www.heraldsun.com.au Open in urlscan Pro
2.18.233.28 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.heraldsun.com.au//
Effective URL:
https://www.heraldsun.com.au/?nk=cadeda36c756ad14e35322721241c57b-1620803493
Submission: On May 12 via api (May 12th 2021, 7:11:58 am UTC) from AU

Summary HTTP 297 Redirects Links 56 Behaviour Indicators

Summary

This website contacted 87 IPs in 9 countries across 66 domains to perform 297 HTTP transactions. The main IP is 2.18.233.28, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.heraldsun.com.au.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 25th 2021. Valid for: a year.

This is the only time www.heraldsun.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 32	2.18.233.28 2.18.233.28	16625 (AKAMAI-AS) (AKAMAI-AS)
1 8	2.18.233.169 2.18.233.169	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.14.217 151.101.14.217	54113 (FASTLY) (FASTLY)
1 16	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
1	2a04:fa87:fff... 2a04:fa87:fffd::c000:42d0	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2600:9000:205... 2600:9000:2057:7400:1e:c291:240:93a1	16509 (AMAZON-02) (AMAZON-02)
11	104.75.88.206 104.75.88.206	16625 (AKAMAI-AS) (AKAMAI-AS)
2	52.95.132.238 52.95.132.238	16509 (AMAZON-02) (AMAZON-02)
1	52.95.129.39 52.95.129.39	16509 (AMAZON-02) (AMAZON-02)
2	151.101.13.181 151.101.13.181	54113 (FASTLY) (FASTLY)
1 3	13.224.95.70 13.224.95.70	16509 (AMAZON-02) (AMAZON-02)
1	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
4	104.111.230.77 104.111.230.77	16625 (AKAMAI-AS) (AKAMAI-AS)
4	104.109.77.38 104.109.77.38	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.1.195 151.101.1.195	54113 (FASTLY) (FASTLY)
2 9	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	142.250.185.102 142.250.185.102	15169 (GOOGLE) (GOOGLE)
1	2600:9000:212... 2600:9000:2127:4800:18:1fcd:34e:d2a1	16509 (AMAZON-02) (AMAZON-02)
2 19	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1 2	2600:9000:219... 2600:9000:2190:b000:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:219... 2600:9000:2190:d400:2:42d9:3100:93a1	16509 (AMAZON-02) (AMAZON-02)
1	65.9.97.117 65.9.97.117	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.111.247.190 104.111.247.190	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.224.95.82 13.224.95.82	16509 (AMAZON-02) (AMAZON-02)
2	35.173.41.90 35.173.41.90	14618 (AMAZON-AES) (AMAZON-AES)
2 15	52.214.120.236 52.214.120.236	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:211... 2600:9000:211e:4400:4:77d:a0c0:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	52.51.173.153 52.51.173.153	16509 (AMAZON-02) (AMAZON-02)
2	15.237.76.117 15.237.76.117	16509 (AMAZON-02) (AMAZON-02)
1 1	34.253.145.149 34.253.145.149	16509 (AMAZON-02) (AMAZON-02)
11	34.252.255.244 34.252.255.244	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	82.199.68.73 82.199.68.73	15830 (EQUINIX-C...) (EQUINIX-CONNECT)
6	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
3 8	185.33.220.244 185.33.220.244	29990 (ASN-APPNEX) (ASN-APPNEX)
5	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2	13.226.89.119 13.226.89.119	16509 (AMAZON-02) (AMAZON-02)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2b0::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	151.101.113.108 151.101.113.108	54113 (FASTLY) (FASTLY)
2 4	172.217.23.102 172.217.23.102	15169 (GOOGLE) (GOOGLE)
3	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	35.227.202.26 35.227.202.26	15169 (GOOGLE) (GOOGLE)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (TURN) (TURN)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2 2	2620:119:50e6... 2620:119:50e6:101::6cae:b05	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
10	54.76.195.29 54.76.195.29	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	54.73.48.96 54.73.48.96	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:211... 2600:9000:211e:4200:1d:667e:2a40:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
19	104.244.36.20 104.244.36.20	7415 (ADSAFE-1) (ADSAFE-1)
1	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	199.127.207.190 199.127.207.190	26120 (RHYTHMONE) (RHYTHMONE)
2 2	18.156.12.32 18.156.12.32	16509 (AMAZON-02) (AMAZON-02)
1 3	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	72.251.249.13 72.251.249.13	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	185.86.138.142 185.86.138.142	201081 (SMARTADSE...) (SMARTADSERVER)
1	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 3	51.89.20.87 51.89.20.87	16276 (OVH) (OVH)
2 2	52.58.206.142 52.58.206.142	16509 (AMAZON-02) (AMAZON-02)
1 1	172.105.221.29 172.105.221.29	63949 (LINODE-AP...) (LINODE-AP Linode)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
3 3	35.157.13.124 35.157.13.124	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.132.144 185.29.132.144	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	18.184.216.10 18.184.216.10	16509 (AMAZON-02) (AMAZON-02)
2	141.226.124.218 141.226.124.218	200478 (TABOOLA-AS) (TABOOLA-AS)
1	141.226.124.223 141.226.124.223	200478 (TABOOLA-AS) (TABOOLA-AS)
1	141.226.124.237 141.226.124.237	200478 (TABOOLA-AS) (TABOOLA-AS)
1	141.226.124.225 141.226.124.225	200478 (TABOOLA-AS) (TABOOLA-AS)
1	141.226.124.212 141.226.124.212	200478 (TABOOLA-AS) (TABOOLA-AS)
1	141.226.124.210 141.226.124.210	200478 (TABOOLA-AS) (TABOOLA-AS)
1	141.226.124.205 141.226.124.205	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2a04:4e42:62:... 2a04:4e42:62::300	54113 (FASTLY) (FASTLY)
2	34.254.108.170 34.254.108.170	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1 1	35.172.143.213 35.172.143.213	14618 (AMAZON-AES) (AMAZON-AES)
1	34.246.207.243 34.246.207.243	16509 (AMAZON-02) (AMAZON-02)
1 1	23.45.99.241 23.45.99.241	16625 (AKAMAI-AS) (AKAMAI-AS)
8 8	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 2	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
1 1	213.19.147.44 213.19.147.44	3356 (LEVEL3) (LEVEL3)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
297	87

32 2.18.233.28 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-28.deploy.static.akamaitechnologies.com

www.heraldsun.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
content.api.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mhr.talk.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.18.233.169 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-169.deploy.static.akamaitechnologies.com

tags.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.speedcurve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 151.101.13.44 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffd::c000:42d0 (Ireland)

ASN2635 (AUTOMATTIC, US)

origin.go.heraldsun.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:7400:1e:c291:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

s1.rui.au.reastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.75.88.206 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-206.deploy.static.akamaitechnologies.com

resourcesssl.newscdn.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.132.238 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-southeast-2.amazonaws.com

news-networkeditorial.s3-ap-southeast-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.95.129.39 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-2.amazonaws.com

s3-ap-southeast-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.13.181 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

widget.perfectmarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.95.70 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-70.zrh50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.35 (United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.230.77 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-77.deploy.static.akamaitechnologies.com

login.newscorpaustralia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.109.77.38 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-77-38.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.195 (United States)

ASN54113 (FASTLY, US)

ts2020-indies-client.web.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 141.226.228.48 (Netherlands) 2 redirects

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:4800:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.250.181.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2190:b000:1e:a43d:b640:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2190:d400:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
seccdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.97.117 (United States)

ASN16509 (AMAZON-02, US)

au.tags.newscgp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.247.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-247-190.deploy.static.akamaitechnologies.com

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.95.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-82.zrh50.r.cloudfront.net

cdn.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.173.41.90 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-41-90.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 52.214.120.236 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-120-236.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:4400:4:77d:a0c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.vidora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.173.153 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-173-153.eu-west-1.compute.amazonaws.com

newscorpau.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.237.76.117 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-76-117.eu-west-3.compute.amazonaws.com

metrics.heraldsun.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.145.149 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 34.252.255.244 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-255-244.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b7cb491d6e56c9ea1a104c2aa3acc6b1.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.199.68.73 (Lemelerveld, Netherlands)

ASN15830 (EQUINIX-CONNECT, GB)

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.33.220.244 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.89.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-89-119.prg50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2b0::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.23.102 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f102.1e100.net

8228261.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.202.26 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 26.202.227.35.bc.googleusercontent.com

au-gmtdmp.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e6:101::6cae:b05 (United States) 2 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 54.76.195.29 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.73.48.96 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

secure-dcr.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:4200:1d:667e:2a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

xdyi6ybxuapcdzzigbvboajpbuuwp1620803497.nuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 76.223.111.131 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 104.244.36.20 (United States)

ASN7415 (ADSAFE-1, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

image5.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.127.207.190 (United States) 1 redirects

ASN26120 (RHYTHMONE, US)

dt.scanscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.12.32 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.148.27.139 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.13 (Amsterdam, Netherlands) 1 redirects

