab78186f1fc82a4dc71963f29cc49946f09e72d69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1620386783045400"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28014
x-xss-protection
0
expires
Mon, 10 May 2021 11:29:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A88F
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuslvvS1V-_0YDK4gtFQVP6x6MBjeCfCZsV210jOEoq2vTwUDrpXeA4EnOsQsPukHrzPVkJjlN32y08Jqfd1PSJwIlEPvElbr0jPosYZybia4K_0Sxx-q6p8fggkQxq7RibArRxIJd2dzbMkJcBJt24sYsik6gMKQz2-9A5WmGE9u-izWnagm2sFO614R1r0YsIf897rUlLJAaVBScC-uwIRz_cGhOsPAtwL8RYX6NMFq6c5qK09b9VvKrW3keIetjIddhKZu51eZ3gqtcECvUQY_yL3VvYdu3bFf-NOIkewU_IFmlluTc4rIMBsaCGFrk&sai=AMfl-YRB9_wJ-M76MxMssljD5Cqv7cebnGCz09xp-QtoP-npoT4H6ixv_bPKYUwj1M4iOtdANmHd_kGHHAzT&sig=Cg0ArKJSzHw3IN9dbmVBEAE&adurl=
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWZgF_8HnrbfW3xG1xn7HjZSMW2_PQhc4rpWy9N6YWdrG4Zc_7V3Zsc37CgF2TW2kHFNR17Q2myW5-tWbv5mlhKnW4Ykh-x66x4prW6JBf4B4JTH_5VmQjMG7ry0fdVBrZHm2sGZ4pN1SLFRgVQ62gVM3c-t2_6B5bV-72Hq9hpDG-VXtdRx4R5wSQVvCv_m7F-fSNW81VF226Nx66GVNRmb_8w7TlqW8gD2dn50n7gTVdlPs35YNdDSW5Vl0D43g_28KW5X5hxL5gJXvMN8lBgfS-ddCnW6cDRfc5jzQQRN8NmnH5KxjGbW325DF72PGGCSW6wt8zM5g-kFbW1BMB4k6BHfG5W7rrlgL2Dpn89W4B7cv-4xycfwW3ztvnK78npxdW1FJq9q8dVfX7W6xydZk4BvRK6W2yNLGM4sSnwRW8t3-YM63rrBjW2RsKJC9dCvWvW7FggNC9j3cCP330d1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 May 2021 11:29:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210505/r20110914/ Frame A88F
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210505/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061027
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5254f094364127f251dd78e3d1f019b8e09529469689d2d419e9de8458a0289f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:27:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
139
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7043
x-xss-protection
0
server
cafe
etag
3975852021068510888
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 May 2021 11:27:40 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/ Frame A88F
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061027
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:27:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
178
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 May 2021 11:27:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A88F
116 KB
35 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061027
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d0699772b8ca80d6ef1ac55871141afd77cda372f15f1a97b74b41dae70ab25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1620386788828326"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36100
x-xss-protection
0
expires
Mon, 10 May 2021 11:29:59 GMT
l
www.google.com/ads/measurement/ Frame A88F
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ9QvaD8oTyL9aYlxvffVeicwJaNanmNnTLyQU2ZSW9pOPpe8hVP-LhQ5httgzb_fPweleB
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061027
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

13756812283639570429
tpc.googlesyndication.com/simgad/ Frame A88F
68 B
98 B
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/13756812283639570429
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061027
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 02:03:46 GMT
x-content-type-options
nosniff
age
379573
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
x-xss-protection
0
last-modified
Wed, 23 May 2018 07:40:06 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 May 2022 02:03:46 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B5B3
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssLkvqhW_YKwCIL8UiR_v78AzQQQ06jkjX714NLfBFd8YhXpTAYJtm4TvmzdN1HkLjODA1EOmuQr89iJmg0Pf0Z_CKebdJ7ZKCTTl3XQKGBQtkkrpYsd5Qsei1AeXOXmBt5ITZB4Fl-zLlNPDnfk4IS9DOEHmuQD7XLQ86e8NWeViDCpY3qmsj7qqmAAmr0tFZkxOhuix2BTjRcQl9JGiED5gA907iIRsx4LTdzMDMfjNJgRsh3VwmS8p5UpFo5ulFRLw9mNhwxOPMW1pujj0BK63bZClHAZiLheotdbMDv6g3mUg9vb3lBQNFgiPKXQ-o&sai=AMfl-YQ7LbV2G8Jl10PFJ5egF8Tbgc1MHt3FE9xs5KlgY8pamC6nHfDUVN08mNb76kixJk4hiAiWIRmVXU-1&sig=Cg0ArKJSzO5YpNyeT_RFEAE&adurl=
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWZgF_8HnrbfW3xG1xn7HjZSMW2_PQhc4rpWy9N6YWdrG4Zc_7V3Zsc37CgF2TW2kHFNR17Q2myW5-tWbv5mlhKnW4Ykh-x66x4prW6JBf4B4JTH_5VmQjMG7ry0fdVBrZHm2sGZ4pN1SLFRgVQ62gVM3c-t2_6B5bV-72Hq9hpDG-VXtdRx4R5wSQVvCv_m7F-fSNW81VF226Nx66GVNRmb_8w7TlqW8gD2dn50n7gTVdlPs35YNdDSW5Vl0D43g_28KW5X5hxL5gJXvMN8lBgfS-ddCnW6cDRfc5jzQQRN8NmnH5KxjGbW325DF72PGGCSW6wt8zM5g-kFbW1BMB4k6BHfG5W7rrlgL2Dpn89W4B7cv-4xycfwW3ztvnK78npxdW1FJq9q8dVfX7W6xydZk4BvRK6W2yNLGM4sSnwRW8t3-YM63rrBjW2RsKJC9dCvWvW7FggNC9j3cCP330d1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 May 2021 11:29:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
13756812283639570429
tpc.googlesyndication.com/simgad/ Frame B5B3
68 B
98 B
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/13756812283639570429
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061027
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 02:03:46 GMT
x-content-type-options
nosniff
age
379573
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
x-xss-protection
0
last-modified
Wed, 23 May 2018 07:40:06 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 May 2022 02:03:46 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210505/r20110914/ Frame B5B3
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210505/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061027
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5254f094364127f251dd78e3d1f019b8e09529469689d2d419e9de8458a0289f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:27:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
139
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7043
x-xss-protection
0
server
cafe
etag
3975852021068510888
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 May 2021 11:27:40 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/ Frame B5B3
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061027
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:27:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
178
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 May 2021 11:27:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B5B3
116 KB
35 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061027
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d0699772b8ca80d6ef1ac55871141afd77cda372f15f1a97b74b41dae70ab25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1620386788828326"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36100
x-xss-protection
0
expires
Mon, 10 May 2021 11:29:59 GMT
l
www.google.com/ads/measurement/ Frame B5B3
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRNv__GIPfgu4Fho1LueR8u0sJSXijazotubSkHhagN8gqjgvs0JZl0mg2caX-AzWhgWYeK
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061027
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

view
securepubads.g.doubleclick.net/pcs/ Frame 70F8
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsteHJvrgPu5cWhvlehx-DEqSuIj7OZGf5iXhJYdaXsYcgQhOAVCM2HGcFQWZjQOZ2ChntNWHojnFyXvpuFaOuw-Z1or-NrrR7lSSwSUx2f1zNIm-cEZZOVhik0R96IGucg-6ip53vG3rga590e_JNQkjHQzjpb74ldkzcsSOu2bj6UpgivXqVYAF0iVrE4a6hZTigRES5gBMHSzr6ffu_Sh2ltTmFKXRup_IUzkIeN2xRzTDCFMCCLiTgAMdKqblvXKxGpKNzyiFr9kkCOgvVbpZxxSqmUXcmKb1LU4RmNEZfBqonMWaK2R31LyLCI8fDk&sai=AMfl-YT_G5_-xj8pPURm8aD9NoGswVI8yEYZVg8iVJjHYOtFI-rK0I7XUoYdpa1MphAnD7yfvnXK0yMGZk2v&sig=Cg0ArKJSzMHcGffEspf_EAE&adurl=
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWZgF_8HnrbfW3xG1xn7HjZSMW2_PQhc4rpWy9N6YWdrG4Zc_7V3Zsc37CgF2TW2kHFNR17Q2myW5-tWbv5mlhKnW4Ykh-x66x4prW6JBf4B4JTH_5VmQjMG7ry0fdVBrZHm2sGZ4pN1SLFRgVQ62gVM3c-t2_6B5bV-72Hq9hpDG-VXtdRx4R5wSQVvCv_m7F-fSNW81VF226Nx66GVNRmb_8w7TlqW8gD2dn50n7gTVdlPs35YNdDSW5Vl0D43g_28KW5X5hxL5gJXvMN8lBgfS-ddCnW6cDRfc5jzQQRN8NmnH5KxjGbW325DF72PGGCSW6wt8zM5g-kFbW1BMB4k6BHfG5W7rrlgL2Dpn89W4B7cv-4xycfwW3ztvnK78npxdW1FJq9q8dVfX7W6xydZk4BvRK6W2yNLGM4sSnwRW8t3-YM63rrBjW2RsKJC9dCvWvW7FggNC9j3cCP330d1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 May 2021 11:29:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210505/r20110914/ Frame 70F8
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210505/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061027
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5254f094364127f251dd78e3d1f019b8e09529469689d2d419e9de8458a0289f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:27:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
139
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7043
x-xss-protection
0
server
cafe
etag
3975852021068510888
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 May 2021 11:27:40 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/ Frame 70F8
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061027
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:27:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
178
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 May 2021 11:27:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 70F8
116 KB
35 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061027
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d0699772b8ca80d6ef1ac55871141afd77cda372f15f1a97b74b41dae70ab25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1620386788828326"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36100
x-xss-protection
0
expires
Mon, 10 May 2021 11:29:59 GMT
13503232906761715217
tpc.googlesyndication.com/simgad/ Frame 70F8
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/13503232906761715217
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061027
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a87453753b5611e7806718ec99a837dc8068d9eb20b4b6b3bb0d38ee2bd84d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 02:20:03 GMT
x-content-type-options
nosniff
age
378596
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3270
x-xss-protection
0
last-modified
Wed, 23 May 2018 04:43:28 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 May 2022 02:20:03 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 28A9
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuAVfoUeepZdMJLABlLwCMTgkYtaJf61xz9PYCMgpmA2xS6iBvzxYYNjeZNg1QFRK3c1Qi3lcbZwUSHKA0Ay1PKPhbVqkwTWV0VykVOzow7obPVkzYkG5JNcRSDBSrivgr22VIlkPVV1BxwLdEdycRr9lVDfpjR2WVMeyhiKOYd2e9AOK2S6oKvme9sHF-cJx9v1lWQsrWKd7ChsKfux2ipoc4n5jDkI-3yT37tn3lmz0Eghy5v-1gcu9_fHQV9lrk-myPX3P1gNVo2dSIxu5xQBv8qJb0QJFCQ2DampDZrslL6i-LwSMNyKhIARFV6CqI&sai=AMfl-YQ3e3veUaidey9cmlDhE34YBt8ZURGmsGhgzHzDzrv56KqdOgVvY0AbTXXZgMM0M-59v_JL5job1dHv&sig=Cg0ArKJSzPgag5pydb_iEAE&adurl=
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWZgF_8HnrbfW3xG1xn7HjZSMW2_PQhc4rpWy9N6YWdrG4Zc_7V3Zsc37CgF2TW2kHFNR17Q2myW5-tWbv5mlhKnW4Ykh-x66x4prW6JBf4B4JTH_5VmQjMG7ry0fdVBrZHm2sGZ4pN1SLFRgVQ62gVM3c-t2_6B5bV-72Hq9hpDG-VXtdRx4R5wSQVvCv_m7F-fSNW81VF226Nx66GVNRmb_8w7TlqW8gD2dn50n7gTVdlPs35YNdDSW5Vl0D43g_28KW5X5hxL5gJXvMN8lBgfS-ddCnW6cDRfc5jzQQRN8NmnH5KxjGbW325DF72PGGCSW6wt8zM5g-kFbW1BMB4k6BHfG5W7rrlgL2Dpn89W4B7cv-4xycfwW3ztvnK78npxdW1FJq9q8dVfX7W6xydZk4BvRK6W2yNLGM4sSnwRW8t3-YM63rrBjW2RsKJC9dCvWvW7FggNC9j3cCP330d1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 May 2021 11:29:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210505/r20110914/ Frame 28A9
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210505/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061027
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5254f094364127f251dd78e3d1f019b8e09529469689d2d419e9de8458a0289f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:27:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
139
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7043
x-xss-protection
0
server
cafe
etag
3975852021068510888
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 May 2021 11:27:40 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/ Frame 28A9
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061027
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:27:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
178
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 May 2021 11:27:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 28A9
116 KB
35 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061027
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d0699772b8ca80d6ef1ac55871141afd77cda372f15f1a97b74b41dae70ab25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:29:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1620386788828326"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36100
x-xss-protection
0
expires
Mon, 10 May 2021 11:29:59 GMT
4573440487296087453
tpc.googlesyndication.com/simgad/ Frame 28A9
11 KB
11 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/4573440487296087453
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061027
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fa06bea7bb296b456d46727e9b3a4a62cbfb2901247b9f93434c4cb3b7fbd18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:25:35 GMT
x-content-type-options
nosniff
age
450264
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11304
x-xss-protection
0
last-modified
Thu, 01 Apr 2021 01:19:20 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 May 2022 06:25:35 GMT
gn
secure-dcr.imrworldwide.com/cgi-bin/ Frame 2309
44 B
530 B
Image
General
Full URL
https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&sessionId=0vsjtgyoeikiiccaepftimuf3dviw1620646198&c16=sdkv,bj.6.0.0&uoo=&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&c30=bldv,6.0.0.594&retry=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.66.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:29:59 GMT
server
nginx
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
content-type
image/gif
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
/
0vsjtgyoeikiiccaepftimuf3dviw1620646198.nuid.imrworldwide.com/ Frame 2309
35 B
350 B
Image
General
Full URL
https://0vsjtgyoeikiiccaepftimuf3dviw1620646198.nuid.imrworldwide.com/
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e8:3400:1d:667e:2a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 05:01:54 GMT
via
1.1 458f29e42261f01e7368474593f44b66.cloudfront.net (CloudFront)
last-modified
Tue, 11 Sep 2018 17:05:20 GMT
server
AmazonS3
age
23285
etag
"c2196de8ba412c60c22ab491af7b1409"
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
TXL52-C1
accept-ranges
bytes
content-length
35
x-amz-cf-id
2f4mrDL9NHyTRPcDjQGLPEHE8sMs0eYobmMwUMwuujgFs5Eek0E4ug==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/ Frame 290D
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/?random=1620646199646&cv=9&fst=1620646199646&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2Fnews-story%2F3bef7d513ccda66e010bbbd78ece65ae%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d8b8984160a1818979a36adbaed0dccb73e48baed2172ad8424beb42dae6802f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:29:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1193
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 1698
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd593738a891a936a67a7191c363aa93d6a0e0f250a36dc91e0029af0f3e0c45

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame B438
46 KB
13 KB
Script
General
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234025560&pubOrder=305536031&cb=395822153&custom=story&custom3=168400391&adsafe_par&impId=0d0d27b0-b183-11eb-9f88-06a809c23df0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.0.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6ae53ddcaf317c2fa6382c22e44a3bc39d5cd3a24a0fb603d69ff1f85b3e4bb9

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:00 GMT
content-encoding
gzip
x-server-name
app09.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
collect
px4.ads.linkedin.com/ Frame 7439
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1620646199967&url=https%3A%2F%2Fwww.heraldsun.com.au%2F
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26time%3D1620646199967%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1620646199967&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1620646199967&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&liSync=true&e_ipv6=AQIbWpTUwYBdGAAAAXlWCod8Gsrbq-2nD2gERUuRXFB8qe63zK7AuL0g2...
0
372 B
Image
General
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1620646199967&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&liSync=true&e_ipv6=AQIbWpTUwYBdGAAAAXlWCod8Gsrbq-2nD2gERUuRXFB8qe63zK7AuL0g26AYGjVi2NH4a9kC
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
108-174-10-14.fwd.linkedin.com
Software
Play /
Resource Hash

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:30:01 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server
Play
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lva1
x-li-proto
http/2
x-li-pop
prod-edc2
content-type
application/javascript
content-length
0
x-li-uuid
BbKlRiKxfRYwcPCUWCsAAA==

Redirect headers

date
Mon, 10 May 2021 11:30:01 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server
Play
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1620646199967&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&liSync=true&e_ipv6=AQIbWpTUwYBdGAAAAXlWCod8Gsrbq-2nD2gERUuRXFB8qe63zK7AuL0g26AYGjVi2NH4a9kC
x-li-proto
http/2
x-li-pop
prod-edc2
content-length
0
x-li-uuid
42jaKCKxfRaQLudBFysAAA==
truncated
/ Frame BBC2
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f913de90542600aefb250777caea436cc05f3375c863a9b73df402c33a772b3

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 161D
46 KB
13 KB
Script
General
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234025551&pubOrder=305536031&cb=1826087518&custom=story&custom3=168400391&adsafe_par&impId=0d0d27b1-b183-11eb-9f88-06a809c23df0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.0.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1bd56cc37f79d870e73de6e0fcfac46f9176ea52ce116aac90c9f67a29908b68

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:00 GMT
content-encoding
gzip
x-server-name
app23.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
pixie
ib.adnxs.com/ Frame D1E5
42 B
352 B
Image
General
Full URL
https://ib.adnxs.com/pixie?e=PageView&pi=4332873b-84ca-4d4d-a575-ee974bcdf99a&it=1620646200300&v=0.0.15&u=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2Fnews-story%2F3bef7d513ccda66e010bbbd78ece65ae%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8&r=https%3A%2F%2Fwww.heraldsun.com.au%2F&st=1620646200292&et=1620646200300&if=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 10 May 2021 11:30:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx/1.17.9
Connection
keep-alive
X-Proxy-Origin
89.187.189.187; 89.187.189.187; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 10.2.80.88:80
Content-Length
42
Content-Type
image/gif
up
insight.adsrvr.org/track/ Frame 9415
0
182 B
Document
General
Full URL
https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2Fnews-story%2F3bef7d513ccda66e010bbbd78ece65ae%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8&upid=trk7f24&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.108.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-108-170.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
insight.adsrvr.org
:scheme
https
:path
/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2Fnews-story%2F3bef7d513ccda66e010bbbd78ece65ae%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8&upid=trk7f24&upv=1.1.0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

date
Mon, 10 May 2021 11:30:00 GMT
content-type
text/html
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
up
insight.adsrvr.org/track/ Frame A363
0
181 B
Document
General
Full URL
https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2Fnews-story%2F3bef7d513ccda66e010bbbd78ece65ae%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8&upid=ekg5qxt&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.108.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-108-170.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
insight.adsrvr.org
:scheme
https
:path
/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2Fnews-story%2F3bef7d513ccda66e010bbbd78ece65ae%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8&upid=ekg5qxt&upv=1.1.0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

date
Mon, 10 May 2021 11:30:00 GMT
content-type
text/html
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
truncated
/ Frame B5B3
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2553ba72a764502f4a50db4df2a86d6d58d87826d002308b7308562bf3d6fbd6

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame F03C
46 KB
13 KB
Script
General
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234092456&pubOrder=305536031&cb=440453319&custom=story&custom3=168400391&adsafe_par&impId=0d0d27b3-b183-11eb-9f88-06a809c23df0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.0.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d11d66932ac90e719a11bf552b4b540c73e198327e18b33be7e7e0fb964f567c

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:00 GMT
content-encoding
gzip
x-server-name
app21.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
adsct
analytics.twitter.com/i/ Frame 1A89
31 B
662 B
Script
General
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o3flk&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2Fnews-story%2F3bef7d513ccda66e010bbbd78ece65ae%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_devel /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:30:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
57
x-xss-protection
0
pragma
no-cache
last-modified
Mon, 10 May 2021 11:30:00 GMT
server
tsa_devel
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
cb707fe3918bf794874c0bb53ff1aeb16b81d8a174b15ceb02d37d284760adf9
x-transaction
65ffb3970934b036
expires
Tue, 31 Mar 1981 05:00:00 GMT
adsct
t.co/i/ Frame 1A89
43 B
457 B
Image
General
Full URL
https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o3flk&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2Fnews-story%2F3bef7d513ccda66e010bbbd78ece65ae%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_devel /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:30:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
pragma
no-cache
last-modified
Mon, 10 May 2021 11:30:00 GMT
server
tsa_devel
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
c271fcee8e463ad23943a2f8d8aaf2139ac017508b9b0a8189a93548478a9800
x-transaction
6876c4b04e8bc9c2
expires
Tue, 31 Mar 1981 05:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 70F8
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstsSax6YG5Q1DPVfyxm9EXOPJYdQBi3eYYp1mv6o157V4HawTTzn_KAuphiMA6YMeE1RE95wUkvuYSwkLlCtr_pJuSfwTJK9u8zWlbJWzEF8JaDv4iDoHqBQ96CqbuNUNDZ8CLRQ6rkFHkKDHhe7G7fEdiGW_XKLa4IIw3JEqCc9sxW2GleEK6GTznvrFCz7fsYIiqvOWc64q_dXiSTQ4UcMl7-vN6FasDgsbRlHoAzOEa5JSLDlK2AWqhHME0CmoxaGz3B2TAfbMzg5q5h4gJ6kwHirx9ySBydOkQg-4RF4vhoG7V5jk1EBNCwvAT2oeiMAw&sai=AMfl-YSOMvmnqISPqYBDLXOVGlyihpI9WafuXpOrrZKs1VoVfrUvC845D-u9FwS1d7eguEZV7PgHA_1lmn-9&sig=Cg0ArKJSzAArdYUETbJREAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 May 2021 11:30:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame 70F8
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd41d1034a0b5a6c64a8f9318eacedc8d05021d30f3a5e586a9fdfd648ee6a1e

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame A2B7
46 KB
13 KB
Script
General
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234082178&pubOrder=305536031&cb=322818030&custom=story&custom3=168400391&adsafe_par&impId=0d0d27b4-b183-11eb-9f88-06a809c23df0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.0.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9ae93b2ff1000bea7d2a98cb3d1eb6107f323e9df877e49910a791d6b66d38cd

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:00 GMT
content-encoding
gzip
x-server-name
app10.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
conversion_async.js
www.googleadservices.com/pagead/ Frame BF71
36 KB
14 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
5c64e98b7d26b27f3235a6b049f4da5a8b1ed471ee0f2d4508e342bcb216eb2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:30:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13939
x-xss-protection
0
server
cafe
etag
16751590114636182394
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 10 May 2021 11:30:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame BBC2
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstFIKlkxRsxHc9RJnuvBOHIcRACzDkDTaS0VUNxCb2EYfbpjhgvZsfoKcjnB5QcTlv1z2A8fLb5eJJoLm5EZ-li_54zNIWX4BB-1NgWgGXtPr4eI-xAAEG7xe1MbisYPuiZYO36-zrwh_GweJlRQwyuTuj7OB_B56AnqWOgGSluA9q5DTunqyP7UFcawSmTrhsoSwh7DXfKs8a6QBiy7h__FKbTB4uYGTF0kAe4PqFb6FINLh1peQPzqG_EGFp-jhM3GMYvRyMadNbh9h4qY9zxgpceCvwZDAnTUOyrLVZ-jzFdVOPfwtsNcnjlB8lU7XYX1Q&sai=AMfl-YT_CYh2W23bpJhsfOZORbgk0mvYg-s03SiezMiL0cNumRAYsZ5jTxgMIlzaMMwxxjvX5P2s6qLS2rMk&sig=Cg0ArKJSzDysAzQlaHMNEAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 May 2021 11:30:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
ibs:dpid=358&dpuuid=6990995679280864852
dpm.demdex.net/ Frame 1DC2
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=6990995679280864852
42 B
973 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=358&dpuuid=6990995679280864852
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.47.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-47-58.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v005-00920e99e.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
LMtyoiTQQFU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
Date
Mon, 10 May 2021 11:30:00 GMT
X-Proxy-Origin
89.187.189.187; 89.187.189.187; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.186:80
AN-X-Request-Uuid
af8d6819-c36d-459a-ae4a-bddc0412ccf4
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dpm.demdex.net/ibs:dpid=358&dpuuid=6990995679280864852
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 28A9
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstt2OpW6ZM3JhHiIK-lHHAimlTe9CWl-l1yc6xPPPHxVTPg87YT1d3EtO_zCsXpZNExsSUaCBF3IUcG2aiRZxiCgITEqe3NwmcMry8Tp1V2KPHART_WmYQX5albhQppmHwqzEeA_jibIOOKZnQVc8AB8v6DPLNrPiKT9wavS5xJelp9OYBom-D7OFHYzZ7dNteSqih2gxDQ2gEWFbAg460yvfnJdKPbgYuXFLBeX_Sgurl_0Cfoxx9ROnWsVL8qcOh4LBMfNwbKPyMeyWdlNR7O3Tn0vs8UK5a3LDjz4xG8F7ES4OJxO2Cfqubxh-BbjLPhNA&sai=AMfl-YTTsgpso72iPI4wD35cb4E9jRypYKhD8TxX0lUKihvBv1Z3hZFwAxFFqA4WhKgnO2U_UwRLeeiVzI4Z&sig=Cg0ArKJSzG1GjnebyrP0EAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 May 2021 11:30:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame 28A9
219 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0524ac10d2795b62005161c98ca8df6c1b47b74d9e7ad4e3785e248143aadd62

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 0B9A
46 KB
13 KB
Script
General
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x90|1&pubId=36557831&chanId=21941980990&placementId=4795254195&pubCreative=138345071646&pubOrder=2161406623&cb=1058954694&custom=story&custom3=168400391&adsafe_par&impId=0d0d27b5-b183-11eb-9f88-06a809c23df0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.0.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ee5cf3dbb48f6e0f34e65cba979c01d753052bdcd78ff9d6971189dcd215e79

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:00 GMT
content-encoding
gzip
x-server-name
app11.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1698
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvGQxb8h_hqaFZboPq948C1LbeurNu-xiFczfTABTExi_1G9RwgFvgrnQqTQrDwTexqRCU4Ty5EvkCQTIVQDB08ggx9mn2Is9yPD5YbMOoBx7MP2PDu8h20uT2b4adkECCQo-GvYdOQ7RwRpsWNLhAb3-7cG2knkVzZ4Chy3YGA2UuDa4UcvQbtt554ZaRmxSUzzM3bASAxyUn_sYSK8kP2Ge8-7IKp39rJdc6mi0wKbj6zbC7TbkKE6nTGn1h-D0X0tpJsrMyNLDA4xEyj1OZYoXfEZWCJvs_t4vizqSBlZ6LTwA8dIxyxhsY05Izn-cY5bg&sai=AMfl-YRjnt6ZNPq-RZHh67cehf5qacUKIIqJKpPdRE09HEGBx16uItWMlsQS5TeS5q6UrGJCxxxGZKulDtlQ&sig=Cg0ArKJSzOYmY2o1LVW-EAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 May 2021 11:30:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
/
adservice.google.com/ddm/fls/i/dc_pre=CNbJ_8eBv_ACFVoC4Aodn6UNfA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1270965378263.229;~oref=htt... Frame 6B65
506 B
413 B
Document
General
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CNbJ_8eBv_ACFVoC4Aodn6UNfA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1270965378263.229;~oref=https://www.heraldsun.com.au/
Requested by
Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CNbJ_8eBv_ACFVoC4Aodn6UNfA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1270965378263.229?
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c3d77384bc88b60d02c72e5cb67ed44126a5ec614e78418051d1e5f89d4cf2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
adservice.google.com
:scheme
https
:path
/ddm/fls/i/dc_pre=CNbJ_8eBv_ACFVoC4Aodn6UNfA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1270965378263.229;~oref=https://www.heraldsun.com.au/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://8228261.fls.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://8228261.fls.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 10 May 2021 11:30:00 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
390
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame A88F
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f676d03a4dc4027d2705ecb082426d707bfe4f8f99b014ad571dc453b8538ba