ASN29791 (VOXEL-DOT-NET, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.142 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.20.87 (London, United Kingdom) 2 redirects

ASN16276 (OVH, FR)

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.206.142 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.105.221.29 (Tokyo, Japan) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1875-29.members.linode.com

s.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.157.13.124 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.144 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.216.10 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.124.218 (Israel)

ASN200478 (TABOOLA-AS, IL)

t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t4.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.124.223 (Israel)

ASN200478 (TABOOLA-AS, IL)

t2.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.124.237 (Israel)

ASN200478 (TABOOLA-AS, IL)

t3.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.124.225 (Israel)

ASN200478 (TABOOLA-AS, IL)

t5.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.124.212 (Israel)

ASN200478 (TABOOLA-AS, IL)

t6.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.124.210 (Israel)

ASN200478 (TABOOLA-AS, IL)

t7.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.124.205 (Israel)

ASN200478 (TABOOLA-AS, IL)

t8.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:62::300 (United States)

ASN54113 (FASTLY, US)

pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.108.170 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.172.143.213 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.246.207.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.99.241 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-99-241.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.114.49 (Frankfurt am Main, Germany) 8 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (United States) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.45 (United Kingdom) 2 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.44 (United Kingdom) 1 redirects

ASN3356 (LEVEL3, US)

sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	adsafeprotected.com cdn.adsafeprotected.com pixel.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	476 KB
35	taboola.com 3 redirects cdn.taboola.com trc.taboola.com trc-events.taboola.com sync.taboola.com match.taboola.com sync-t1.taboola.com t1.taboola.com t2.taboola.com t3.taboola.com t4.taboola.com t5.taboola.com t6.taboola.com t7.taboola.com t8.taboola.com pips.taboola.com cds.taboola.com	172 KB
26	doubleclick.net 4 redirects ad.doubleclick.net securepubads.g.doubleclick.net googleads4.g.doubleclick.net 8228261.fls.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	158 KB
25	googlesyndication.com pagead2.googlesyndication.com b7cb491d6e56c9ea1a104c2aa3acc6b1.safeframe.googlesyndication.com tpc.googlesyndication.com	78 KB
18	heraldsun.com.au 3 redirects www.heraldsun.com.au origin.go.heraldsun.com.au metrics.heraldsun.com.au	620 KB
16	demdex.net 2 redirects dpm.demdex.net newscorpau.demdex.net	20 KB
16	api.news content.api.news	365 KB
11	imrworldwide.com 1 redirects secure-gl.imrworldwide.com cdn-gl.imrworldwide.com seccdn-gl.imrworldwide.com secure-dcr.imrworldwide.com xdyi6ybxuapcdzzigbvboajpbuuwp1620803497.nuid.imrworldwide.com	79 KB
11	newscdn.com.au resourcesssl.newscdn.com.au	73 KB
9	adnxs.com 3 redirects ib.adnxs.com acdn.adnxs.com secure.adnxs.com	10 KB
9	google.com adservice.google.com www.google.com	513 B
9	everesttech.net 9 redirects cm.everesttech.net sync-tm.everesttech.net	2 KB
9	news.com.au 1 redirects tags.news.com.au mhr.talk.news.com.au	219 KB
7	adsrvr.org 3 redirects js.adsrvr.org match.adsrvr.org insight.adsrvr.org	6 KB
6	googletagservices.com www.googletagservices.com	204 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
4	crazyegg.com script.crazyegg.com	25 KB
4	tiqcdn.com tags.tiqcdn.com	22 KB
4	newscorpaustralia.com login.newscorpaustralia.com	12 KB
3	bidswitch.net 3 redirects x.bidswitch.net	1 KB
3	id5-sync.com 2 redirects id5-sync.com	4 KB
3	openx.net 1 redirects u.openx.net us-u.openx.net	609 B
3	casalemedia.com 2 redirects ssum.casalemedia.com dsum-sec.casalemedia.com	3 KB
3	pubmatic.com image5.pubmatic.com simage2.pubmatic.com image2.pubmatic.com	2 KB
3	rubiconproject.com token.rubiconproject.com pixel.rubiconproject.com	692 B
3	googleadservices.com www.googleadservices.com	44 KB
3	google.be adservice.google.be www.google.be	1 KB
3	serving-sys.com secure-ds.serving-sys.com bs.serving-sys.com	21 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
3	amazonaws.com news-networkeditorial.s3-ap-southeast-2.amazonaws.com s3-ap-southeast-2.amazonaws.com	38 KB
2	1rx.io 2 redirects sync.1rx.io	900 B
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	krxd.net 1 redirects usermatch.krxd.net beacon.krxd.net	527 B
2	360yield.com 2 redirects ice.360yield.com	1012 B
2	lijit.com 1 redirects ce.lijit.com	1018 B
2	contextweb.com 1 redirects bh.contextweb.com	819 B
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com	1 KB
2	googletagmanager.com www.googletagmanager.com	67 KB
2	chartbeat.net ping.chartbeat.net	337 B
2	perfectmarket.com widget.perfectmarket.com	32 KB
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	475 B
1	facebook.com www.facebook.com	498 B
1	bluekai.com 1 redirects tags.bluekai.com	836 B
1	twitter.com analytics.twitter.com	662 B
1	eyeota.net 1 redirects ps.eyeota.net	418 B
1	mathtag.com 1 redirects sync.mathtag.com	688 B
1	bttrack.com bttrack.com	380 B
1	appier.net 1 redirects s.c.appier.net	361 B
1	criteo.com 1 redirects dis.criteo.com	503 B
1	emxdgt.com e1.emxdgt.com	59 B
1	smartadserver.com rtb-csync.smartadserver.com	697 B
1	adkernel.com dsp.adkernel.com	233 B
1	scanscout.com 1 redirects dt.scanscout.com	692 B
1	google.de www.google.de	108 B
1	t.co t.co	458 B
1	turn.com 1 redirects d.turn.com	402 B
1	mookie1.com au-gmtdmp.mookie1.com	609 B
1	licdn.com snap.licdn.com	2 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	vidora.com assets.vidora.com	4 KB
1	newscgp.com au.tags.newscgp.com	48 KB
1	chartbeat.com static.chartbeat.com	23 KB
1	web.app ts2020-indies-client.web.app	3 KB
1	fontawesome.com use.fontawesome.com	13 KB
1	reastatic.net s1.rui.au.reastatic.net	9 KB
1	speedcurve.com cdn.speedcurve.com	7 KB
297	66