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 33C1
46 KB
13 KB
Script
General
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234092471&pubOrder=305536031&cb=1364132555&custom=story&custom3=168400391&adsafe_par&impId=0d0d27b2-b183-11eb-9f88-06a809c23df0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.0.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
85929b3bd74ea2b75664a0e4caa43b13d92c1a8f852f42aa7ea437aa6d4cc7c0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:01 GMT
content-encoding
gzip
x-server-name
app14.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B5B3
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss5mnoBkbAc6cA0aMBGTZ48_LaTZIX2D-YgHoX4V5b10dXFNeUF9xlvJNlwGrE1UXW1k0ZrYDA4GEivuq6thrsXCpsmrxW98sR_AaO--rW6Zjn7gvrUiIuO4BocpTnqrS27SvHDoQygZd3NNzSQDg4udFytLr4vuQ5u6JuXmwlk-pHywMxaxraXU43GTTBrOD2U0W3X0Q1jdwkPhwzDiI0wzrjjBq26Z9PWxZGtGMhs9s6bN1Ai8jycXb1dCq7zR66SeXkGpeINCkBthuomZgQsr5OcljBhdSq0DsXmMrP8WvCtMd1CfbRSR_IjLVJ1oQuc9w&sai=AMfl-YQZsuqm8UcZ9Z-cH6RQaEDqptsW-wTStk8pYEYyULAz47VSYyvplEhoQjQD3YFC7DfZTjJVT-lwWv17&sig=Cg0ArKJSzGzwLBWd0_lkEAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 May 2021 11:30:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
/
www.google.com/pagead/1p-user-list/859754747/ Frame 290D
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/859754747/?random=1620646199646&cv=9&fst=1620644400000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2Fnews-story%2F3bef7d513ccda66e010bbbd78ece65ae%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=84006677&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/859754747/ Frame 290D
42 B
154 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/859754747/?random=1620646199646&cv=9&fst=1620644400000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2Fnews-story%2F3bef7d513ccda66e010bbbd78ece65ae%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=84006677&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=470&dpuuid=3689427079626716088
dpm.demdex.net/ Frame 1DC2
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=3689427079626716088
42 B
973 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=470&dpuuid=3689427079626716088
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.47.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-47-58.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v005-0bfa53a0d.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
4Ahm6plATBY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=470&dpuuid=3689427079626716088
pragma
no-cache
date
Mon, 10 May 2021 11:30:01 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
main.gr.19.8.198.js
static.adsafeprotected.com/ Frame B438
182 KB
58 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.gr.19.8.198.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234025560&pubOrder=305536031&cb=395822153&custom=story&custom3=168400391&adsafe_par&impId=0d0d27b0-b183-11eb-9f88-06a809c23df0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.39.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
f3e6e25d787a95a0d90f41dc93958920a16c6498130914ee14e3bf72b09d34ec

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:30:01 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 15:54:21 GMT
server
nginx/1.16.1
etag
W/"66c7ceb040197cc2f4530f680aec8772"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
main.gr.19.8.198.js
static.adsafeprotected.com/ Frame 161D
182 KB
58 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.gr.19.8.198.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234025551&pubOrder=305536031&cb=1826087518&custom=story&custom3=168400391&adsafe_par&impId=0d0d27b1-b183-11eb-9f88-06a809c23df0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.39.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
f3e6e25d787a95a0d90f41dc93958920a16c6498130914ee14e3bf72b09d34ec

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:30:01 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 15:54:21 GMT
server
nginx/1.16.1
etag
W/"66c7ceb040197cc2f4530f680aec8772"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
view
securepubads.g.doubleclick.net/pcs/ Frame A88F
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuDiPU2x33PknAnUR3ScOpQLrSUlw3GH62L5UKirG7U5kAVtM_XM4zvT3WTdTb5XcNFjgklzqksApB3fRJcHQN7b_ZF9mWwpm46wwKnsYZALkJUhR861rvTppDz4sK3WolkPIATxbomqwFpvVozeGawqhHyBeSEponarUNQy8cfT-64btj7lYNj-EhGxCLo6p6PO8qS3ajBPZZRd_dWIRftInRes1N-iYs2jmu_2UWdYEwW3NjUm2JyFh2MFHvgr2C9XtTsR-6Ms66en_4GdBWIgQcU0jzVAGIAcCoHv7NZhDgzLeUXpVQIY62Wktk1FAZyHg&sai=AMfl-YSVASS-5vTHRB5gUpkyLENJ2tZaDBOUWqk_P9ekK2UKdyPnece1X_CRwwspgK9msSsxBBFCWF-OJfCN&sig=Cg0ArKJSzNDDHrps5TouEAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 May 2021 11:30:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
main.gr.19.8.198.js
static.adsafeprotected.com/ Frame F03C
182 KB
58 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.gr.19.8.198.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234092456&pubOrder=305536031&cb=440453319&custom=story&custom3=168400391&adsafe_par&impId=0d0d27b3-b183-11eb-9f88-06a809c23df0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.39.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
f3e6e25d787a95a0d90f41dc93958920a16c6498130914ee14e3bf72b09d34ec

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:30:01 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 15:54:21 GMT
server
nginx/1.16.1
etag
W/"66c7ceb040197cc2f4530f680aec8772"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
main.gr.19.8.198.js
static.adsafeprotected.com/ Frame A2B7
182 KB
58 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.gr.19.8.198.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234082178&pubOrder=305536031&cb=322818030&custom=story&custom3=168400391&adsafe_par&impId=0d0d27b4-b183-11eb-9f88-06a809c23df0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.39.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
f3e6e25d787a95a0d90f41dc93958920a16c6498130914ee14e3bf72b09d34ec

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:30:01 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 15:54:21 GMT
server
nginx/1.16.1
etag
W/"66c7ceb040197cc2f4530f680aec8772"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/ Frame BF71
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/?random=1620646201346&cv=9&fst=1620646201346&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa4s0&sendb=1&ig=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2Fnews-story%2F3bef7d513ccda66e010bbbd78ece65ae%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fb6f4b882df35b6fd50f42b8558155ef480fe7ed2569c167237b9e64aaabbb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1238
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.gr.19.8.198.js
static.adsafeprotected.com/ Frame 0B9A
182 KB
58 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.gr.19.8.198.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x90|1&pubId=36557831&chanId=21941980990&placementId=4795254195&pubCreative=138345071646&pubOrder=2161406623&cb=1058954694&custom=story&custom3=168400391&adsafe_par&impId=0d0d27b5-b183-11eb-9f88-06a809c23df0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.39.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
f3e6e25d787a95a0d90f41dc93958920a16c6498130914ee14e3bf72b09d34ec

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:30:01 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 15:54:21 GMT
server
nginx/1.16.1
etag
W/"66c7ceb040197cc2f4530f680aec8772"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
token
token.rubiconproject.com/ Frame 1DC2
0
214 B
Image
General
Full URL
https://token.rubiconproject.com/token?pid=6404&puid=81345772551284393474385986552835357031&gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
gn
secure-dcr.imrworldwide.com/cgi-bin/
44 B
336 B
Image
General
Full URL
https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_b04_all_S&asn=all&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&devmodel=&manuf=&sysname=&sysversion=&sessionId=0vsjtgyoeikiiccaepftimuf3dviw1620646198&prv=1&c6=vc,b04&ca=NA&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&c32=segA,breaking-news&c33=segB,NA&c34=segC,DSK-OTT-WinPhn-OtherBrowser&c15=apn,heraldsun&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,999&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16206461982662761&c30=bldv,6.0.0.594&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&devtypid=&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1620646197354&c3=st,c&c64=starttm,1620646200&adid=1620646197354&c58=isLive,false&c59=sesid,&c61=createtm,1620646201&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2Fnews-story%2F3bef7d513ccda66e010bbbd78ece65ae%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8&c66=mediaurl,&c62=sendTime,1620646201&rnd=794234
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.66.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:01 GMT
server
nginx
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
content-type
image/gif
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
main.gr.19.8.198.js
static.adsafeprotected.com/ Frame 33C1
182 KB
58 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.gr.19.8.198.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234092471&pubOrder=305536031&cb=1364132555&custom=story&custom3=168400391&adsafe_par&impId=0d0d27b2-b183-11eb-9f88-06a809c23df0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.39.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
f3e6e25d787a95a0d90f41dc93958920a16c6498130914ee14e3bf72b09d34ec