	Domain	Requested by
19	dt.adsafeprotected.com	www.heraldsun.com.au
18	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
16	content.api.news	www.heraldsun.com.au
15	dpm.demdex.net	2 redirects www.heraldsun.com.au tags.news.com.au
15	www.heraldsun.com.au	3 redirects www.heraldsun.com.au tags.tiqcdn.com
13	securepubads.g.doubleclick.net	tags.tiqcdn.com securepubads.g.doubleclick.net www.heraldsun.com.au www.googletagservices.com
11	pixel.adsafeprotected.com	cdn.adsafeprotected.com www.heraldsun.com.au
11	resourcesssl.newscdn.com.au	www.heraldsun.com.au ts2020-indies-client.web.app
10	static.adsafeprotected.com	pixel.adsafeprotected.com www.heraldsun.com.au
9	cdn.taboola.com	www.heraldsun.com.au cdn.taboola.com
8	sync-tm.everesttech.net	8 redirects
8	tags.news.com.au	1 redirects tags.tiqcdn.com au.tags.newscgp.com
6	www.google.com	securepubads.g.doubleclick.net www.heraldsun.com.au
6	www.googletagservices.com	securepubads.g.doubleclick.net
6	pagead2.googlesyndication.com	ad.doubleclick.net securepubads.g.doubleclick.net www.heraldsun.com.au tpc.googlesyndication.com
6	trc.taboola.com	1 redirects cdn.taboola.com www.heraldsun.com.au
5	sync.taboola.com	2 redirects www.heraldsun.com.au
5	ib.adnxs.com	3 redirects www.heraldsun.com.au
5	cdn-gl.imrworldwide.com	www.heraldsun.com.au seccdn-gl.imrworldwide.com secure-gl.imrworldwide.com cdn-gl.imrworldwide.com
4	cm.g.doubleclick.net	2 redirects www.heraldsun.com.au
4	8228261.fls.doubleclick.net	2 redirects www.heraldsun.com.au
4	script.crazyegg.com	tags.tiqcdn.com script.crazyegg.com
4	tags.tiqcdn.com	www.heraldsun.com.au tags.tiqcdn.com
4	login.newscorpaustralia.com	www.heraldsun.com.au login.newscorpaustralia.com
3	x.bidswitch.net	3 redirects
3	id5-sync.com	2 redirects
3	match.adsrvr.org	3 redirects
3	googleads.g.doubleclick.net	www.googleadservices.com
3	secure.adnxs.com	www.heraldsun.com.au
3	www.googleadservices.com	secure-ds.serving-sys.com www.googletagmanager.com
3	adservice.google.com	securepubads.g.doubleclick.net 8228261.fls.doubleclick.net
3	sb.scorecardresearch.com	1 redirects cdn.taboola.com www.heraldsun.com.au
2	sync.1rx.io	2 redirects
2	sync.search.spotxchange.com	1 redirects www.heraldsun.com.au
2	insight.adsrvr.org	js.adsrvr.org
2	ice.360yield.com	2 redirects
2	sync-t1.taboola.com	www.heraldsun.com.au
2	ce.lijit.com	1 redirects www.heraldsun.com.au
2	bh.contextweb.com	1 redirects www.heraldsun.com.au
2	pixel.rubiconproject.com	www.heraldsun.com.au
2	u.openx.net	1 redirects www.heraldsun.com.au
2	rtb.mfadsrvr.com	2 redirects
2	ssum.casalemedia.com	2 redirects
2	www.google.be	www.heraldsun.com.au
2	secure-dcr.imrworldwide.com	www.heraldsun.com.au
2	px.ads.linkedin.com	2 redirects
2	www.googletagmanager.com	secure-ds.serving-sys.com
2	js.adsrvr.org	secure-ds.serving-sys.com
2	metrics.heraldsun.com.au	tags.news.com.au www.heraldsun.com.au
2	ping.chartbeat.net	www.heraldsun.com.au
2	secure-ds.serving-sys.com	tags.tiqcdn.com secure-ds.serving-sys.com
2	secure-gl.imrworldwide.com	1 redirects www.heraldsun.com.au
2	trc-events.taboola.com	www.heraldsun.com.au
2	widget.perfectmarket.com	cdn.taboola.com widget.perfectmarket.com
2	news-networkeditorial.s3-ap-southeast-2.amazonaws.com	www.heraldsun.com.au
1	cds.taboola.com	cdn.taboola.com
1	sync.targeting.unrulymedia.com	1 redirects
1	www.facebook.com	www.heraldsun.com.au
1	image2.pubmatic.com	www.heraldsun.com.au
1	us-u.openx.net	www.heraldsun.com.au
1	dsum-sec.casalemedia.com	www.heraldsun.com.au
1	tags.bluekai.com	1 redirects
1	beacon.krxd.net
1	usermatch.krxd.net	1 redirects
1	analytics.twitter.com	static.ads-twitter.com
1	pips.taboola.com	cdn.taboola.com
1	t8.taboola.com	cdn.taboola.com
1	t7.taboola.com	cdn.taboola.com
1	t6.taboola.com	cdn.taboola.com
1	t5.taboola.com	cdn.taboola.com
1	t4.taboola.com	cdn.taboola.com
1	t3.taboola.com	cdn.taboola.com
1	t2.taboola.com	cdn.taboola.com
1	t1.taboola.com	cdn.taboola.com
1	ps.eyeota.net	1 redirects
1	sync.mathtag.com	1 redirects
1	bttrack.com	www.heraldsun.com.au
1	s.c.appier.net	1 redirects
1	dis.criteo.com	1 redirects
1	e1.emxdgt.com	www.heraldsun.com.au
1	rtb-csync.smartadserver.com	www.heraldsun.com.au
1	simage2.pubmatic.com	www.heraldsun.com.au
1	dsp.adkernel.com	www.heraldsun.com.au
1	match.taboola.com	www.heraldsun.com.au
1	dt.scanscout.com	1 redirects
1	image5.pubmatic.com	www.heraldsun.com.au
1	xdyi6ybxuapcdzzigbvboajpbuuwp1620803497.nuid.imrworldwide.com	www.heraldsun.com.au
1	www.google.de	www.heraldsun.com.au
1	t.co	www.heraldsun.com.au
1	px4.ads.linkedin.com	www.heraldsun.com.au
1	www.linkedin.com	1 redirects
1	token.rubiconproject.com	www.heraldsun.com.au
1	d.turn.com	1 redirects
1	au-gmtdmp.mookie1.com	www.heraldsun.com.au
1	acdn.adnxs.com	www.heraldsun.com.au
1	snap.licdn.com	www.heraldsun.com.au
1	static.ads-twitter.com	www.heraldsun.com.au
1	bs.serving-sys.com	secure-ds.serving-sys.com
1	b7cb491d6e56c9ea1a104c2aa3acc6b1.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.be	securepubads.g.doubleclick.net
1	cm.everesttech.net	1 redirects
1	newscorpau.demdex.net	tags.news.com.au
1	googleads4.g.doubleclick.net	ad.doubleclick.net
1	assets.vidora.com	www.heraldsun.com.au
1	cdn.adsafeprotected.com	tags.news.com.au
1	seccdn-gl.imrworldwide.com	tags.news.com.au
1	au.tags.newscgp.com	tags.tiqcdn.com
1	static.chartbeat.com	tags.tiqcdn.com
1	ad.doubleclick.net	tags.tiqcdn.com
1	ts2020-indies-client.web.app	www.heraldsun.com.au
1	mhr.talk.news.com.au	www.heraldsun.com.au
1	use.fontawesome.com	cdn.taboola.com
1	s3-ap-southeast-2.amazonaws.com	www.heraldsun.com.au
1	s1.rui.au.reastatic.net	www.heraldsun.com.au
1	origin.go.heraldsun.com.au	www.heraldsun.com.au
1	cdn.speedcurve.com	www.heraldsun.com.au
297	116

This site contains links to these domains. Also see Links.

Domain
www.plusrewards.com.au
myaccount.heraldsun.com.au
www.escape.com.au
supercoach.com.au
tips.com.au
supercoach.heraldsun.com.au
www.realestate.com.au
heraldsun.com.au
heraldsun.digitaleditions.com.au
www.facebook.com
www.twitter.com
www.instagram.com
myaccount.news.com.au
www.newsletters.news.com.au
www.newscorpaustralia.com
www.newsphotos.com.au
www.newsconcierge.com.au
www.dailytelegraph.com.au
www.couriermail.com.au
www.adelaidenow.com.au
www.news.com.au
www.theaustralian.com.au
www.themercury.com.au
www.geelongadvertiser.com.au
www.cairnspost.com.au
www.goldcoastbulletin.com.au
www.townsvillebulletin.com.au
www.thechronicle.com.au
www.ntnews.com.au
www.weeklytimesnow.com.au
www.buysearchsell.com.au
leader.local.heraldsun.com.au
www.foxsports.com.au
www.foxtel.com.au
hipages.com.au
kayosports.com.au
www.mytributes.com.au
www.punters.com.au
www.odds.com.au
www.racenet.com.au
apps.apple.com
play.google.com
preferences.news.com.au
vip.wordpress.com

Subject Issuer	Validity	Valid
news.com.au DigiCert SHA2 Secure Server CA	`2021-02-25` - `2022-02-28`	a year	crt.sh
*.speedcurve.com GlobalSign Atlas R3 DV TLS CA 2020	`2020-12-09` - `2022-01-10`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
origin.go.heraldsun.com.au R3	`2021-05-07` - `2021-08-05`	3 months	crt.sh
s1.rui.au.reastatic.net Amazon	`2020-08-19` - `2021-09-18`	a year	crt.sh
*.s3-ap-southeast-2.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-07-30` - `2021-08-04`	a year	crt.sh
widget.perfectmarket.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2021-04-19` - `2022-04-27`	a year	crt.sh
web.app GTS CA 1D4	`2021-03-17` - `2021-06-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2020-06-01` - `2021-06-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-28` - `2022-02-01`	a year	crt.sh
au.tags.newscgp.com Amazon	`2021-01-25` - `2022-02-22`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-09` - `2022-05-08`	a year	crt.sh
secure-ds.serving-sys.com DigiCert SHA2 Secure Server CA	`2021-03-17` - `2022-03-22`	a year	crt.sh
*.adsafeprotected.com Amazon	`2020-08-19` - `2021-09-18`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
*.vidora.com Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh
metrics.heraldsun.com.au DigiCert SHA2 High Assurance Server CA	`2020-04-13` - `2021-07-15`	a year	crt.sh
fw.adsafeprotected.com Amazon	`2020-09-09` - `2021-10-09`	a year	crt.sh
*.google.be GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
bs.serving-sys.com Go Daddy Secure Certificate Authority - G2	`2020-01-07` - `2022-03-08`	2 years	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-04-30` - `2022-05-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2021-03-16` - `2022-03-17`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-04-15` - `2021-10-15`	6 months	crt.sh
static.adsafeprotected.com Amazon	`2021-01-06` - `2022-02-04`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
www.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.nuid.imrworldwide.com Amazon	`2020-06-26` - `2021-07-26`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.adkernel.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-22` - `2022-01-05`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2020-05-07` - `2022-05-12`	2 years	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2020-05-18` - `2021-07-17`	a year	crt.sh
*.id5-sync.com R3	`2021-03-23` - `2021-06-21`	3 months	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-29` - `2022-03-29`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2021-04-08` - `2022-05-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh