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:30:01 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 15:54:21 GMT
server
nginx/1.16.1
etag
W/"66c7ceb040197cc2f4530f680aec8772"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
/
adservice.google.de/ddm/fls/i/dc_pre=CNbJ_8eBv_ACFVoC4Aodn6UNfA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1270965378263.229;~oref=http... Frame FE1E
194 B
391 B
Document
General
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CNbJ_8eBv_ACFVoC4Aodn6UNfA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1270965378263.229;~oref=https://www.heraldsun.com.au/
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CNbJ_8eBv_ACFVoC4Aodn6UNfA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1270965378263.229;~oref=https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
adservice.google.de
:scheme
https
:path
/ddm/fls/i/dc_pre=CNbJ_8eBv_ACFVoC4Aodn6UNfA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1270965378263.229;~oref=https://www.heraldsun.com.au/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adservice.google.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adservice.google.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 10 May 2021 11:30:01 GMT
expires
Mon, 10 May 2021 11:30:01 GMT
cache-control
private, max-age=0
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
177
x-xss-protection
0
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
ibs:dpid=771&dpuuid=CAESEPdN81rNgTsTiRzo0uJ09GQ&google_cver=1
dpm.demdex.net/ Frame 1DC2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=ODEzNDU3NzI1NTEyODQzOTM0NzQzODU5ODY1NTI4MzUzNTcwMzE=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPdN81rNgTsTiRzo0uJ09GQ&google_cver=1?gdpr=0&gdpr_consent=
42 B
973 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPdN81rNgTsTiRzo0uJ09GQ&google_cver=1?gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.47.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-47-58.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v005-08ad32d5b.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
iC2T2xIXRis=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPdN81rNgTsTiRzo0uJ09GQ&google_cver=1?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/707564276/ Frame BF71
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/707564276/?random=1620646201346&cv=9&fst=1620644400000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa4s0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2Fnews-story%2F3bef7d513ccda66e010bbbd78ece65ae%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=3140961740&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/707564276/ Frame BF71
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/707564276/?random=1620646201346&cv=9&fst=1620644400000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa4s0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2Fnews-story%2F3bef7d513ccda66e010bbbd78ece65ae%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=3140961740&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sca.17.5.5.js
static.adsafeprotected.com/ Frame 950A
82 KB
21 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.5.5.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.39.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:30:01 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 15:29:23 GMT
server
nginx/1.16.1
age
334380
etag
W/"5356fa8b6073c3eb408487be61ef7d77"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
mon
pixel.adsafeprotected.com/
43 B
216 B
Image
General
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=10x10|1&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234082178&pubOrder=305536031&cb=322818030&custom=story&custom3=168400391&adsafe_par&impId=0d0d27b4-b183-11eb-9f88-06a809c23df0&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2Fnews-story%2F3bef7d513ccda66e010bbbd78ece65ae%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:f69838a2-8d27-93d5-97c8-80ca5d442059,c:cdkCJQ,sl:outOfView,em:true,fr:true,mn:app10ie,pt:1-5-15,wc:0.0.1600.1200,ac:795.2624.10.10,am:i,cc:795.2624.10.10,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:sx0uiEf+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C191%7C1a%7C1b111%7C1c%7C1d%7C1e%7C1f1%7C1g1%7C1h1%7C1i1%7C1j*.10507%7C1j1%7C1k1%7C1l,idMap:1j*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:492,oid:0e8018f9-b183-11eb-99ca-0634eb268b40,v:19.8.198,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.0.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:01 GMT
x-server-name
app03.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sca.17.5.5.js
static.adsafeprotected.com/ Frame 3CE5
82 KB
21 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.5.5.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.39.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:30:01 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 15:29:23 GMT
server
nginx/1.16.1
age
333487
etag
W/"5356fa8b6073c3eb408487be61ef7d77"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
mon
pixel.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|1&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234025560&pubOrder=305536031&cb=395822153&custom=story&custom3=168400391&adsafe_par&impId=0d0d27b0-b183-11eb-9f88-06a809c23df0&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2Fnews-story%2F3bef7d513ccda66e010bbbd78ece65ae%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:2cf6d96d-f0c2-4577-500d-d2a8147ad531,c:cdkCL0,sl:outOfView,em:true,fr:true,mn:app09ie,pt:1-5-15,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:sx0uiBU+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C191%7C1a%7C1b111%7C1c%7C1d%7C1e%7C1f*.10507%7C1f1%7C1g1%7C1h1%7C1i1%7C1j1%7C1j2%7C1k1%7C1l,idMap:1f*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:709,oid:0e163320-b183-11eb-b328-0ae761671616,v:19.8.198,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.0.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:01 GMT
x-server-name
app01.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sca.17.5.5.js
static.adsafeprotected.com/ Frame 6A24
82 KB
21 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.5.5.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.39.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:30:01 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 15:29:23 GMT
server
nginx/1.16.1
age
335221
etag
W/"5356fa8b6073c3eb408487be61ef7d77"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
mon
pixel.adsafeprotected.com/
43 B
216 B
Image
General
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=300x90|1&pubId=36557831&chanId=21941980990&placementId=4795254195&pubCreative=138345071646&pubOrder=2161406623&cb=1058954694&custom=story&custom3=168400391&adsafe_par&impId=0d0d27b5-b183-11eb-9f88-06a809c23df0&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2Fnews-story%2F3bef7d513ccda66e010bbbd78ece65ae%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:afe5e89e-cbe0-1049-7549-72127d02c22c,c:cdkCLZ,sl:inView,em:true,fr:true,mn:app11ie,pt:1-5-15,wc:0.0.1600.1200,ac:1124.612.300.90,am:i,cc:1124.612.300.90,piv:100,obst:0,th:0,reas:,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:sx0uiED+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C191%7C1a%7C1b111%7C1c%7C1d%7C1e%7C1f1%7C1f2%7C1g1%7C1h1%7C1i1%7C1j1%7C1j2%7C1k*.10507%7C1k1%7C1l,idMap:1k*,pl:,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:601,oid:0ea04b29-b183-11eb-a01a-024bf4a6d028,v:19.8.198,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.0.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:02 GMT
x-server-name
app33.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sca.17.5.5.js
static.adsafeprotected.com/ Frame 9751
82 KB
21 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.5.5.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.39.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:30:02 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 15:29:23 GMT
server
nginx/1.16.1
age
336128
etag
W/"5356fa8b6073c3eb408487be61ef7d77"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
mon
pixel.adsafeprotected.com/
43 B
216 B
Image
General
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|2&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234025551&pubOrder=305536031&cb=1826087518&custom=story&custom3=168400391&adsafe_par&impId=0d0d27b1-b183-11eb-9f88-06a809c23df0&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2Fnews-story%2F3bef7d513ccda66e010bbbd78ece65ae%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:c95c3500-4658-b404-61ba-e894c6f5d294,c:cdkCMF,sl:outOfView,em:true,fr:true,mn:app23ie,pt:1-5-15,wc:0.0.1600.1200,ac:800.2583.1.1,am:i,cc:800.2583.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:sx0uiCk+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C191%7C1a%7C1b111%7C1c%7C1d%7C1e%7C1f1%7C1f2%7C1g*.10507%7C1g1%7C1h1%7C1i1%7C1j1%7C1j2%7C1k1%7C1k2%7C1l,idMap:1g*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:786,oid:0e3a35d7-b183-11eb-9fc0-0ad2739237b2,v:19.8.198,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.0.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:02 GMT
x-server-name
app30.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sca.17.5.5.js
static.adsafeprotected.com/ Frame 201C
82 KB
21 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.5.5.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.39.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:30:02 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 15:29:23 GMT
server
nginx/1.16.1
age
336128
etag
W/"5356fa8b6073c3eb408487be61ef7d77"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
mon
pixel.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|2&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234092456&pubOrder=305536031&cb=440453319&custom=story&custom3=168400391&adsafe_par&impId=0d0d27b3-b183-11eb-9f88-06a809c23df0&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2Fnews-story%2F3bef7d513ccda66e010bbbd78ece65ae%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:5e9a1762-be09-2cfe-6964-92b111567b19,c:cdkCOh,sl:outOfView,em:true,fr:true,mn:app21ie,pt:1-5-15,wc:0.0.1600.1200,ac:1273.1658.1.1,am:i,cc:1273.1658.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:sx0uiDh+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C191%7C1a%7C1b111%7C1c%7C1d%7C1e%7C1f1%7C1f2%7C1g1%7C1g2%7C1h1%7C1i*.10507%7C1i1%7C1j1%7C1j2%7C1k1%7C1k2%7C1l,idMap:1i*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:827,oid:0e68bfed-b183-11eb-ab35-0aeb40f66fa8,v:19.8.198,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.0.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:02 GMT
x-server-name
app10.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
ibs:dpid=903&dpuuid=add346fb-16d5-48b4-8488-78e0c4a84ba5
dpm.demdex.net/ Frame 1DC2
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=add346fb-16d5-48b4-8488-78e0c4a84ba5
42 B
973 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=903&dpuuid=add346fb-16d5-48b4-8488-78e0c4a84ba5
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.47.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-47-58.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v005-0bfa53a0d.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
4OzwhcrTToY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:02 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dpm.demdex.net/ibs:dpid=903&dpuuid=add346fb-16d5-48b4-8488-78e0c4a84ba5
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
189
sca.17.5.5.js
static.adsafeprotected.com/ Frame 51FD
82 KB
21 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.5.5.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.39.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:30:02 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 15:29:23 GMT
server
nginx/1.16.1
age
334380
etag
W/"5356fa8b6073c3eb408487be61ef7d77"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
mon
pixel.adsafeprotected.com/
43 B
216 B
Image
General
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|1&pubId=20970311&chanId=21941980990&placementId=4682990628&pubCreative=138234092471&pubOrder=305536031&cb=1364132555&custom=story&custom3=168400391&adsafe_par&impId=0d0d27b2-b183-11eb-9f88-06a809c23df0&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2Fnews-story%2F3bef7d513ccda66e010bbbd78ece65ae%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:f5babca3-8f77-10ea-6d12-41e7735f6f22,c:cdkCRk,sl:inView,em:true,fr:true,mn:app14ie,pt:1-5-15,wc:0.0.1600.1200,ac:1273.777.1.1,am:i,cc:1273.777.1.1,piv:100,obst:0,th:0,reas:,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:sx0uiGA+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C191%7C1a%7C1b111%7C1c%7C1d%7C1e%7C1f1%7C1f2%7C1g1%7C1g2%7C1h*.10507%7C1h1%7C1i1%7C1i2%7C1j1%7C1j2%7C1k1%7C1k2%7C1l,idMap:1h*,pl:,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:811,oid:0eb66ade-b183-11eb-b329-02c390e9b11a,v:19.8.198,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.0.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:02 GMT
x-server-name
app35.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=afe5e89e-cbe0-1049-7549-72127d02c22c&tv=%7Bc:cdkCRV,pingTime:0,time:968,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:600%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:968,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:600,wc:0.0.1600.1200,ac:1124.612.300.90,am:i,cc:1124.612.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B388~100%5D,as:%5B388~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sx0uiBU+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C191%7C1a%7C1b111%7C1c%7C1d%7C1e%7C1f.10507%7C1f1%7C1f2%7C1g1%7C1h1%7C1i1%7C1j.10507%7C1j1%7C1j2%7C1k*.10507%7C1k1%7C1l,idMap:1k*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:02 GMT
x-server-name
dt49.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame 28A9
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssjRkKGtDkU2cYr70wjlIKT08DHK45Xhtal6Gih2fD5TaoN_qr9RBJ7mPERTYbmodjlSa0-IWEAGj7jmrTK9dPQSjavjglbNlxd6lpq1XU&sig=Cg0ArKJSzI0xKCCrRePMEAE&id=lidar2&mcvt=1369&p=612,1124,702,1424&mtos=1369,1369,1369,1369,1369&tos=1369,0,0,0,0&v=20210507&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=1679177193&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1620646199423&dlt=0&rpt=1644&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=f69838a2-8d27-93d5-97c8-80ca5d442059&tv=%7Bc:cdkCTn,pingTime:-2,time:1082,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:673,beZ:675,mfA:1078,cmA:1081,inA:1081,inZ:1100,prA:1100,prZ:1150,si:1165,poA:1166,poZ:1196,cmZ:1196,mfZ:1196,loA:1510,loZ:1517,ltA:1753,ltZ:1753%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:10,h:10,t:491%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1082,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:490,wc:0.0.1600.1200,ac:795.2624.10.10,am:i,cc:795.2624.10.10,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B662~0%5D,as:%5B662~10.10%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sx0uiBU+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C191%7C1a%7C1b111%7C1c%7C1d%7C1e%7C1f.10507%7C1f1%7C1g.10507%7C1g1%7C1h1%7C1i.10507%7C1i1%7C1j*.10507%7C1j1%7C1k.10507%7C1k1%7C1l,idMap:1j*,rmeas:1,rend:0,renddet:IMG.us,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/news/breakingnews_4,google_ads_iframe_/5129/ndm.hwt/news/breakingnews_4__container__,ad-block-1000x50-1%5D,sinceFw:587,readyFired:true%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:02 GMT
x-server-name
dt50.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=2cf6d96d-f0c2-4577-500d-d2a8147ad531&tv=%7Bc:cdkCTw,pingTime:-2,time:1236,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1314,beZ:1315,mfA:2002,cmA:2003,inA:2003,inZ:2006,prA:2006,prZ:2016,si:2022,poA:2023,poZ:2059,cmZ:2059,mfZ:2059,loA:2334,loZ:2351,ltA:2550,ltZ:2550%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:708%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1237,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:708,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B547~0%5D,as:%5B547~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sx0uiBU+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C191%7C1a%7C1b111%7C1c%7C1d%7C1e%7C1f*.10507%7C1f1%7C1g.10507%7C1g1%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1j.10507%7C1j1%7C1j2%7C1k.10507%7C1k1%7C1l,idMap:1f*,rmeas:1,rend:0,renddet:IMG.us,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/news/breakingnews_0,google_ads_iframe_/5129/ndm.hwt/news/breakingnews_0__container__,ad-block-728x90-1%5D,sinceFw:527,readyFired:true%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:02 GMT
x-server-name
dt36.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/
43 B
216 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=f5babca3-8f77-10ea-6d12-41e7735f6f22&tv=%7Bc:cdkCTF,pingTime:0,time:955,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:1,h:1,t:810%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:955,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:810,wc:0.0.1600.1200,ac:1273.777.1.1,am:i,cc:1273.777.1.1,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B204~100%5D,as:%5B204~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sx0uiCk+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C191%7C1a%7C1b111%7C1c%7C1d%7C1e%7C1f1%7C1f2%7C1g.10507%7C1g1%7C1g2%7C1h*.10507%7C1h1%7C1i.10507%7C1i1%7C1i2%7C1j1%7C1j2%7C1k.10507%7C1k1%7C1k2%7C1l,idMap:1h*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:02 GMT
x-server-name
dt51.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
usersync.html
image5.pubmatic.com/AdServer/usersync/ Frame 1DC2
0
0
Image
General
Full URL
https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=afe5e89e-cbe0-1049-7549-72127d02c22c&tv=%7Bc:cdkCTW,pingTime:-2,time:1093,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:481,beZ:483,mfA:1059,cmA:1059,inA:1059,inZ:1062,prA:1062,prZ:1076,si:1082,poA:1082,poZ:1093,cmZ:1093,mfZ:1093,loA:1453,loZ:1455,ecZ:1571,ltA:1574,ltZ:1574%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:600%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1093,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:600,wc:0.0.1600.1200,ac:1124.612.300.90,am:i,cc:1124.612.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B514~100%5D,as:%5B514~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sx0uiBU+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C191%7C1a%7C1b111%7C1c%7C1d%7C1e%7C1f.10507%7C1f1%7C1f2%7C1g.10507%7C1g1%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1j.10507%7C1j1%7C1j2%7C1k*.10507%7C1k1%7C1l,idMap:1k*,rmeas:1,rend:1,renddet:IMG.qs,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/news/breakingnews_5,google_ads_iframe_/5129/ndm.hwt/news/breakingnews_5__container__,ad-block-300x90-1,rhc,story%5D,sinceFw:492,readyFired:true%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:02 GMT
x-server-name
dt52.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=c95c3500-4658-b404-61ba-e894c6f5d294&tv=%7Bc:cdkCUb,pingTime:-2,time:1251,type:a,im:%7BpBlk:818,sf:0,pom:1,prf:%7BbeA:1004,beZ:1007,mfA:1762,cmA:1762,inA:1762,inZ:1765,prA:1765,prZ:1783,si:1789,poA:1790,bl:1821,poZ:1821,cmZ:1821,mfZ:1821,loA:2144,loZ:2146,ltA:2255,ltZ:2255%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:785%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1252,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:785,wc:0.0.1600.1200,ac:800.2583.1.1,am:i,cc:800.2583.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B493~0%5D,as:%5B493~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sx0uiBU+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C191%7C1a%7C1b111%7C1c%7C1d%7C1e%7C1f.10507%7C1f1%7C1f2%7C1g*.10507%7C1g1%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1j.10507%7C1j1%7C1j2%7C1k.10507%7C1k1%7C1k2%7C1l,idMap:1g*,rmeas:1,rend:0,renddet:IMG.us,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/news/breakingnews_1,google_ads_iframe_/5129/ndm.hwt/news/breakingnews_1__container__,ad-block-728x90-2%5D,sinceFw:465,readyFired:true%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:02 GMT
x-server-name
dt37.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=5e9a1762-be09-2cfe-6964-92b111567b19&tv=%7Bc:cdkCUm,pingTime:-2,time:1203,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:769,beZ:789,mfA:1546,cmA:1546,inA:1546,inZ:1556,prA:1556,prZ:1578,si:1596,poA:1597,poZ:1604,cmZ:1604,mfZ:1604,loA:1897,loZ:1899,ltA:1973,ltZ:1973%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:826%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1204,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:826,wc:0.0.1600.1200,ac:1273.1658.1.1,am:i,cc:1273.1658.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B419~0%5D,as:%5B419~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sx0uiBU+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C191%7C1a%7C1b111%7C1c%7C1d%7C1e%7C1f.10507%7C1f1%7C1f2%7C1g.10507%7C1g1%7C1g2%7C1h.10507%7C1h1%7C1i*.10507%7C1i1%7C1j.10507%7C1j1%7C1j2%7C1k.10507%7C1k1%7C1k2%7C1l,idMap:1i*,rmeas:1,rend:0,renddet:IMG.us,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/news/breakingnews_3,google_ads_iframe_/5129/ndm.hwt/news/breakingnews_3__container__,ad-block-300x250-2,rhc,story%5D,sinceFw:376,readyFired:true%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:02 GMT
x-server-name
dt17.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=f5babca3-8f77-10ea-6d12-41e7735f6f22&tv=%7Bc:cdkCUI,pingTime:-2,time:1020,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:551,beZ:553,mfA:1297,cmA:1300,inA:1300,inZ:1335,prA:1335,prZ:1356,si:1360,poA:1360,poZ:1384,cmZ:1384,mfZ:1384,loA:1508,loZ:1510,ltA:1569,ltZ:1569%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:1,h:1,t:810%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1020,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:810,wc:0.0.1600.1200,ac:1273.777.1.1,am:i,cc:1273.777.1.1,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B269~100%5D,as:%5B269~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sx0uiCk+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C191%7C1a%7C1b111%7C1c%7C1d%7C1e%7C1f1%7C1f2%7C1g.10507%7C1g1%7C1g2%7C1h*.10507%7C1h1%7C1i.10507%7C1i1%7C1i2%7C1j1%7C1j2%7C1k.10507%7C1k1%7C1k2%7C1l,idMap:1h*,rmeas:1,rend:1,renddet:IMG.qs,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/news/breakingnews_2,google_ads_iframe_/5129/ndm.hwt/news/breakingnews_2__container__,ad-block-300x250-1,rhc,story%5D,sinceFw:209,readyFired:true%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:02 GMT
x-server-name
dt19.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
ibs:dpid=23728&dpuuid=YJkZOsBXmjocmPnm.2X0nQAA%261116
dpm.demdex.net/ Frame 1DC2
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YJkZOsBXmjocmPnm.2X0nQAA%261116
42 B
973 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YJkZOsBXmjocmPnm.2X0nQAA%261116
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.47.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-47-58.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v005-08ad32d5b.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
PpYmGPNGRoQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
Date
Mon, 10 May 2021 11:30:02 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YJkZOsBXmjocmPnm.2X0nQAA%261116
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
264
Expires
Mon, 10 May 2021 11:30:02 GMT
ibs:dpid=30432&dpuuid=CI-bd2675ae2fdaa760b31b18a37927d22c
dpm.demdex.net/ Frame 1DC2
Redirect Chain
  • https://dt.scanscout.com/ssframework/uid?UIAA=81345772551284393474385986552835357031&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D
  • https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-bd2675ae2fdaa760b31b18a37927d22c
42 B
973 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-bd2675ae2fdaa760b31b18a37927d22c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.47.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-47-58.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v005-0c7d1f46b.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
UzKIsi1lRQc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-bd2675ae2fdaa760b31b18a37927d22c
Date
Mon, 10 May 2021 11:30:03 GMT
useSecure
true
Server
nginx/1.10.3
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=f69838a2-8d27-93d5-97c8-80ca5d442059&tv=%7Bc:cdkCZr,time:1458,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1458,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:490,wc:0.0.1600.1200,ac:795.2624.10.10,am:i,cc:795.2624.10.10,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1038~0%5D,as:%5B1038~10.10%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sx0uiBU+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C191%7C1a%7C1b111%7C1c%7C1d%7C1e%7C1f.10507%7C1f1%7C1g.10507%7C1g1%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1j*.10507%7C1j1%7C1k.10507%7C1k1%7C1l,idMap:1j*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:02 GMT
x-server-name
dt06.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=f69838a2-8d27-93d5-97c8-80ca5d442059&tv=%7Bc:cdkD28,pingTime:-10,time:1625,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1620646202951%7C%7Cf89bd2e4f55b8f1f6dcff04fafcee85b%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C2d99e7deeb011282a00a7cf5ea3c044a%7C%7Ce7bf3f8bbda477fdce5f169d43a22b67%7C%7C2a91511ed7b0f5a02bec3919ca7bede9%7C%7Ceb15eb31496d67b37b2f16232a3d98e0%7C%7Ccec950f3329f982df49777cade3db85f%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:03 GMT
x-server-name
dt06.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=2cf6d96d-f0c2-4577-500d-d2a8147ad531&tv=%7Bc:cdkD2C,time:1800,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1800,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:708,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1110~0%5D,as:%5B1110~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sx0uiBU+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C191%7C1a%7C1b111%7C1c%7C1d%7C1e%7C1f*.10507%7C1f1%7C1g.10507%7C1g1%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1j.10507%7C1j1%7C1j2%7C1k.10507%7C1k1%7C1l,idMap:1f*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:03 GMT
x-server-name
dt08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=afe5e89e-cbe0-1049-7549-72127d02c22c&tv=%7Bc:cdkD2E,time:1633,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1633,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:600,wc:0.0.1600.1200,ac:1124.612.300.90,am:i,cc:1124.612.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1053~100%5D,as:%5B1053~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:649,fm:sx0uiBU+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C191%7C1a%7C1b111%7C1c%7C1d%7C1e%7C1f.10507%7C1f1%7C1f2%7C1g.10507%7C1g1%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1j.10507%7C1j1%7C1j2%7C1k*.10507%7C1k1%7C1l,idMap:1k*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:03 GMT
x-server-name
dt23.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=c95c3500-4658-b404-61ba-e894c6f5d294&tv=%7Bc:cdkD2G,time:1778,type:e,im:%7BpWait:117%7D,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1778,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:785,wc:0.0.1600.1200,ac:800.2583.1.1,am:i,cc:800.2583.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1019~0%5D,as:%5B1019~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:508,fm:sx0uiBU+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C191%7C1a%7C1b111%7C1c%7C1d%7C1e%7C1f.10507%7C1f1%7C1f2%7C1g*.10507%7C1g1%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1j.10507%7C1j1%7C1j2%7C1k.10507%7C1k1%7C1k2%7C1l,idMap:1g*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:03 GMT
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=5e9a1762-be09-2cfe-6964-92b111567b19&tv=%7Bc:cdkD2V,time:1734,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1734,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:826,wc:0.0.1600.1200,ac:1273.1658.1.1,am:i,cc:1273.1658.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B950~0%5D,as:%5B950~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sx0uiBU+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C191%7C1a%7C1b111%7C1c%7C1d%7C1e%7C1f.10507%7C1f1%7C1f2%7C1g.10507%7C1g1%7C1g2%7C1h.10507%7C1h1%7C1i*.10507%7C1i1%7C1j.10507%7C1j1%7C1j2%7C1k.10507%7C1k1%7C1k2%7C1l,idMap:1i*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:03 GMT
x-server-name
dt25.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=f5babca3-8f77-10ea-6d12-41e7735f6f22&tv=%7Bc:cdkD3s,time:1562,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1562,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:810,wc:0.0.1600.1200,ac:1273.777.1.1,am:i,cc:1273.777.1.1,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B811~100%5D,as:%5B811~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:540,fm:sx0uiCk+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C191%7C1a%7C1b111%7C1c%7C1d%7C1e%7C1f1%7C1f2%7C1g.10507%7C1g1%7C1g2%7C1h*.10507%7C1h1%7C1i.10507%7C1i1%7C1i2%7C1j1%7C1j2%7C1k.10507%7C1k1%7C1k2%7C1l,idMap:1h*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:03 GMT
x-server-name
dt18.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame 1DC2
Redirect Chain
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=81345772551284393474385986552835357031&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
42 B
991 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.47.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-47-58.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v005-09a2fb8ee.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-Error
303,104
X-TID
IqaXKsq3SIQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date
Mon, 10 May 2021 11:30:03 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=f5babca3-8f77-10ea-6d12-41e7735f6f22&tv=%7Bc:cdkD6E,pingTime:-10,time:1760,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1620646202951%7C%7Cf89bd2e4f55b8f1f6dcff04fafcee85b%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C2d99e7deeb011282a00a7cf5ea3c044a%7C%7Ce7bf3f8bbda477fdce5f169d43a22b67%7C%7C2a91511ed7b0f5a02bec3919ca7bede9%7C%7Ceb15eb31496d67b37b2f16232a3d98e0%7C%7Ccec950f3329f982df49777cade3db85f%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-,sca:%7Bspg:f69838a2-8d27-93d5-97c8-80ca5d442059%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:03 GMT
x-server-name
dt65.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
usermatch.gif
beacon.krxd.net/ Frame 1DC2
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=81345772551284393474385986552835357031
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=81345772551284393474385986552835357031
0
337 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=81345772551284393474385986552835357031
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.170.10.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:30:05 GMT
cache-control
private, no-cache, no-store
x-request-time
D=29 t=1620646205
x-served-by
beacon-n023-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=81345772551284393474385986552835357031
date
Mon, 10 May 2021 11:30:04 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a010-ash-prod.krxd.net
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=5e9a1762-be09-2cfe-6964-92b111567b19&tv=%7Bc:cdkD7q,pingTime:-10,time:2013,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1620646202951%7C%7Cf89bd2e4f55b8f1f6dcff04fafcee85b%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C2d99e7deeb011282a00a7cf5ea3c044a%7C%7Ce7bf3f8bbda477fdce5f169d43a22b67%7C%7C2a91511ed7b0f5a02bec3919ca7bede9%7C%7Ceb15eb31496d67b37b2f16232a3d98e0%7C%7Ccec950f3329f982df49777cade3db85f%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-,sca:%7Bspg:f69838a2-8d27-93d5-97c8-80ca5d442059%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:03 GMT
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=afe5e89e-cbe0-1049-7549-72127d02c22c&tv=%7Bc:cdkD8c,pingTime:1,time:1979,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:600%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1979,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:600,wc:0.0.1600.1200,ac:1124.612.300.90,am:i,cc:1124.612.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1399~100%5D,as:%5B1399~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:282,fm:sx0uiBU+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C191%7C1a%7C1b111%7C1c%7C1d%7C1e%7C1f.10507%7C1f1%7C1f2%7C1g.10507%7C1g1%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1j.10507%7C1j1%7C1j2%7C1k*.10507%7C1k1%7C1l,idMap:1k*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:03 GMT
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=afe5e89e-cbe0-1049-7549-72127d02c22c&tv=%7Bc:cdkD8f,pingTime:1,time:1980,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:600%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1980,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:600,wc:0.0.1600.1200,ac:1124.612.300.90,am:i,cc:1124.612.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1400~100%5D,as:%5B1400~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:282,fm:sx0uiBU+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C191%7C1a%7C1b111%7C1c%7C1d%7C1e%7C1f.10507%7C1f1%7C1f2%7C1g.10507%7C1g1%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1j.10507%7C1j1%7C1j2%7C1k*.10507%7C1k1%7C1l,idMap:1k*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:03 GMT
x-server-name
dt02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=afe5e89e-cbe0-1049-7549-72127d02c22c&tv=%7Bc:cdkD8f,pingTime:1,time:1980,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:600%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1980,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:600,wc:0.0.1600.1200,ac:1124.612.300.90,am:i,cc:1124.612.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1401~100%5D,as:%5B1401~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:282,fm:sx0uiBU+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C191%7C1a%7C1b111%7C1c%7C1d%7C1e%7C1f.10507%7C1f1%7C1f2%7C1g.10507%7C1g1%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1j.10507%7C1j1%7C1j2%7C1k*.10507%7C1k1%7C1l,idMap:1k*,rmeas:1,rend:1,renddet:IMG.qs,metricId:publ1,cmr:t%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:03 GMT
x-server-name
dt03.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=afe5e89e-cbe0-1049-7549-72127d02c22c&tv=%7Bc:cdkD8g,pingTime:1,time:1981,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:600%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1981,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:600,wc:0.0.1600.1200,ac:1124.612.300.90,am:i,cc:1124.612.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1401~100%5D,as:%5B1401~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:282,fm:sx0uiBU+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C191%7C1a%7C1b111%7C1c%7C1d%7C1e%7C1f.10507%7C1f1%7C1f2%7C1g.10507%7C1g1%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1j.10507%7C1j1%7C1j2%7C1k*.10507%7C1k1%7C1l,idMap:1k*,rmeas:1,rend:1,renddet:IMG.qs,metricId:grpm1,cmr:t%7D&br=u
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/news/breaking-news/germany-lifts-priority-limits-to-offer-jj-jabs-to-all/news-story/3bef7d513ccda66e010bbbd78ece65ae?_hsmi=88974744&_hsenc=p2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:03 GMT
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
ibs:dpid=134096&dpuuid=qdBLBQ9999ehLokQ
dpm.demdex.net/ Frame 1DC2
Redirect Chain
  • https://tags.bluekai.com/site/43981?id=81345772551284393474385986552835357031&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=qdBLBQ9999ehLokQ
42 B
973 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=qdBLBQ9999ehLokQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.47.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-47-58.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v005-039fc829c.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
jZMt2kRmR98=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=qdBLBQ9999ehLokQ
Date
Mon, 10 May 2021 11:30:04 GMT
Connection
keep-alive
Content-Length
0
BK-Server
ff1e
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
/
zn7wdmojjixvhyobn-news.siteintercept.qualtrics.com/WRSiteInterceptEngine/
60 KB
18 KB
Script
General
Full URL
https://zn7wdmojjixvhyobn-news.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_7WDMojjIXvhyOBn&Q_LOC=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2Fnews-story%2F3bef7d513ccda66e010bbbd78ece65ae%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.903.js?utv=ut4.46.202009280518
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
eb96f89f9100a775ab32d86cf5c4cade0a7098fc7143a9bbe36db732612114fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:30:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
370215
cf-polished
origSize=62941
edge-control
max-age=604800
x-envoy-upstream-service-time
10
vary
Accept-Encoding
cf-request-id
09f7a3ac6b0000417a5e83e000000001
cf-bgj
minify
server
cloudflare
x-powered-by
Express
etag
W/"f5dd-Mf7skz1vI9arbIOQ+qP5mWKrh7c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=604800
cf-ray
64d2d55a48df417a-HAM
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
sodar
pagead2.googlesyndication.com/getconfig/
10 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021050501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061027
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6e23aed99c20b342c9eda33b7ee83bc99ec8a82f470ce210ee0ac508ad51764f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 May 2021 11:30:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7748
x-xss-protection
0
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=f5babca3-8f77-10ea-6d12-41e7735f6f22&tv=%7Bc:cdkDdI,pingTime:1,time:2198,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:1,h:1,t:810%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2198,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:810,wc:0.0.1600.1200,ac:1273.777.1.1,am:i,cc:1273.777.1.1,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1447~100%5D,as:%5B1447~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:306,fm:sx0uiCk+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C191%7C1a%7C1b111%7C1c%7C1d%7C1e%7C1f1%7C1f2%7C1g.10507%7C1g1%7C1g2%7C1h*.10507%7C1h1%7C1i.10507%7C1i1%7C1i2%7C1j1%7C1j2%7C1k.10507%7C1k1%7C1k2%7C1l,idMap:1h*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:03 GMT
x-server-name
dt02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=f5babca3-8f77-10ea-6d12-41e7735f6f22&tv=%7Bc:cdkDdJ,pingTime:1,time:2199,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:1,h:1,t:810%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2199,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:810,wc:0.0.1600.1200,ac:1273.777.1.1,am:i,cc:1273.777.1.1,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1448~100%5D,as:%5B1448~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:306,fm:sx0uiCk+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C191%7C1a%7C1b111%7C1c%7C1d%7C1e%7C1f1%7C1f2%7C1g.10507%7C1g1%7C1g2%7C1h*.10507%7C1h1%7C1i.10507%7C1i1%7C1i2%7C1j1%7C1j2%7C1k.10507%7C1k1%7C1k2%7C1l,idMap:1h*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:03 GMT
x-server-name
dt03.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=f5babca3-8f77-10ea-6d12-41e7735f6f22&tv=%7Bc:cdkDdO,pingTime:1,time:2204,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:1,h:1,t:810%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2204,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:810,wc:0.0.1600.1200,ac:1273.777.1.1,am:i,cc:1273.777.1.1,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1454~100%5D,as:%5B1454~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:306,fm:sx0uiCk+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C191%7C1a%7C1b111%7C1c%7C1d%7C1e%7C1f1%7C1f2%7C1g.10507%7C1g1%7C1g2%7C1h*.10507%7C1h1%7C1i.10507%7C1i1%7C1i2%7C1j1%7C1j2%7C1k.10507%7C1k1%7C1k2%7C1l,idMap:1h*,rmeas:1,rend:1,renddet:IMG.qs,metricId:publ1,cmr:t%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:03 GMT
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=f5babca3-8f77-10ea-6d12-41e7735f6f22&tv=%7Bc:cdkDdP,pingTime:1,time:2205,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:1,h:1,t:810%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2205,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:810,wc:0.0.1600.1200,ac:1273.777.1.1,am:i,cc:1273.777.1.1,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1454~100%5D,as:%5B1454~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:306,fm:sx0uiCk+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C191%7C1a%7C1b111%7C1c%7C1d%7C1e%7C1f1%7C1f2%7C1g.10507%7C1g1%7C1g2%7C1h*.10507%7C1h1%7C1i.10507%7C1i1%7C1i2%7C1j1%7C1j2%7C1k.10507%7C1k1%7C1k2%7C1l,idMap:1h*,rmeas:1,rend:1,renddet:IMG.qs,metricId:grpm1,cmr:t%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:03 GMT
x-server-name
dt05.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
pixel
cm.g.doubleclick.net/ Frame 1DC2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUprWk5nQUFBQmxXZlNrTg==
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUprWk5nQUFBQmxXZlNrTg==
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:04 GMT
via
1.1 varnish
server
Varnish
x-timer
S1620646205.554960,VS0,VE0
x-served-by
cache-hhn4083-HHN
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUprWk5nQUFBQmxXZlNrTg==
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame 1DC2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YJkZNgAAABlWfSkN&expires=90
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YJkZNgAAABlWfSkN&expires=90
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:04 GMT
via
1.1 varnish
server
Varnish
x-timer
S1620646205.554943,VS0,VE0
x-served-by
cache-hhn4083-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YJkZNgAAABlWfSkN&expires=90
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=2cf6d96d-f0c2-4577-500d-d2a8147ad531&tv=%7Bc:cdkDg0,time:2630,type:e,env:%7Bnr_p:1,nr_publ1:1,nr_grpm1:1%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:2630,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:708,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1940~0%5D,as:%5B1940~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:284,fm:sx0uiBU+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C191%7C1a%7C1b111%7C1c%7C1d%7C1e%7C1f*.10507%7C1f1%7C1g.10507%7C1g1%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1j.10507%7C1j1%7C1j2%7C1k.10507%7C1k1%7C1l,idMap:1f*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:03 GMT
x-server-name
dt54.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=2cf6d96d-f0c2-4577-500d-d2a8147ad531&tv=%7Bc:cdkDgM,pingTime:-10,time:2678,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1620646202951%7C%7Cf89bd2e4f55b8f1f6dcff04fafcee85b%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C2d99e7deeb011282a00a7cf5ea3c044a%7C%7Ce7bf3f8bbda477fdce5f169d43a22b67%7C%7C2a91511ed7b0f5a02bec3919ca7bede9%7C%7Ceb15eb31496d67b37b2f16232a3d98e0%7C%7Ccec950f3329f982df49777cade3db85f%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-,sca:%7Bspg:f69838a2-8d27-93d5-97c8-80ca5d442059%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:03 GMT
x-server-name
dt64.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=afe5e89e-cbe0-1049-7549-72127d02c22c&tv=%7Bc:cdkDhh,pingTime:-10,time:2540,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1620646202951%7C%7Cf89bd2e4f55b8f1f6dcff04fafcee85b%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C2d99e7deeb011282a00a7cf5ea3c044a%7C%7Ce7bf3f8bbda477fdce5f169d43a22b67%7C%7C2a91511ed7b0f5a02bec3919ca7bede9%7C%7Ceb15eb31496d67b37b2f16232a3d98e0%7C%7Ccec950f3329f982df49777cade3db85f%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-,sca:%7Bspg:f69838a2-8d27-93d5-97c8-80ca5d442059%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:03 GMT
x-server-name
dt30.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
rum
dsum-sec.casalemedia.com/ Frame 1DC2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YJkZNgAAABlWfSkN
43 B
1003 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YJkZNgAAABlWfSkN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 May 2021 11:30:04 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 10 May 2021 11:30:04 GMT