This page contains 38 frames:

Primary Page: https://www.heraldsun.com.au/?nk=cadeda36c756ad14e35322721241c57b-1620803493
Frame ID: E257793839AC9B0D339089F36855F1D3
Requests: 154 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=ogdP8dbzbS.JIY_jZ3EZMhfpTrnsUI_w&nonce=NuPlDcb8GtVECjXr-bARJE5gpebHamHn&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNi4wIn0%3D
Frame ID: C24E7F747260093587905831D331491A
Requests: 3 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=uJRBan1bo1nfap9aDk9gKyDbq.c59AbS&nonce=jXMogxLtR0rvZQFI-KF51JGElj2oXwHA&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNi4wIn0%3D
Frame ID: E99EE7E3AA12A156372A0CCB90C13046
Requests: 3 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=7HEVIvsL6DwQe054L1MHV~UJX~xUsB7r&nonce=OlFk8toDLvF29E1dAuetgNKfNHveR2gM&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNi4wIn0%3D
Frame ID: 02DE9CB9D68E5DD3D395354171947CCB
Requests: 3 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=.wiZ.2lZUkKDX3VUu57175kc86sJsMLX&nonce=ULdyk.lfTkmACnYQO1P1QjMOit02hgP8&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNi4wIn0%3D
Frame ID: 6EF34C83DD08A63C1869B9AF56D35836
Requests: 3 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: C8DF31FB34ECAA1B8460230398821915
Requests: 22 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsunSdPRJItGEVx5otb-IQxBNwoT_42Wd6PEYuW-XKcPhXoXwaUmLgHg_3EnWpcuVDDDQq4Os2JVmjqQSCBXUFBKqQfZSpX6gyrGNpTQgO5T4FLq6uk_rxyVluRB-IdXtm3qlz2GWoKM2tkqW07fuuDjG46S_SVSMrowMXibhzzQvB_xo6aKE7u1c45OwOvLlSXJhIf8CJwN1JKQXQY19VAVAv8tn1bS0P0U-kofBkZD_gtl0dvOtylmT2HLpzFHrsmnIgcQJ6BfW6HXK1wTxPX9Ft1Gadw7_vAoA0iNZoy9LKc&sai=AMfl-YR64FH6qPYLz7cnXGSMaRQ5qbERbyoHUc3_pRZQX98yaTQg6UMYxuKX8gARrjSRodN5nvsoN_4etzCa&sig=Cg0ArKJSzP4GcW9Z2x2vEAE&adurl=
Frame ID: 71B3DF702280756701C2BF076768A21A
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssWyy5XIGU0RqgDpKT46CK70M5pb9eIVorWe9ZRc7-bnjdjrToB97x9YrxqCs5EbGDdfJixMHzDb0U_vVCymDLp2gWJa_mYGDjC63Qc5w8Ugi8hcuBYhf2h2u8-fGxs2nczFBYfeS2wBgrVTKvEWOkZECZ6Y3WjTIvmxyMJ45kXAVQ6nZxcSj8_Kv653dKrt9rdRoYyAFMF0tHC8Oxoi7XIUXgZ3Rh8hFqNYwuud79AUTEX-Lysy0gtY4WILfMDhKjqaYWDfLqX7Bvs4-_tH2tNtFn6ccEzf9eC7ufDQklRU-E&sai=AMfl-YQ_bAsyjqVaqYBRNCuJsB7fc0nhOIX4xqk2RNaveR8LLgBfMoJdDKNbVfIGRx1dKCGTACtttk5QnJw_&sig=Cg0ArKJSzOe8aCBvWFjBEAE&adurl=
Frame ID: 32F08B65703CA78E15CB3B80DF5C8A54
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvISXAxTdzdLLDWYNwJ9LqtAPmAlkE-YD1__DDuUbxZ9Ao4QjDhsxaSMxACOhesA-Pl4aQtnDqDVFC9eR0XnI3K2C2B8ICZXdwHlMj0OqEeDEG0tAbleUDbBQHBdp0FPWbox3PW-0H2LWKHn_uWW1ZZPuM4mgE5SLTyPIhJ8XDzYjqp9vXGqNrcKtGcYLR7OeZuaHLWZsS4C1wq_5xrvsdfabBIdFR9901Wwy8ryCOl78hPsVXkIwJDcIB4ZP9zrbWtt3klQyZXl-dQ24uHWKPhIvADVWJ0f-PX5h9lxl-pyEI&sai=AMfl-YTZi2BBSo1JdfM3k6vfTIf4SYdIy5fiZZy8xEdNQQesYwC8BQEpdFD8qv29WNJm1iC1YwlF7JsqvV18&sig=Cg0ArKJSzPiUjoozYC8AEAE&adurl=
Frame ID: D477450C5E9A405D16A1354C1726676B
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstDcxTWWv3GVqz1T3dUZ4ONwq-xTsH_4tTn23Tf285al2gzhatM4RAYhjJ4EtyaojmCigqCtKqIjK-He8P_IFb8caxB6TV4VVBldzOcRRu25OnD0dZrSRl4Bic1HgLrpsTh4LvJHx_LOiARTcAehKzEGNcLvI_NQC7tB9gqUFlzAhx6SMtZCB6uHlM-wngbb4rDoukJi2pEUZ1bTM6lQIjBkWMqUnnxxauAtQ10t9_1Ehyu4U7V6Z6I36x8Cm12LDAPdFfgQIr0UATbpIc-Hm8k1qpnpETmoC4fuQkur7llHiE&sai=AMfl-YTaOgoj74rFbOTw2BEP_S9OFBNTazecoll7TZBzU1YFVapa_wuS5FaNExPmIASa-zZVWdqVDKLFgnfA&sig=Cg0ArKJSzKUEMtogi68wEAE&adurl=
Frame ID: 89A06253DEDB49C989A7ADE36C583853
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstma8OjOXQeQIf3zmCyW-qYLHPzOj4vtcsvAjSm1VnxfGZJujM2D9f-6YAyRu-uSuJNILaUtnnf_N_0BWryNG4H0mMqwpWmej6Bu6T3jz0gc8ERLtoCUHBzeTnXHvMxK5BsCmhnZ-q0o6cs9pzfTkqRUbWYAPbaxrbs9sZGGplCS84lEIl_mdMiyDDqSUW5ECE51rSd1pxyXYRA4CwpPkKB9Bgb21a2nL_egGu-E3hVTzHE4u_7ByqKEsk2RG1ouVGLt8l8Mg8HWLujG0K97sCqu3lf0wwE3T9Y_7oFpjaY5Rs&sai=AMfl-YRWJ6GUSdS9yS0_BrQfhbmWEr6pSAuwnNk5IxTvevFOEkdBFOjEcis0iL5d6pPY9sZxPnB7b2WfHzzW&sig=Cg0ArKJSzL4rQ2c9bKDqEAE&adurl=
Frame ID: 7C507BBFA3D80BB01B51C92A6133EFAE
Requests: 8 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025461&pubOrder=305536031&cb=680797797&custom=homepage&custom3=168400391&adsafe_par&impId=4a7b9e9a-b2f1-11eb-b656-024bf4a6d028
Frame ID: 36F5180288F6678FC478529A01621529
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092441&pubOrder=305536031&cb=375719769&custom=homepage&custom3=168400391&adsafe_par&impId=4a7b9e9b-b2f1-11eb-b656-024bf4a6d028
Frame ID: C72C1373DAC52863E1412E1097BA0C09
Requests: 2 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: 27AE4821258CB5D22DC44514DC1D2E9D
Requests: 1 HTTP requests in this frame

Frame: https://static.ads-twitter.com/uwt.js
Frame ID: B09E3D19D8DA486DE9A78DF6D94B0055
Requests: 3 HTTP requests in this frame

Frame: https://snap.licdn.com/li.lms-analytics/insight.min.js
Frame ID: B3E30A4D4E79EE1D28B5742B5C976EB7
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Frame ID: 3A1BEA86BACDEA39463770A9451AD2DD
Requests: 5 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: D69AA01208B34F3F69C618FCA119E3BC
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/up/pixie.js
Frame ID: 01196F7BD2C63846B82931D90E28B110
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CIC058XLw_ACFaHnuwgddvQMHg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9193483728087.191
Frame ID: 1986DAA0715E942ABD0E948097588A30
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CKS158XLw_ACFdDmuwgd3RQApA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1856609321408.1736
Frame ID: F06AA20F1BA798C794CD11ED688F0DC9
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-820018408
Frame ID: D68E096988B3279C5E86D7FDC081B8EA
Requests: 5 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/conversion.js
Frame ID: 87DEC8BE743FAD9B855C6E6D8E96C120
Requests: 4 HTTP requests in this frame

Frame: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296557&src.rand=[timestamp]
Frame ID: 161677BBF7590705BD7B781DFC838E41
Requests: 1 HTTP requests in this frame

Frame: https://secure.adnxs.com/px?id=879166&seg=9702347&t=2
Frame ID: B3E0155FFFF69338AFE633BDC1B44681
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025548&pubOrder=305536031&cb=1120252209&custom=homepage&custom3=168400391&adsafe_par&impId=4a7b9e9c-b2f1-11eb-b656-024bf4a6d028
Frame ID: 16ABB95DC211EFDA0AC57B547466231E
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234082178&pubOrder=305536031&cb=1089760220&custom=homepage&custom3=168400391&adsafe_par&impId=4a7b9e9d-b2f1-11eb-b656-024bf4a6d028
Frame ID: B6D9294F38CC3560D3DC1BF947AE9AAD
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092474&pubOrder=305536031&cb=1859492730&custom=homepage&custom3=168400391&adsafe_par&impId=4a7b9e9e-b2f1-11eb-b656-024bf4a6d028
Frame ID: B48C2AB3E65ABEA04E2712D3AE768716
Requests: 2 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 857A8C6C5B40841CF30D90A0733162EF
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.5.js
Frame ID: 8938AE4BA0BE5575F089D1E9257F114A
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.5.js
Frame ID: 28C962B1F339AE6FE6DD346292CC1E49
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.5.js
Frame ID: 6483459111348A7E738AF78EBD2B063C
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.5.js
Frame ID: B84FC22304A7649059E1EFB699A4EE2B
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.5.js
Frame ID: 55D3813F4BD1019CD3FF6BB4EAE4A92A
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=f53e5f71-abf6-43f0-9997-4da962f9e8a3&tbid=96e73fb6-93b1-4bb5-9a00-02e5c6808771-tuct795052a&query=taboola_hm%3Df53e5f71-abf6-43f0-9997-4da962f9e8a3&isDirect=0
Frame ID: 54E74DFDCB7DB072BAAF130260BA9EE5
Requests: 19 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Frame ID: F0BC79177B40C71BAAAB8E452C8BA4EF
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Frame ID: 75322FEC14E94AE4FEC89DC04856E79B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 14DF6DE6CA0F9AAEECF38D73D2890037
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.heraldsun.com.au// HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2f HTTP 302
https://www.heraldsun.com.au/ HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&162... HTTP 302
https://www.heraldsun.com.au/?nk=cadeda36c756ad14e35322721241c57b-1620803493 Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /\/prebid\.js/i

Sizmek (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /serving-sys\.com\//i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

297
Requests

96 %
HTTPS

24 %
IPv6

66
Domains

116
Subdomains

87
IPs

9
Countries

2855 kB
Transfer

7490 kB
Size

37
Cookies

56 Outgoing links

These are links going to different origins than the main page.

URL: https://www.plusrewards.com.au/heraldsun/offers
Title: Rewards

Search URL Search Domain Scan URL

URL: https://myaccount.heraldsun.com.au/s
Title: My account

Search URL Search Domain Scan URL

URL: https://www.escape.com.au/
Title: Travel

Search URL Search Domain Scan URL

URL: https://supercoach.com.au/
Title: SuperCoach

Search URL Search Domain Scan URL

URL: http://tips.com.au/afl/?source_code=HSWEB_TIP1271
Title: tips.com.au

Search URL Search Domain Scan URL

URL: https://supercoach.heraldsun.com.au/racing
Title: SuperCoach

Search URL Search Domain Scan URL

URL: https://supercoach.heraldsun.com.au/nrl
Title: SuperCoach

Search URL Search Domain Scan URL

URL: https://tips.com.au/nrl/
Title: tips.com.au

Search URL Search Domain Scan URL

URL: https://www.realestate.com.au/news/narre-warren-norths-hollywood-hills-mansion-hits-the-market/?rsf=syn:news:nca:hs:article

Search URL Search Domain Scan URL

URL: http://heraldsun.com.au/RULE

Search URL Search Domain Scan URL

URL: https://www.realestate.com.au/

Search URL Search Domain Scan URL

URL: https://www.escape.com.au/travel-advice/opinion-i-want-my-vaxication-and-i-want-it-now/news-story/cda08e6fb25179e1c2acd8b486c2eb1f

Search URL Search Domain Scan URL

URL: https://www.escape.com.au/destinations/australia/photos-prove-australia-is-the-most-terrifying-place-on-earth/news-story/4254091ab89c70b603476d0291e799a3
Title: Photos of Australia terrifying the world

Search URL Search Domain Scan URL

URL: https://www.escape.com.au/top-lists/one-thing-you-must-never-do-at-disneyland/image-gallery/508833d1ba062f1d6e34099cfd76112d
Title: One thing now banned at Disneyland

Search URL Search Domain Scan URL

URL: https://heraldsun.digitaleditions.com.au/index.php
Title: Front pageRead today's paper as it was printed.

Search URL Search Domain Scan URL

URL: https://www.facebook.com/heraldsun

Search URL Search Domain Scan URL

URL: https://www.twitter.com/theheraldsun

Search URL Search Domain Scan URL

URL: https://www.instagram.com/heraldsunphoto

Search URL Search Domain Scan URL

URL: http://heraldsun.com.au/help-rss

Search URL Search Domain Scan URL

URL: https://myaccount.news.com.au/heraldsun/help/subscriptionTerms?pkgDef=HS_GCRACA_W52&hideRegistrationTnC=true
Title: Group/Corporate subscriptions

Search URL Search Domain Scan URL

URL: https://www.newsletters.news.com.au/heraldsun
Title: Newsletters

Search URL Search Domain Scan URL

URL: http://www.newscorpaustralia.com/careers
Title: Job Opportunities

Search URL Search Domain Scan URL

URL: https://myaccount.news.com.au/heraldsun/help/subscriptionTerms?pkgDef=HS_SDO_SDO5A_M01
Title: Subscription terms

Search URL Search Domain Scan URL

URL: https://myaccount.news.com.au/heraldsun/help/subscriptionTerms?pkgDef=HS_LAPP_17A_W04#subscribe
Title: App only subscription terms

Search URL Search Domain Scan URL

URL: http://www.newsphotos.com.au/C.aspx?VP3=CMS3&VF=Home
Title: Photo Sales

Search URL Search Domain Scan URL

URL: https://www.newsconcierge.com.au/
Title: Advertise with us

Search URL Search Domain Scan URL

URL: https://www.dailytelegraph.com.au/
Title: The Daily Telegraph

Search URL Search Domain Scan URL

URL: https://www.couriermail.com.au/
Title: Courier Mail

Search URL Search Domain Scan URL

URL: http://www.adelaidenow.com.au/
Title: The Advertiser

Search URL Search Domain Scan URL

URL: https://www.news.com.au/
Title: news.com.au

Search URL Search Domain Scan URL

URL: https://www.theaustralian.com.au/
Title: The Australian

Search URL Search Domain Scan URL

URL: https://www.themercury.com.au/
Title: The Mercury

Search URL Search Domain Scan URL

URL: https://www.geelongadvertiser.com.au/
Title: Geelong Advertiser

Search URL Search Domain Scan URL

URL: https://www.cairnspost.com.au/
Title: The Cairns Post

Search URL Search Domain Scan URL

URL: https://www.goldcoastbulletin.com.au/
Title: Gold Coast Bulletin

Search URL Search Domain Scan URL

URL: https://www.townsvillebulletin.com.au/
Title: Townsville Bulletin

Search URL Search Domain Scan URL

URL: https://www.thechronicle.com.au/
Title: The Chronicle

Search URL Search Domain Scan URL

URL: https://www.ntnews.com.au/
Title: NT News

Search URL Search Domain Scan URL

URL: https://www.weeklytimesnow.com.au/
Title: The Weekly Times

Search URL Search Domain Scan URL

URL: https://www.buysearchsell.com.au/
Title: Buy Search Sell Classifieds

Search URL Search Domain Scan URL

URL: http://leader.local.heraldsun.com.au/
Title: Find Your Local

Search URL Search Domain Scan URL

URL: http://www.foxsports.com.au/
Title: Foxsports

Search URL Search Domain Scan URL

URL: https://www.foxtel.com.au/index.html
Title: Foxtel

Search URL Search Domain Scan URL

URL: https://hipages.com.au/
Title: Hipages

Search URL Search Domain Scan URL

URL: https://kayosports.com.au/
Title: Kayo

Search URL Search Domain Scan URL

URL: https://www.mytributes.com.au/
Title: My Tributes

Search URL Search Domain Scan URL

URL: https://www.punters.com.au/
Title: Punters

Search URL Search Domain Scan URL

URL: https://www.odds.com.au/
Title: odds.com.au

Search URL Search Domain Scan URL

URL: https://www.racenet.com.au/
Title: racenet.com.au

Search URL Search Domain Scan URL

URL: https://apps.apple.com/au/app/herald-sun/id392582225

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.newscorp.heraldsun

Search URL Search Domain Scan URL

URL: https://preferences.news.com.au/##collect
Title: Find out more about our policy and your choices, including how to opt-out.