Redirect headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:04 GMT
via
1.1 varnish
server
Varnish
x-timer
S1620646205.554915,VS0,VE0
x-served-by
cache-hhn4083-HHN
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YJkZNgAAABlWfSkN
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=c95c3500-4658-b404-61ba-e894c6f5d294&tv=%7Bc:cdkDjK,pingTime:-10,time:2836,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1620646202951%7C%7Cf89bd2e4f55b8f1f6dcff04fafcee85b%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C2d99e7deeb011282a00a7cf5ea3c044a%7C%7Ce7bf3f8bbda477fdce5f169d43a22b67%7C%7C2a91511ed7b0f5a02bec3919ca7bede9%7C%7Ceb15eb31496d67b37b2f16232a3d98e0%7C%7Ccec950f3329f982df49777cade3db85f%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-,sca:%7Bspg:f69838a2-8d27-93d5-97c8-80ca5d442059%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:04 GMT
x-server-name
dt26.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
setuid
ib.adnxs.com/ Frame 1DC2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://ib.adnxs.com/setuid?entity=158&code=YJkZNgAAABlWfSkN
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=158&code=YJkZNgAAABlWfSkN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 May 2021 11:30:04 GMT
X-Proxy-Origin
89.187.189.187; 89.187.189.187; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.176:80
AN-X-Request-Uuid
e4a4bcd1-a18c-4bdd-a2e3-f523aa80d208
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:04 GMT
via
1.1 varnish
server
Varnish
x-timer
S1620646205.554880,VS0,VE0
x-served-by
cache-hhn4083-HHN
x-cache
HIT
location
https://ib.adnxs.com/setuid?entity=158&code=YJkZNgAAABlWfSkN
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sd
us-u.openx.net/w/1.0/ Frame 1DC2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YJkZNgAAABlWfSkN
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YJkZNgAAABlWfSkN
43 B
106 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YJkZNgAAABlWfSkN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:04 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YJkZNgAAABlWfSkN
date
Mon, 10 May 2021 11:30:04 GMT
via
1.1 google
server
OXGW/16.206.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
Pug
image2.pubmatic.com/AdServer/ Frame 1DC2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJkZNgAAABlWfSkN
1 B
809 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJkZNgAAABlWfSkN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 10 May 2021 11:30:04 GMT
X-lat
lhrpug004:0:805
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:04 GMT
via
1.1 varnish
server
Varnish
x-timer
S1620646205.563208,VS0,VE0
x-served-by
cache-hhn4083-HHN
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJkZNgAAABlWfSkN
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
partner
sync.search.spotxchange.com/ Frame 1DC2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YJkZNgAAABlWfSkN&img=1
43 B
548 B
Image
General
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YJkZNgAAABlWfSkN&img=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.126 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 10 May 2021 11:30:04 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
10
Connection
keep-alive
Content-Length
43

Redirect headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:04 GMT
via
1.1 varnish
server
Varnish
x-timer
S1620646205.697134,VS0,VE0
x-served-by
cache-hhn4083-HHN
x-cache
HIT
location
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YJkZNgAAABlWfSkN&img=1
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061027
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 11:30:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Mon, 10 May 2021 11:30:04 GMT
b.php
www.facebook.com/fr/ Frame 1DC2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=YJkZNgAAABlWfSkN&t=2592000&o=0
43 B
557 B
Image
General
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YJkZNgAAABlWfSkN&t=2592000&o=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
x-fb-debug
VNyqLp0vx4Jy94qMythjD4umWVPdo8nJVtPI8XYBvrEqmRd3UpNLfdNmf2FaSKcIGg81r0Em+G547Lj28fPwzg==
content-encoding
br
x-content-type-options
nosniff
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 10 May 2021 04:30:04 PDT
strict-transport-security
max-age=15552000; preload
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
image/gif
vary
Accept-Encoding
cache-control
public, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
expires
Mon, 10 May 2021 04:30:04 PDT

Redirect headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:04 GMT
via
1.1 varnish
server
Varnish
x-timer
S1620646205.571957,VS0,VE0
x-served-by
cache-hhn4083-HHN
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YJkZNgAAABlWfSkN&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
ibs:dpid=147592
dpm.demdex.net/ Frame 1DC2
Redirect Chain
  • https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=147592?dpuuid=4a7e626b-6c11-445c-9258-f39f7823edc6-tuct7929eb4
42 B
973 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=147592?dpuuid=4a7e626b-6c11-445c-9258-f39f7823edc6-tuct7929eb4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.47.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-47-58.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v005-0a032e102.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
Mxx+4NF1QGs=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

x-vcl-time-ms
58
date
Mon, 10 May 2021 11:30:04 GMT
via
1.1 varnish
server
nginx
x-timer
S1620646205.849451,VS0,VE58
x-cache
MISS
location
https://dpm.demdex.net/ibs:dpid=147592?dpuuid=4a7e626b-6c11-445c-9258-f39f7823edc6-tuct7929eb4
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn11561-HHN
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame BC41
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldsun.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldsun.com.au/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Mon, 10 May 2021 11:26:39 GMT
expires
Tue, 10 May 2022 11:26:39 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
206
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
demconf.jpg
dpm.demdex.net/ Frame 1DC2
Redirect Chain
  • https://sync.1rx.io/usersync/adobe/0?dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync/adobe/0?zcc=1&dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D&cb=1620646206088
  • https://sync.targeting.unrulymedia.com/csync/RX-64601681-6e43-4b81-8df4-c734f5098771-003?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3DRX-64601681-6e43-4b81-8df4-c734f5098771-003
  • https://dpm.demdex.net/ibs:dpid=461447&dpuuid=RX-64601681-6e43-4b81-8df4-c734f5098771-003
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=461447&dpuuid=RX-64601681-6e43-4b81-8df4-c734f5098771-003
42 B
973 B
Image
General
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=461447&dpuuid=RX-64601681-6e43-4b81-8df4-c734f5098771-003
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.47.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-47-58.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v005-0522813b1.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
RuwVDJZzQto=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v005-0721e0263.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
BIZS40l+R/M=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=461447&dpuuid=RX-64601681-6e43-4b81-8df4-c734f5098771-003
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
juwEKQDXmb_mWiRVknlG87zcbCKCtKTnunSclexXl3A.js
pagead2.googlesyndication.com/bg/ Frame BC41
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/juwEKQDXmb_mWiRVknlG87zcbCKCtKTnunSclexXl3A.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8eec042900d799bfe65a2455927946f3bcdc6c2282b4a4e7ba749c95ec579770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 10:09:02 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 03 May 2021 10:48:00 GMT
server
sffe
age
4864
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5663
x-xss-protection
0
expires
Tue, 10 May 2022 10:09:02 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
58 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021050501&jk=1543304471652086&bg=!xsWlxYHNAAYP3QOmD907ACkAdvg8Wk95LkQaMsZ8LneBqbOIFzsvpHJdzuWtAKL-mEE3n_NOq8S7gQIAAAJWUgAAAC9oAQcKAC36N7Tgnym_pR3QgIe3R6k8ciw1uCXxodhf3CDsERTyx-dIc0fAsHLJWpWlBjOZAlYF8kacm1QawlVaWvOaV-wMGBiKCjVCpKjSR-vZpK28g_wBOmXIpuzPf3G3hsjhRMgAxxQf6u0rO5oHVbT2iWUyxPnhT5LnLHMldhdmFABK2fEPb2v0mKv59uiLX9xc36EwUXJVJU0vfKuQZf1kABuHw1fj8ZN-XkFYP8DiFQ4xGDxM1RfA31EUxv-8TpcM0cstGa6y_zsRNHdyMFcj-DSnJnAU0rdxuDgecwQ_pa7djqwKo4UZGTWAJhkIIL9XyJkj9S29aWrRJH5AECUoWwZgF0XDm-u7U553Y-xr7HQJwedDKE9UeqNFXUn0kJGyrEBX2pWQxJvt0AHSUjQpYngfjdGjnJmJwK5gYurW8J9VIw0yhpFSnMV6GzGwqHncE4d0NqAXKJ5kz2jJwDz9WkToAhgoEAXHb7HeU6HgwkQzH0VjRscYuHAYjjrRVJ_OiPykvttqSHWZ_ND_sfLlNpp2laWbSPfll40wiTxeQwBA3oBLUY6RvISXfKaMieXzoMXptejgfGXFE3MCC81YF15-5Zz4DC9hxd19nqcC7E6Zh8wBWR0saVU74xPApyF6Ra73D1jLNHsoKvTyOaBCuFH2C1xDQZ5j7_Y4Z2l7lBRaRPnkbVQKpXjVusBq1RI2gA8A9euDr64J5bnatiDTIbzulc3d-d5q0HaLNC50KAF871P_NxWr571S_I8YGUYG5v_rJIgw2PimsFbBUARYTHCIa98FUGhSTOAr_0OOO2-EY99fNEadZOEzC35YIkGdCs4L1SCouDibU26iPJ0lcGTJ7duCxdUh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=afe5e89e-cbe0-1049-7549-72127d02c22c&tv=%7Bc:cdkEaF,pingTime:5,time:5974,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:600%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5974,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:600,wc:0.0.1600.1200,ac:1124.612.300.90,am:i,cc:1124.612.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5394~100%5D,as:%5B5394~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:183,fm:sx0uiBU+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C191%7C1a%7C1b111%7C1c%7C1d%7C1e%7C1f.10507%7C1f1%7C1f2%7C1g.10507%7C1g1%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1j.10507%7C1j1%7C1j2%7C1k*.10507%7C1k1%7C1l,idMap:1k*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:07 GMT
x-server-name
dt26.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=afe5e89e-cbe0-1049-7549-72127d02c22c&tv=%7Bc:cdkEaF,pingTime:5,time:5974,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:600%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5975,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:600,wc:0.0.1600.1200,ac:1124.612.300.90,am:i,cc:1124.612.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5395~100%5D,as:%5B5395~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:183,fm:sx0uiBU+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C191%7C1a%7C1b111%7C1c%7C1d%7C1e%7C1f.10507%7C1f1%7C1f2%7C1g.10507%7C1g1%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1j.10507%7C1j1%7C1j2%7C1k*.10507%7C1k1%7C1l,idMap:1k*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:07 GMT
x-server-name
dt18.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=f5babca3-8f77-10ea-6d12-41e7735f6f22&tv=%7Bc:cdkEco,pingTime:5,time:5960,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:1,h:1,t:810%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5960,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:810,wc:0.0.1600.1200,ac:1273.777.1.1,am:i,cc:1273.777.1.1,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5210~100%5D,as:%5B5210~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:171,fm:sx0uiCk+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C191%7C1a%7C1b111%7C1c%7C1d%7C1e%7C1f1%7C1f2%7C1g.10507%7C1g1%7C1g2%7C1h*.10507%7C1h1%7C1i.10507%7C1i1%7C1i2%7C1j1%7C1j2%7C1k.10507%7C1k1%7C1k2%7C1l,idMap:1h*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:07 GMT
x-server-name
dt64.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=f5babca3-8f77-10ea-6d12-41e7735f6f22&tv=%7Bc:cdkEcp,pingTime:5,time:5961,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:1,h:1,t:810%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5961,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:810,wc:0.0.1600.1200,ac:1273.777.1.1,am:i,cc:1273.777.1.1,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5210~100%5D,as:%5B5210~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:171,fm:sx0uiCk+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C191%7C1a%7C1b111%7C1c%7C1d%7C1e%7C1f1%7C1f2%7C1g.10507%7C1g1%7C1g2%7C1h*.10507%7C1h1%7C1i.10507%7C1i1%7C1i2%7C1j1%7C1j2%7C1k.10507%7C1k1%7C1k2%7C1l,idMap:1h*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:07 GMT
x-server-name
dt67.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=2cf6d96d-f0c2-4577-500d-d2a8147ad531&tv=%7Bc:cdkEhD,time:6575,type:e,env:%7Bnr_p:5%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:6575,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:708,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B5885~0%5D,as:%5B5885~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:185,fm:sx0uiBU+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C191%7C1a%7C1b111%7C1c%7C1d%7C1e%7C1f*.10507%7C1f1%7C1g.10507%7C1g1%7C1h.10507%7C1h1%7C1i.10507%7C1i1%7C1j.10507%7C1j1%7C1j2%7C1k.10507%7C1k1%7C1l,idMap:1f*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.17.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:07 GMT
x-server-name
dt63.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
ping
ping.chartbeat.net/
43 B
168 B
Image
General
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2Fnews%2Fbreaking-news%2Fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2Fnews-story%2F3bef7d513ccda66e010bbbd78ece65ae&u=Di5OaOD1OGSJCDUO7h&d=heraldsun.com.au&g=36976&g0=news%2Cbreaking-news%2Cstory%2Cno_video%2Cpc.ct.free&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=3316&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=14925&t=CE2Sb6Mk8ViBNtnaPB4oK2be448r&V=126&tz=-120&_acct=anon&sn=2&sv=BzZ5AKD7fDrnBTu546D5wQuYCuKWxy&sd=1&im=06530c52&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.81.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-81-52.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 11:30:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/akam/11/7c94bf2b
Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/staticweb/fbc6eb3f718ti1818f0a460e313428da5
Domain
dpm.demdex.net
URL
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=f46f22210b798aedf91eefab5b38da78&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F485%2F0%2F8.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/akam/11/7c94bf2b
Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/staticweb/fbc6eb3f718ti1818f0a460e313428da5
Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/akam/11/7c94bf2b
Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/staticweb/fbc6eb3f718ti1818f0a460e313428da5