Search URL Search Domain Scan URL

URL: https://preferences.news.com.au/
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://preferences.news.com.au/##optout
Title: Relevant ads opt-out

Search URL Search Domain Scan URL

URL: https://preferences.news.com.au/cookies
Title: Cookie policy

Search URL Search Domain Scan URL

URL: https://vip.wordpress.com/
Title: WordPress.com VIP

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.heraldsun.com.au// HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2f HTTP 302
https://www.heraldsun.com.au/ HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&1620803493441853768 HTTP 302
https://www.heraldsun.com.au/?nk=cadeda36c756ad14e35322721241c57b-1620803493 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1620803496344&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1620803496344&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9=

Request Chain 65

https://secure-gl.imrworldwide.com/v60.js HTTP 301
https://cdn-gl.imrworldwide.com/v60.js

Request Chain 79

https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1620803496764 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1620803496764

Request Chain 92

https://cm.everesttech.net/cm/dd?d_uuid=77209328200338166100765293161322666226 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YJt-qQAAALb7zBNg

Request Chain 120

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
https://dpm.demdex.net/ibs:dpid=358&dpuuid=3668228889875249141

Request Chain 150

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9193483728087.191 HTTP 302
https://8228261.fls.doubleclick.net/activityi;dc_pre=CIC058XLw_ACFaHnuwgddvQMHg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9193483728087.191

Request Chain 151

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1856609321408.1736 HTTP 302
https://8228261.fls.doubleclick.net/activityi;dc_pre=CKS158XLw_ACFdDmuwgd3RQApA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1856609321408.1736

Request Chain 159

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=470&dpuuid=8108158609362032713

Request Chain 174

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1620803497797&url=https%3A%2F%2Fwww.heraldsun.com.au%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26time%3D1620803497797%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1620803497797&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1620803497797&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&liSync=true&e_ipv6=AQIiAznFc2cNNgAAAXlfarHXo5Pgjo8PAr7hwL5Bhn8KQcGJX2wCe5l_t1G3KYSRMctHhZDu

Request Chain 184

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NzcyMDkzMjgyMDAzMzgxNjYxMDA3NjUyOTMxNjEzMjI2NjYyMjY= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEGbwuUEVQcdgsJhQDgSM9hE&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 196

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=d2a7f5c6-c33e-4320-b3e0-6cf02f77c07e

Request Chain 226

https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__ HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YJt-qh1UV0GHEQhXaaDQKAAA%261120

Request Chain 227

https://dt.scanscout.com/ssframework/uid?UIAA=77209328200338166100765293161322666226&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D HTTP 302
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-f1de10fe76d2810a16b763d590e826e9

Request Chain 229

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=f53e5f71-abf6-43f0-9997-4da962f9e8a3 HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=f53e5f71-abf6-43f0-9997-4da962f9e8a3&tbid=96e73fb6-93b1-4bb5-9a00-02e5c6808771-tuct795052a&query=taboola_hm%3Df53e5f71-abf6-43f0-9997-4da962f9e8a3&isDirect=0

Request Chain 230

https://u.openx.net/w/1.0/sd?id=543998486&val=bee2bc59-7cee-4e0d-b107-5aa5de5f0f1c-tuct7950528&gdpr=0&gdpr_consent= HTTP 302
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=bee2bc59-7cee-4e0d-b107-5aa5de5f0f1c-tuct7950528&gdpr=0&gdpr_consent=

Request Chain 233

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=HcPOjCNhE4Pf&ev=1&orig=trc&pid=562107

Request Chain 234

https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc HTTP 302
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=3668228889875249141&orig=trc

Request Chain 235

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESED86X1tqJkRNtw3KvEPR7d4&google_cver=1

Request Chain 237

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=c45d0d5a-5865-4a48-9d99-84fec7c265c3-tuct795052a

Request Chain 238

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=d2a7f5c6-c33e-4320-b3e0-6cf02f77c07e

Request Chain 239

https://ce.lijit.com/merge?pid=42&3pid=bee2bc59-7cee-4e0d-b107-5aa5de5f0f1c-tuct7950528&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=42&3pid=bee2bc59-7cee-4e0d-b107-5aa5de5f0f1c-tuct7950528&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

Request Chain 243

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=86a8e33f-0868-4506-9d52-1c5374203aa1

Request Chain 244

https://id5-sync.com/s/464/9.gif?puid=bee2bc59-7cee-4e0d-b107-5aa5de5f0f1c-tuct7950528&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/464/464/7/1.gif?puid=bee2bc59-7cee-4e0d-b107-5aa5de5f0f1c-tuct7950528&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOFyYm-hwrjE9x7p68iKQJwPgV3LBYJYnhnTupow&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOFyYm-hwrjE9x7p68iKQJwPgV3LBYJYnhnTupow&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/464/124/6/2.gif?puid=db430bc6-c940-41b2-8234-61b7681d8269&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=

Request Chain 245

https://s.c.appier.net/taboola HTTP 302
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=_6OIoZRPD0SKa_Oarn-bYA

Request Chain 247

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dtaboola%26bsw_param%3D6bec7f16-db92-43cd-8f7e-74e30d7cdbbd&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=80&user_id=acd2609b-7faa-4f00-acbd-c67dbc69579d&expires=30&ssp=taboola&bsw_param=6bec7f16-db92-43cd-8f7e-74e30d7cdbbd&gdpr=0&gdpr_consent= HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=6bec7f16-db92-43cd-8f7e-74e30d7cdbbd

Request Chain 249

https://ps.eyeota.net/match?bid=6j5b2cv&uid=77209328200338166100765293161322666226&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Request Chain 264

https://usermatch.krxd.net/um/v2?partner=adobe&id=77209328200338166100765293161322666226 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=77209328200338166100765293161322666226

Request Chain 265

https://tags.bluekai.com/site/43981?id=77209328200338166100765293161322666226&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID HTTP 302
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=nYcz1y9999O7NJ%2BQ

Request Chain 266

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUp0LXFRQUFBTGI3ekJOZw==

Request Chain 267

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YJt-qQAAALb7zBNg&expires=90

Request Chain 269

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YJt-qQAAALb7zBNg

Request Chain 271

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=YJt-qQAAALb7zBNg

Request Chain 273

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YJt-qQAAALb7zBNg

Request Chain 275

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJt-qQAAALb7zBNg

Request Chain 277

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YJt-qQAAALb7zBNg&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YJt-qQAAALb7zBNg&img=1&__user_check__=1&sync_id=4bed1ca8-b2f1-11eb-96f9-1bbe6fc50406

Request Chain 279

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YJt-qQAAALb7zBNg&t=2592000&o=0

Request Chain 280

https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=147592?dpuuid=96e73fb6-93b1-4bb5-9a00-02e5c6808771-tuct795052a

Request Chain 281

https://sync.1rx.io/usersync/adobe/0?dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync/adobe/0?zcc=1&dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D&cb=1620803500802 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-e376c224-6f1f-4dd4-9139-8564124e4754-003?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3DRX-e376c224-6f1f-4dd4-9139-8564124e4754-003 HTTP 302
https://dpm.demdex.net/ibs:dpid=461447&dpuuid=RX-e376c224-6f1f-4dd4-9139-8564124e4754-003 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=461447&dpuuid=RX-e376c224-6f1f-4dd4-9139-8564124e4754-003

297 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.heraldsun.com.au/
Redirect Chain

https://www.heraldsun.com.au//
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2f
https://www.heraldsun.com.au/
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&1620803493441853768
https://www.heraldsun.com.au/?nk=cadeda36c756ad14e35322721241c57b-1620803493

408 KB
73 KB

2215ms
2215ms

Document
text/html

2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/?nk=cadeda36c756ad14e35322721241c57b-1620803493

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

c22af5507e2e33b84ad021ed87d66c818b155a0773a6b3c227308aedce57a8e4

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

:method: GET
:authority: www.heraldsun.com.au
:scheme: https
:path: /?nk=cadeda36c756ad14e35322721241c57b-1620803493
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: n_regis=123456789
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
content-type: text/html; charset=UTF-8
set-cookie: AWSALB=T2g/BYfIC28uPf7pAUM6KMF0+PU7CQdpjP3/nDShse8CQcG020GJ7Zvqo/0XCsc84VpmIWfOWzRMID3z+9JJ15os/uAFfWziDecPwl4axycX3iq4rVKahMsvpotv; Expires=Wed, 19 May 2021 07:11:34 GMT; Path=/ nk=cadeda36c756ad14e35322721241c57b; expires=Sat, 11 May 2024 07:11:35 GMT; path=/; domain=heraldsun.com.au; SameSite=None; Secure; AWSALBCORS=T2g/BYfIC28uPf7pAUM6KMF0+PU7CQdpjP3/nDShse8CQcG020GJ7Zvqo/0XCsc84VpmIWfOWzRMID3z+9JJ15os/uAFfWziDecPwl4axycX3iq4rVKahMsvpotv; Expires=Wed, 19 May 2021 07:11:34 GMT; Path=/; SameSite=None; Secure
x-powered-by: WordPress VIP <https://wpvip.com>
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
vary: User-Agent Accept-Encoding
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2f%3fnk%3dcadeda36c756ad14e35322721241c57b-1620803493&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=&session=cadeda36c756ad14e35322721241c57b
x-arrrg5: BlaizeHappened
x-rq: ewr4 119 71 3084
x-xss-protection: 1
x-content-type-options: nosniff
host-header: a9130478a60e5f9135f765b23f26593b
content-encoding: gzip
cache-control: max-age=0
expires: Wed, 12 May 2021 07:11:35 GMT
date: Wed, 12 May 2021 07:11:35 GMT