Verdicts & Comments Add Verdict or Comment

289 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| newscorpau object| LongTaskObserver object| LUX object| LUX_ae object| LUX_al object| _taboola object| utag_data object| bruce_rtget object| ads_api number| LUX_t_start number| LUX_t_end number| topicIndex function| loadjs object| TRC object| _tblConsole string| pm_pgtp undefined| msg object| _comscore object| lazySizes function| Rampart function| webpackHotUpdateRampart object| __core-js_shared__ function| udm_ object| ns_p object| COMSCORE function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd string| _tb_vpx function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter object| app object| vidora function| vidoraTrackExtraElements function| parcelRequire object| utag_err boolean| utag_condload object| domains object| parts string| p object| versaTag undefined| isAsync undefined| httpGetAsync undefined| parseResponse object| utag number| _sf_startpt object| _sf_async_config object| _cbq function| Nielsen_Event object| trac function| _tealium_old_error boolean| __tealium_twc_switch object| nb function| Krux object| auth object| placementData object| sectionData number| _sf_endpt object| unruly number| gptPluginLoaded function| TBClickToPlayVideo function| TBClickToPlayVideoElem function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| oi object| _pm_mcg object| vidora_ns object| newskey object| m string| nam object| _tfa object| metrics object| mready object| mconfig function| AppMeasurement function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_Media object| adobe function| Visitor object| s_c_il number| s_c_in object| s number| sp object| domainArray object| visitor number| s_objectID number| s_giq function| DIL number| width number| height object| ads_core object| ads_extra object| googletag function| ad_tl_cb number| PREBID_CONV_RATE number| PREBID_TIMEOUT object| __iasPET object| kw_ignore object| ggeac object| google_js_reporting_queue object| nn function| pbjsChunk object| pbjs object| _pbjsGlobals function| AppNexusPrebidAnalytics boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_DATA_URL string| ZN_7WDMojjIXvhyOBn_ed string| ZN_7WDMojjIXvhyOBn_sampleRate string| ZN_7WDMojjIXvhyOBn_url object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv object| ncg_data object| GlobalSnowplowNamespace function| _ncg_snowplow object| Snowplow string| matchId function| clsn object| dicnf function| btrp function| pdib3 function| vv function| stcc string| CE_USER_COMMON_SCRIPT_URL function| omrhp function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| ads_ready object| cmTag function| NolTracker function| nol_t function| logger undefined| _rsCC undefined| _rsCG undefined| _rsDN undefined| v52v53_pvar undefined| v52v53_trac undefined| _rsEvent undefined| _rsLinkTrack undefined| _rsClick object| V60 object| NOLBUNDLE object| NOLCMB object| CE2BH number| google_srt function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_companion_error string| s_tnt string| f0 object| s_i_newscorpau-hsweb_newscorpau-global object| versaTagObj object| EBG object| EBGVT object| EBGUIP string| EBservingMode object| gEBMainWindow object| providersData object| diagPixSentCodes object| __iasAdRefreshConfig string| ptclString function| _typeof object| ns object| paramsPassed object| stateObject string| BUILDVERSION object| stateEvents object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| gaGlobal undefined| oneTagObj function| ebDecode object| bsResponseObj object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| __IntegralASExec object| tbopt object| GoogleGcLKhOms object| QSI object| WAFQualtricsWebpackJsonP-cloud-1.50.0 object| google_image_requests

23 Cookies

Domain/Path Name / Value
.imrworldwide.com/ Name: SSCVER
Value: v1
.taboola.com/ Name: t_gid
Value: 4a7e626b-6c11-445c-9258-f39f7823edc6-tuct7929eb4
.adsrvr.org/ Name: TDCPM
Value: CAESEgoDYWFtEgsIuLK5wJ_syTkQBRgFIAEoAjILCIywiuu17Mk5EAU4AQ..
.heraldsun.com.au/ Name: tp
Value: 3316
.heraldsun.com.au/ Name: s_ppv
Value: https%253A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fbreaking-news%2Fgermany-lifts-priority-limits-to-offer-jj-jabs-to-all%2Fnews-story%2F3bef7d513ccda66e010bbbd78ece65ae%253F_hsmi%253D88974744%2526_hsenc%253Dp2ANqtz-8qkyyxLFqAWYVZTorV_T7GyuBuFni395oTlUkT5zoyt4eRNGEgsjVUSoJtQk-1cE4Gj3LJPrPXIRTk3TqULWXTNqVg0bUyar3eW9D2O3piv6_Feq8%2C36%2C36%2C1200
www.heraldsun.com.au/ Name: AWSALBCORS
Value: fhWf32fxVXGApsN6Wf+aa/RopcJavaSI+2wpwmE8WkBz092lf4JY6Ob1mlyt59hebSId3GE+7YcafC7b485o5MmMaFcK4+lUph2l/eGFYphoGaFyguYPi0vLuJ/W
.heraldsun.com.au/ Name: nk
Value: 6a063a2c444c727a7af7a5c20104e35f
.demdex.net/ Name: dextp
Value: 358-1-1620646200841|470-1-1620646201121|481-1-1620646201394|771-1-1620646201626|903-1-1620646202140|19566-1-1620646202441|23728-1-1620646202669|30432-1-1620646202780|30064-1-1620646203076|66757-1-1620646203282|134096-1-1620646203390|144230-1-1620646203711|144231-1-1620646203813|144232-1-1620646203945|144233-1-1620646204072|144234-1-1620646204204|144235-1-1620646204306|144236-1-1620646204418|144237-1-1620646204558
.heraldsun.com.au/ Name: s_ppn
Value: no%20value
www.heraldsun.com.au/ Name: AWSALB
Value: fhWf32fxVXGApsN6Wf+aa/RopcJavaSI+2wpwmE8WkBz092lf4JY6Ob1mlyt59hebSId3GE+7YcafC7b485o5MmMaFcK4+lUph2l/eGFYphoGaFyguYPi0vLuJ/W
.demdex.net/ Name: demdex
Value: 81345772551284393474385986552835357031
www.heraldsun.com.au/ Name: _ncg_marketingCloudVisitorId
Value: 81367023538408189854383879081738332285
.heraldsun.com.au/ Name: AMCV_5FE61C8B533204850A490D4D%40AdobeOrg
Value: -637568504%7CMCIDTS%7C18758%7CMCMID%7C81367023538408189854383879081738332285%7CMCAID%7CNONE%7CMCOPTOUT-1620653398s%7CNONE%7CMCAAMLH-1621250997%7C6%7CMCAAMB-1621250997%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCCIDH%7C0%7CMCSYNCSOP%7C411-18765%7CvVersion%7C5.1.1
.heraldsun.com.au/ Name: s_cc
Value: true
.heraldsun.com.au/ Name: s_gdslv_s
Value: First%20Visit
.doubleclick.net/ Name: IDE
Value: AHWqTUnVgJXGS5gtWupy145qJcDQXLRxf1mQMRbU2Pul-Y278jLgGPDzgN_RiLkl
.heraldsun.com.au/ Name: s_nr
Value: 1620646197938-New
.heraldsun.com.au/ Name: s_gdslv
Value: 1620646197939
.heraldsun.com.au/ Name: n_regis
Value: 123456789
.adsrvr.org/ Name: TDID
Value: add346fb-16d5-48b4-8488-78e0c4a84ba5
.imrworldwide.com/ Name: IMRID
Value: 0dec6380-b183-11eb-9907-69dea3d7ffcd
.heraldsun.com.au/ Name: s_ecid
Value: MCMID%7C81367023538408189854383879081738332285
.heraldsun.com.au/ Name: AMCVS_5FE61C8B533204850A490D4D%40AdobeOrg
Value: 1

8 Console Messages

Source Level URL
Text
console-api debug URL: https://info.silobreaker.com/e2t/tc/VWZgF_8HnrbfW3xG1xn7HjZSMW2_PQhc4rpWy9N6YWdrG4Zc_7V3Zsc37CgF2TW2kHFNR17Q2myW5-tWbv5mlhKnW4Ykh-x66x4prW6JBf4B4JTH_5VmQjMG7ry0fdVBrZHm2sGZ4pN1SLFRgVQ62gVM3c-t2_6B5bV-72Hq9hpDG-VXtdRx4R5wSQVvCv_m7F-fSNW81VF226Nx66GVNRmb_8w7TlqW8gD2dn50n7gTVdlPs35YNdDSW5Vl0D43g_28KW5X5hxL5gJXvMN8lBgfS-ddCnW6cDRfc5jzQQRN8NmnH5KxjGbW325DF72PGGCSW6wt8zM5g-kFbW1BMB4k6BHfG5W7rrlgL2Dpn89W4B7cv-4xycfwW3ztvnK78npxdW1FJq9q8dVfX7W6xydZk4BvRK6W2yNLGM4sSnwRW8t3-YM63rrBjW2RsKJC9dCvWvW7FggNC9j3cCP330d1(Line 13)
Message:
toS
console-api log URL: https://cdn.taboola.com/libtrc/impl.20210506-7-RELEASE.js(Line 3)
Message:
Exit TRCRBox.loadScriptCallback(retry=0): no items in response - thumbnails-bc-desktop-article-02-native
console-api log URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js(Line 3)
Message:
vidora-client 1.3.4 4a354580d3cf929b5a8a7d86ed03be7f4218d021
console-api log URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js(Line 1)
Message:
%c Vidora API finished initializing! background: #222; color: #b9da52
console-api log URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js(Line 18)
Message:
UTRACK loaded (from tealium)
console-api log URL: https://tags.news.com.au/prod/tad/tad.js(Line 6)
Message:
AD CORE ERROR: TypeError: Cannot read property 'disc.segments' of null
console-api log URL: https://tags.news.com.au/prod/tad/tad.js(Line 6)
Message:
AD CORE ERROR: 18 function(e,a){var d=e.localStorage;d["disc.segments"]&&(a.ad_audi_segs=d["disc.segments"].split(",")||[])}
console-api debug URL: https://static.adsafeprotected.com/sca.17.5.5.js(Line 32)
Message:
a: 0.0029296875 ms

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0vsjtgyoeikiiccaepftimuf3dviw1620646198.nuid.imrworldwide.com
15.taboola.com
8228261.fls.doubleclick.net
acdn.adnxs.com
ad.doubleclick.net
adservice.google.com
adservice.google.cz
adservice.google.de
am-vid-events.taboola.com
analytics.twitter.com
assets.vidora.com
au-gmtdmp.mookie1.com
au.tags.newscgp.com
beacon.krxd.net
bh.contextweb.com
bidswitch-eu.splicky.com
bs.serving-sys.com
bttrack.com
c0e85838e9fd350298632fb9d31b4a24.safeframe.googlesyndication.com
cdn-gl.imrworldwide.com
cdn.adsafeprotected.com
cdn.speedcurve.com
cdn.taboola.com
cds.taboola.com
ce.lijit.com
cm.everesttech.net
cm.g.doubleclick.net
content.api.news
d.turn.com
dis.criteo.com
dpm.demdex.net
dsp.adkernel.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
dt.scanscout.com
e1.emxdgt.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
image2.pubmatic.com
image5.pubmatic.com
images.taboola.com
imprammp.taboola.com
info.silobreaker.com
insight.adsrvr.org
js.adsrvr.org
login.newscorpaustralia.com
match.adsrvr.org
match.taboola.com
metrics.heraldsun.com.au
newscorpau.demdex.net
pagead2.googlesyndication.com
ping.chartbeat.net
pips.taboola.com
pixel.adsafeprotected.com
pixel.advertising.com
pixel.rubiconproject.com
ps.eyeota.net
px.ads.linkedin.com
px4.ads.linkedin.com
resourcesssl.newscdn.com.au
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
s.c.appier.net
sb.scorecardresearch.com
script.crazyegg.com
seccdn-gl.imrworldwide.com
secure-dcr.imrworldwide.com
secure-ds.serving-sys.com
secure-gl.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
snap.licdn.com
ssum.casalemedia.com
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.search.spotxchange.com
sync.taboola.com
sync.targeting.unrulymedia.com
t.co
t1.taboola.com
t2.taboola.com
t3.taboola.com
t4.taboola.com
t5.taboola.com
t6.taboola.com
t7.taboola.com
t8.taboola.com
taboola-supply-partners.tremorhub.com
tags.bluekai.com
tags.news.com.au
tags.tiqcdn.com
token.rubiconproject.com
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
ts2020-indies-client.web.app
u.openx.net
us-u.openx.net
use.fontawesome.com
usermatch.krxd.net
vidstat.taboola.com
widget.perfectmarket.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.heraldsun.com.au
www.linkedin.com
x.bidswitch.net
zn7wdmojjixvhyobn-news.siteintercept.qualtrics.com
dpm.demdex.net
login.newscorpaustralia.com
104.109.77.38
104.111.247.190
104.17.209.240
104.244.42.5
104.244.42.67
108.174.10.14
13.224.95.18
13.225.74.49
141.226.124.201
141.226.124.205
141.226.124.208
141.226.124.229
141.226.124.234
141.226.124.235
141.226.224.32
141.226.228.48
142.250.185.194
142.250.185.226
142.250.186.162
15.237.136.106
151.101.113.108
151.101.114.217
151.101.114.49
151.101.65.195
172.105.220.23
172.217.16.134
172.217.23.102
172.217.23.98
174.137.133.49
178.250.0.163
18.195.155.181
18.210.140.68
184.30.20.111
184.30.20.190
185.33.220.243
185.33.220.244
185.64.190.80
185.86.137.131
185.94.180.126
192.132.33.46
198.148.27.139
199.127.207.190
199.232.136.157
199.232.137.181
199.232.137.44
199.60.103.254
2.18.233.180
2.18.234.21
2.22.90.129
2001:678:cb4:bbbb::13
213.19.147.44
216.52.2.19
23.111.9.35
23.45.99.241
23.79.141.98
2600:1f18:612b:4232:3a2c:3c86:af1b:2715
2600:9000:20e8:3400:1d:667e:2a40:93a1
2600:9000:20e8:7800:18:1fcd:34e:d2a1
2600:9000:2190:8400:2:42d9:3100:93a1
2600:9000:2190:d600:1e:a43d:b640:93a1
2600:9000:21f3:6800:4:77d:a0c0:93a1
2606:4700::6813:9308
2606:4700::6813:9408
2620:119:50e4:101::6cae:b55
2620:1ec:21::14
2a00:1450:4001:803::2003
2a00:1450:4001:808::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:811::2002
2a00:1450:4001:811::2008
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2004
2a00:1450:400d:804::2002
2a02:26f0:6c00:2b0::25ea
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:62::300
3.121.49.210
3.122.214.165
3.126.63.176
3.248.66.228
34.243.47.58
34.249.39.204
34.252.115.248
34.252.153.38
34.254.108.170
34.98.64.218
35.227.202.26
49.12.13.182
52.1.81.52
52.58.102.227
54.170.10.95
54.171.0.58
54.171.42.33
54.174.17.129
69.173.144.138
69.173.144.139
82.199.68.72
99.84.156.4
99.84.157.54
0159b2f042d5d98536190f932081e3dfc03adcba92604265705d9979abe3ba85
03cce1892cbfca0c35fe3b1f64307db1269f452bc8eb983a654d68166bfb57c0
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f
0524ac10d2795b62005161c98ca8df6c1b47b74d9e7ad4e3785e248143aadd62
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c
0a5c20fa498bbe10bf8d2cf7618fac06f7c2b0f64541d1613298d44059b532af
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e2a0d6a2f566493f135e5b9c181125638478aeb8126131dce1a595ed5b52d61
0f961c62a5d3faf422bafd5ce3c490a54b95c68a1bb5aaca37b66a8257fe02ea
11b0c2bf6a32399b56dc48d1e3a184553c4f4628cb9a35c0c09d1c1857d496d9
1647e28020eaa5351a43d1583a9714bfeedddd6390c1bf4ab3b50f763ac81be5
1bd56cc37f79d870e73de6e0fcfac46f9176ea52ce116aac90c9f67a29908b68
1ee5cf3dbb48f6e0f34e65cba979c01d753052bdcd78ff9d6971189dcd215e79
1f676d03a4dc4027d2705ecb082426d707bfe4f8f99b014ad571dc453b8538ba
1fa06bea7bb296b456d46727e9b3a4a62cbfb2901247b9f93434c4cb3b7fbd18
203e6a61b58046221bbf6ade2ba5b3f050244ab0f76e87326bbcc1e9cde86862
2215f50cb99824ed2786a5d12df72b5dbc304b85f28cd5b873b645cccc3b7411
2479d8751b0a3c14caa2be2b548f4555e7e44bbdfa06e11116646c076d0a55eb
2553ba72a764502f4a50db4df2a86d6d58d87826d002308b7308562bf3d6fbd6
2a87453753b5611e7806718ec99a837dc8068d9eb20b4b6b3bb0d38ee2bd84d4
2b23e426180b375a90ef49bce5c63b7b251f0fccc97f1dff3d00aa473dda857f
2d73e6fc5c61e17b7539da439f8a6903ffd613270b379c9a54a96124ce1b99c4
2fe7f70a0b45b7560102d96f7a01ed4a77734bd9c7bdcb29dc491c47db63f56e
3161995ac3982486cbce792367f4ebb2290978058b9f4fdcb40f6aaa76c7b94f
3514acf61732f662da19625f7fe781c3e483f2dce8506012f3bb393f5003e105
37b4c988b99e3d4d6551acde1da66511e684b1990ff7364786a1a14716392317
38755f4f7f08d98e96a63c2d2af8f815e7c29220a3ece6794ba3f5e1b96df857
3883ff2a5b46193da5464f5ae5fb94169d1361cfecedbd187439d459dc669f31
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3b27f022aa501b26e80948155fc3c5ff4967af37488a92ee8975d8cd0cfe9072
3bb30175b6cfcb8f16994fcb4021621905649d6768f50e8eea582af5d5fc1485
3dc57c5171ff92684ab5076a6d01666bccb089546d28a7bbcfafb6d0d31371e3
42d46de83f0f3568252f90ea95d4ca2997e0f2040f0435ae227d764641699a08
4379b5695f319d7ad15e6c86346e9117f0b4f4a8d4bcbab18aa840fd9e6d900a
452f6b1cd9c500d27a27a99770be327180c3f50de3cc67890e60bca7393c5f7a
4754c1f1fb712883286295c92774dddebef215996cfdfab9fd972d265473f025
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
48fa84ace8346ffa2987bc0c581604a77d113e603a871ffcb808607e6a0cbea7
4a44dc15364204a80fe80e9039455cc1608281820fe2b24f1e5233ade6af1dd5
4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e9b1e9b290756c5ebc9849983de1f7d7db1685f76386ada579863f26897ec5f
4f4d00e7aed59025a4848820e55d40fa73a09943e767d4870414d8be3102d5f1
4fc2c58a06a817ef89a0c00403b7b5b0158f105ff0818f0c91ec274acc73f65e
5254f094364127f251dd78e3d1f019b8e09529469689d2d419e9de8458a0289f
54138d578ed166d5381db70b3dd14a16830233553b6e4213402bae2fdb0564b4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
560ff2564fbf2bef305cf0e9533c4db2671c96297d978fd31ac0310727fe455f
584ebca28b361c3381c686b75b71c2cb4cdc074bc0ba6e44980c9db33c5cdf1c
59587e68ed187fdfda4f5f89b3e97a64690a13463dfefc1141eaea03bebdc1eb
59bf4920a322377c761eec2dba5b7de57b64267e82b0d3a7e9fafcfd4a954e34
5c64e98b7d26b27f3235a6b049f4da5a8b1ed471ee0f2d4508e342bcb216eb2e
5d630b02705945f83750220e2544986af8ae2699aa1a60cc543dc14f0214888d
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
5fdc9cb116e3a6cb2363710075fbff64f49b72356d6130f60e39070501c571a7
67e952054c1ddf72b415a0752bc36f02602170a1521daf25c8da2fc6aae0901f
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ae53ddcaf317c2fa6382c22e44a3bc39d5cd3a24a0fb603d69ff1f85b3e4bb9
6d90199995b493e006d03ef62d624e59120a272ed586ff1496bd7a5c38ccb3fe
6e23aed99c20b342c9eda33b7ee83bc99ec8a82f470ce210ee0ac508ad51764f
6f0ca792ec208f397ce0c6c2c618e589caafc5f89513fada42f74afc93757513
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
73854a96802204f2318120247a7be8c22098bf32c657877d95072c85a75ec7ce
75481bc06d1b02e50fd1cc921a7838e3af6caa9b8c0745b50182ebf29f195e20
76c701242dd43847e2d4a8141f86d6a278372bb9610fd6f33931a39d03a9e9e4
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7fd1737f4343dbfc7a9b915eaf41e30b6f114d254d7043d13b4faa370a36589c
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
843b6a1b611f1736a75913ef5f29a81cfd6e12677de275ce9a4c666b604856dc
85929b3bd74ea2b75664a0e4caa43b13d92c1a8f852f42aa7ea437aa6d4cc7c0
8719e7caa8c8992a1d546c7a38c708d4929dd04bde1be9381def52752fd2a97f
88e3ab3726a717c924e5a6e053d7de073775f949b9f37dd605c926bc894f70e3
89868194e8809928df37974211d2477ad0723d6aee71386fb438b3e939eb5bce
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8add9975d90befa00fd949bddf38c8fbde9e000837058684bd26366e71b3ddfb
8d0699772b8ca80d6ef1ac55871141afd77cda372f15f1a97b74b41dae70ab25
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8eec042900d799bfe65a2455927946f3bcdc6c2282b4a4e7ba749c95ec579770
916d29998baf302ea3c88e031e6f77370ef2aff02258f1b53557599099d27cdc
919a09d45286a3828a624e7dae7c7ee6b964ba70339274d8e333c5aaaf9c9ec9
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
9a2c0fa57655ccdccf8f7279e06d01c8bd1a2629c867273a353cf1716be25c2f
9ae93b2ff1000bea7d2a98cb3d1eb6107f323e9df877e49910a791d6b66d38cd
9c3d77384bc88b60d02c72e5cb67ed44126a5ec614e78418051d1e5f89d4cf2b
9c96c025f6aa0b8edff6538d533ddd012d17e860c8fa47140314e81886ce22e0
9cd58fce5ff7afd625c8e887719242e31afdc0bbfd418eb34d1eb8c9789b84a4
9f913de90542600aefb250777caea436cc05f3375c863a9b73df402c33a772b3
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a56e82f34c03b1bed67b86e8b09d36303d6204eeb04b968f8fe38077753606ca
a6a0a880b5769e74039e7ec403414810372d896d37135a19873550d77a0a9db3
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
a9d96c8f52514ad48275a1129da67f48c472099bd5e3a24dda11da2051deab34
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3
acfb1f0de15111045cdd0e765b51a974602fed8d35459a3fad5e1b02d09b7dba
aeff34d9a1c253a230b7436d1f8798f9d4d096c0dd88ac2983997dce9ef88508
af5bbafcef5026ac024c9528dd0b97282f13e1b7d10067e3ab8a9b911ed49d1b
b0432bf9dca6f2e848c24bb292d10c9d033d2810d2693aec548b9615adf31afa
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2239ae33d9bc5614aeb2e439e5032b1fe77c32f7080d3211c1d03f1b17ffcf6
b29931367cd621ea1692edbea60116c047e03b3f875d30de895014968cbd2a23
b7a56873cd771f2c446d369b649430b65a756ba278ff97ec81bb6f55b2e73569
b8d54469be918f4a8dee30d099dc5bcce1eb96307d53c68e6e4fac7f1e7b1783
bd593738a891a936a67a7191c363aa93d6a0e0f250a36dc91e0029af0f3e0c45
bea52b91b6dbf31fcf8408d0044f09af2e60861ef77139eb9b8449aa0054dc27
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c23d2c9f5b7e41763b497c7692a53ce1e675ae659bdc34465ca28ab0303f0720
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6b30be9e2ecab19294bbf313c1b95df4ef35c8299bbabfd6e4ec67d95a12376
c7a8d4e8c6cad88c36def71504911446af10622eddf2c23004e9cb586fcd7db6
c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9
c90eae5c92821e1331128c9346a7665710813be0bad539e27f94720fcadd970e
cccb55119ca1004cd1403b4cbff46c008d1445bc2cc564305375f3075e6e8370
cf103e9bc0c68d131d1e72f3a0ca735940b78f346c77ada13c5604e3bd25ad44
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d11d66932ac90e719a11bf552b4b540c73e198327e18b33be7e7e0fb964f567c
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d1c5be6d1dd5d44c04629c07cdc5a156568bf10bb05a5534a3d57988b6de3778
d5ba954163b526260314b95b75779981e8bc6645c4b3a7bd40cede3ba2799c80
d8b8984160a1818979a36adbaed0dccb73e48baed2172ad8424beb42dae6802f
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0
da4c81ef1f258a59c89e07f6599b86b9716185e7d670448c7ecaa9efe733a439
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e622f972a533e836c93c8b54e7df050987b19c41291fdeaee4e058893ef62e7c
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596
eb96f89f9100a775ab32d86cf5c4cade0a7098fc7143a9bbe36db732612114fd
ecc2853c85e37f5544d87b8c8322b33bcb8986bf36e480d404da04bc221adb04
edd73ff142720afe38347d11e0988873aec974007ccc0bbbc47b13d3eaf67822
ee0a7fdd5b315817774fc9f3c302bb1470236e0e177fe8ef8334c2f6f75afc1d
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef709e777d80faa6c525302f27dfba5c66d58dc0a77e693784ac71e09a063e42
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
efcd038fff3becbe148fefb893ed26081fd0d8e7293fcd49d470c13fcd522e02
f0248976da97cef9d507c26ab78186f1fc82a4dc71963f29cc49946f09e72d69
f1ee7667b8d20bbe534936e8c50e5fd9f86af66f5d6929d63729470d3520bebc
f2f6d277e9a00330022be2b7ef4441ed84127e2359bfe7f7800c10f294e81917
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
f38157169b04e155407cd1e52fe8b438a50392ded1586889d950fbe032ddcef9
f3e6e25d787a95a0d90f41dc93958920a16c6498130914ee14e3bf72b09d34ec
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903
f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d
f6f9b28ce46bc46d6dc12b7a3e09437e46b159144cf7ea835cfd4702cad05ad8
fb2cb737a3db9426e955b9ae803f952b73786fa129fbed049e59ef40fce288c9
fb6f4b882df35b6fd50f42b8558155ef480fe7ed2569c167237b9e64aaabbb1b
fd41d1034a0b5a6c64a8f9318eacedc8d05021d30f3a5e586a9fdfd648ee6a1e