Redirect headers

server: AkamaiGHost
content-length: 154
content-type: text/html
location: https://www.heraldsun.com.au/?nk=cadeda36c756ad14e35322721241c57b-1620803493
set-cookie: nk=cadeda36c756ad14e35322721241c57b; expires=Sat, 11 May 2024 07:11:33 GMT; path=/; domain=news.com.au; SameSite=None; Secure;
mime-version: 1.0
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
vary: Accept-Encoding
etag: "05563c72b22b39afb384f19701c03047:1600838589.100191"
expires: Wed, 12 May 2021 07:11:33 GMT
cache-control: max-age=0, no-cache
pragma: no-cache
date: Wed, 12 May 2021 07:11:33 GMT

GET
H2 200 css-metro-desktop-lazy.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 55 B
674 B 135ms
135ms Stylesheet
text/css 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=cadeda36c756ad14e35322721241c57b-1620803493

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path: /wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css
pragma: no-cache
cookie: n_regis=123456789; AWSALB=T2g/BYfIC28uPf7pAUM6KMF0+PU7CQdpjP3/nDShse8CQcG020GJ7Zvqo/0XCsc84VpmIWfOWzRMID3z+9JJ15os/uAFfWziDecPwl4axycX3iq4rVKahMsvpotv; nk=cadeda36c756ad14e35322721241c57b; AWSALBCORS=T2g/BYfIC28uPf7pAUM6KMF0+PU7CQdpjP3/nDShse8CQcG020GJ7Zvqo/0XCsc84VpmIWfOWzRMID3z+9JJ15os/uAFfWziDecPwl4axycX3iq4rVKahMsvpotv
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.heraldsun.com.au
referer: https://www.heraldsun.com.au/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:36 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 74
x-rq: ewr4 114 24 3161
last-modified: Wed, 10 Mar 2021 01:11:17 GMT
server: nginx
etag: "60481cb5-37"
vary: User-Agent
content-type: text/css
cache-control: max-age=1
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Wed, 12 May 2021 07:11:37 GMT

GET
H2 200 lux.js Show response
cdn.speedcurve.com/js/ 21 KB
7 KB 76ms
22ms Script
application/javascript 151.101.14.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.speedcurve.com/js/lux.js?id=338391603
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=cadeda36c756ad14e35322721241c57b-1620803493
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 1647e28020eaa5351a43d1583a9714bfeedddd6390c1bf4ab3b50f763ac81be5

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:35 GMT
via: 1.1 vegur, 1.1 varnish
age: 2055
x-cache: HIT
x-cache-hits: 1
content-encoding: gzip
content-length: 6933
x-served-by: cache-fra19137-FRA
last-modified: Wed, 12 May 2021 06:37:20 GMT
server: Apache
x-timer: S1620803496.951680,VS0,VE1
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 May 2021 06:37:20 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/ 256 KB
35 KB 171ms
124ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=cadeda36c756ad14e35322721241c57b-1620803493
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3b27f022aa501b26e80948155fc3c5ff4967af37488a92ee8975d8cd0cfe9072

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: sr1qIzLrtF7utXXUwDexjW_BsF0h0SRk
content-encoding: gzip
etag: "2cbaa0b26a8fb5405550a4ee5a0edcc5"
age: 0
x-cache: HIT
content-length: 35561
x-amz-id-2: QPaEgeaKSGy+kR4OMNWMtwlf4DNnm/7z71SV5GsTQ7EHVwn9jdgI4OM0SHWD7uPReSXtlx555rs=
x-served-by: cache-fra19136-FRA
last-modified: Thu, 06 May 2021 15:34:59 GMT
server: AmazonS3
x-timer: S1620803496.957892,VS0,VE102
date: Wed, 12 May 2021 07:11:36 GMT
vary: Accept-Encoding
x-amz-request-id: P1HR8AY14E7SXRJ5
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 51
x-cache-hits: 1

GET
H2 200 heraldsun.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 37 KB
15 KB 34ms
34ms Image
image/svg+xml 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

03cce1892cbfca0c35fe3b1f64307db1269f452bc8eb983a654d68166bfb57c0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path: /wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg
pragma: no-cache
cookie: n_regis=123456789; AWSALB=T2g/BYfIC28uPf7pAUM6KMF0+PU7CQdpjP3/nDShse8CQcG020GJ7Zvqo/0XCsc84VpmIWfOWzRMID3z+9JJ15os/uAFfWziDecPwl4axycX3iq4rVKahMsvpotv; nk=cadeda36c756ad14e35322721241c57b; AWSALBCORS=T2g/BYfIC28uPf7pAUM6KMF0+PU7CQdpjP3/nDShse8CQcG020GJ7Zvqo/0XCsc84VpmIWfOWzRMID3z+9JJ15os/uAFfWziDecPwl4axycX3iq4rVKahMsvpotv
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.heraldsun.com.au
referer: https://www.heraldsun.com.au/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:35 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 14385
x-rq: ewr4 114 120 3167
last-modified: Mon, 12 Apr 2021 00:05:02 GMT
server: nginx
etag: W/"60738eae-948d"
vary: User-Agent
content-type: image/svg+xml
cache-control: max-age=1276330
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Thu, 27 May 2021 01:43:45 GMT

GET
H2 200 5b6880c9b0b6f412bedc78122b99de31
content.api.news/v3/images/bin/ 70 KB
71 KB 102ms
94ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/5b6880c9b0b6f412bedc78122b99de31?width=1024
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 0bf331af93dd676680e91868aff8d7a710935725117c7dad225f1c0849ed9de6

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag: 5b6880c9b0b6f412bedc78122b99de31
date: Wed, 12 May 2021 07:11:35 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 443d8c7121294c37d6f5a755eae94e62-5b6880c9b0b6f412bedc78122b99de31-1024
x-serial: 1504
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5179716
last-modified: Wed, 12 May 2021 06:00:50 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 71948
expires: Sun, 11 Jul 2021 06:00:11 GMT

GET
H2 200 c3af5d97b99e074d5921a997b96b0e47
content.api.news/v3/images/bin/ 48 KB
48 KB 97ms
88ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/c3af5d97b99e074d5921a997b96b0e47?width=650
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 64fec8b95316fb6347be8cf9f9e41fa800511b22fcbb1a8a0f5400f7e99e19e5

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag: c3af5d97b99e074d5921a997b96b0e47
date: Wed, 12 May 2021 07:11:35 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 720d8ac7e1e6f03b1405809cbafb59aa-c3af5d97b99e074d5921a997b96b0e47-650
x-serial: 1049
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5177526
last-modified: Wed, 12 May 2021 05:23:31 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 49064
expires: Sun, 11 Jul 2021 05:23:41 GMT

GET
H2 200 f6ff969b01d12a6e165e260f6c86015d
content.api.news/v3/images/bin/ 42 KB
42 KB 148ms
140ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/f6ff969b01d12a6e165e260f6c86015d?width=650
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 5b73abfc521affc9876fa9b927b78bd50e2df1c1ce087a19e9e8e5234e661196

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag: f6ff969b01d12a6e165e260f6c86015d
date: Wed, 12 May 2021 07:11:36 GMT
last-modified: Wed, 12 May 2021 07:05:05 GMT
server: Akamai Image Manager
etag: 6a641fc12e0c6af752d22318dd84bfad-f6ff969b01d12a6e165e260f6c86015d-650
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5183518
access-control-allow-headers: x-newsapi-api-key
content-length: 42693
expires: Sun, 11 Jul 2021 07:03:34 GMT

GET
H2 200 364ace7c876c074c177309a4142d900f
content.api.news/v3/images/bin/ 5 KB
6 KB 181ms
172ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/364ace7c876c074c177309a4142d900f?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: fd2670107a9400b251489bda13b8e30d285d989ca5bd3728ca646c86977ece1b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag: 364ace7c876c074c177309a4142d900f
date: Wed, 12 May 2021 07:11:36 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 7e915cec8af62d074182ae774c4179dc-364ace7c876c074c177309a4142d900f-150
x-serial: 585
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5161284
last-modified: Wed, 12 May 2021 00:52:31 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 5538
expires: Sun, 11 Jul 2021 00:53:00 GMT

GET
H2 200 56429b308b993c01a3caaaef3dc756e4
content.api.news/v3/images/bin/ 4 KB
5 KB 1308ms
1300ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/56429b308b993c01a3caaaef3dc756e4?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: c3eb14d4f7c6874388ced16b4c1b37e0293302271784d79fc89a43e8c14591f4

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag: 56429b308b993c01a3caaaef3dc756e4
date: Wed, 12 May 2021 07:11:37 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: fb9d5fd5536f052c05eba9135876bf41-56429b308b993c01a3caaaef3dc756e4-150
x-serial: 1243
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5182799
last-modified: Wed, 12 May 2021 06:53:13 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 4367
expires: Sun, 11 Jul 2021 06:51:36 GMT

GET
H2 200 8a36c7e30bb2fb2095d305c921a4d08a
content.api.news/v3/images/bin/ 3 KB
4 KB 101ms
94ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/8a36c7e30bb2fb2095d305c921a4d08a?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: b45566ffc79a66f6161ab9531c93acf8de3c7f658b105804d2cd65660c680438

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag: 8a36c7e30bb2fb2095d305c921a4d08a
date: Wed, 12 May 2021 07:11:35 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: a72478e77ef38bfd3de0b30f8e811118-8a36c7e30bb2fb2095d305c921a4d08a-150
x-serial: 804
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5180074
last-modified: Wed, 12 May 2021 06:06:13 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 3526
expires: Sun, 11 Jul 2021 06:06:09 GMT

GET
H2 200 d953095bfc72e24b00e2fba1cbb94bcd
content.api.news/v3/images/bin/ 5 KB
5 KB 56ms
55ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/d953095bfc72e24b00e2fba1cbb94bcd?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 20a2413b2bfbf52ba4a59325d71c78518725b704650f13fb54391ec9721ab302

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag: d953095bfc72e24b00e2fba1cbb94bcd
date: Wed, 12 May 2021 07:11:36 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: a08e13caf6fe59d525bab9a2a198b400-d953095bfc72e24b00e2fba1cbb94bcd-150
x-serial: 108
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5174596
last-modified: Wed, 12 May 2021 04:34:35 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 4693
expires: Sun, 11 Jul 2021 04:34:52 GMT

GET
H2 200 0de79168bcea950df3940cdec13f481f
content.api.news/v3/images/bin/ 57 KB
57 KB 58ms
58ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/0de79168bcea950df3940cdec13f481f?width=650
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 927ef2ee82c092d3937ec63ad2934f347986c0a8f7b06e051032ee7ffcee24f2

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag: 0de79168bcea950df3940cdec13f481f
date: Wed, 12 May 2021 07:11:36 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 4ff283167148e39710c0590f54dbc7aa-0de79168bcea950df3940cdec13f481f-650
x-serial: 1216
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5173103
last-modified: Wed, 12 May 2021 04:09:43 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 58337
expires: Sun, 11 Jul 2021 04:09:59 GMT

GET
H2 200 7c6c6fc10cef0a9ae2724d8fac2498f7
content.api.news/v3/images/bin/ 57 KB
58 KB 109ms
108ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/7c6c6fc10cef0a9ae2724d8fac2498f7?width=650
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 8fd2af202707c96310e0292a8de3921a98a09a86f1f85c1a935428de5eae2011

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag: 7c6c6fc10cef0a9ae2724d8fac2498f7
date: Wed, 12 May 2021 07:11:36 GMT
last-modified: Wed, 12 May 2021 06:59:56 GMT
server: Akamai Image Manager
etag: 4817ecdf084081c27760bd742b2e586c-7c6c6fc10cef0a9ae2724d8fac2498f7-650
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5183311
access-control-allow-headers: x-newsapi-api-key
content-length: 58400
expires: Sun, 11 Jul 2021 07:00:07 GMT

GET
H2 200 FY21_Acq-Bob2-ROS-MASTER-MP-BOBImage-350x197-1.jpg
origin.go.heraldsun.com.au/wp-content/uploads/2021/04/ 16 KB
16 KB 31ms
10ms Image
image/jpeg 2a04:fa87:fffd::c000:42d0
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://origin.go.heraldsun.com.au/wp-content/uploads/2021/04/FY21_Acq-Bob2-ROS-MASTER-MP-BOBImage-350x197-1.jpg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:42d0 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 19353d2b4d79956569a1ac629398c8f6ec8275a06279d37b926738e500e39edb

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:35 GMT
x-rq: hhn2 109 84 443
last-modified: Wed, 07 Apr 2021 05:30:28 GMT
server: nginx
etag: "653ba8a087c7e3f3"
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 16040
expires: Thu, 07 Apr 2022 05:36:55 GMT

GET
H2 200 rea-logo-v4.png
s1.rui.au.reastatic.net/rui-static/img/ 8 KB
9 KB 37ms
8ms Image
image/png 2600:9000:2057:7400:1e:c291:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.rui.au.reastatic.net/rui-static/img/rea-logo-v4.png
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7400:1e:c291:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d1bcc188f481bacf1d9ab4df424b1e041f10f45c85183d38bd2c079f0566dbda

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 11:47:37 GMT
via: 1.1 94faae20b0f122c4555025f52a2fd745.cloudfront.net (CloudFront)
last-modified: Fri, 11 Aug 2017 05:25:43 GMT
server: AmazonS3
age: 6722638
etag: "7fb1763135890cdfa60dcb405cd51572"
x-cache: Hit from cloudfront
x-amz-version-id: itrxET0Vrz4We1UVf0nZMlYhOyBF2D8w
cache-control: max-age=20221025
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: image/png
content-length: 8533
x-amz-cf-id: l5P24EjSgjlAbl5Ao7PPreVleBjXuWycG7uL4RmGUxLsvanqIUSiXw==

GET
H2 200 title-arrow.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 540 B
859 B 85ms
32ms Image
image/svg+xml 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow.svg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=cadeda36c756ad14e35322721241c57b-1620803493
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:36 GMT
last-modified: Wed, 16 Sep 2020 23:56:43 GMT
server: AmazonS3
x-amz-request-id: 4R7K4V2MCP8N6R9R
etag: "4d7595f832e4962b83a9428c3723233b"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=463130
accept-ranges: bytes
content-length: 540
x-amz-id-2: yFp+J8podmJKYyKRfQ/R6sCdmNKmc7oSxu2WJJo8l7sTrFyLYOhTILB0ssSzjaQiADalzLa82Ug=
expires: Mon, 17 May 2021 15:50:26 GMT

GET
H2 200 charter_bold_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 12 KB
12 KB 109ms
46ms Font
binary/octet-stream 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold_italic.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=cadeda36c756ad14e35322721241c57b-1620803493
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:36 GMT
last-modified: Fri, 25 Sep 2020 03:04:51 GMT
server: AmazonS3
x-amz-request-id: EE3D21683166F96F
etag: "da48b0752549dabb4675d82412c9cd2d"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=559227
accept-ranges: bytes
content-length: 12440
x-amz-id-2: BGzA4H6MhiNFsVMRHnDid7w0RneCV9f+L69FdEMmbqtC5J6BXqShCVeo7uP6Jum7BVtWfb2VAeI=
expires: Tue, 18 May 2021 18:32:03 GMT

GET
H2 200 source-sans-pro-regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 16 KB
16 KB 87ms
24ms Font
binary/octet-stream 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-regular.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=cadeda36c756ad14e35322721241c57b-1620803493
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:36 GMT
last-modified: Tue, 01 Sep 2020 04:31:33 GMT
server: AmazonS3
x-amz-request-id: 34B4778288C88CAA
etag: "899c8f78ce650d4009d42443897aa723"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=84657
accept-ranges: bytes
content-length: 16112
x-amz-id-2: 0V9i/JC3jV0uO9z1+RHGizGZNe8ea4s0M3lvOab3o97ikLfxhLYoNjWrU3t9GbdAE8O37bCHHcA=
expires: Thu, 13 May 2021 06:42:33 GMT

GET
H2 200 source-sans-pro-600.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 16 KB
16 KB 97ms
34ms Font
binary/octet-stream 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-600.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=cadeda36c756ad14e35322721241c57b-1620803493
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:36 GMT
last-modified: Tue, 22 Sep 2020 06:30:09 GMT
server: AmazonS3
x-amz-request-id: B9F079BFD69B8BC1
etag: "c85615b296302af51e683eecb5e371d4"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=240750
accept-ranges: bytes
content-length: 15948
x-amz-id-2: DPCyCCKT0juTREQMOkBTQL82bK8sJ1cHlMUrULDEc9V9ZluCRM4RuSFSdOhDVMhG9DNYyK1s4MM=
expires: Sat, 15 May 2021 02:04:06 GMT

GET
H2 200 charter_bold.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 11 KB
12 KB 97ms
34ms Font
binary/octet-stream 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=cadeda36c756ad14e35322721241c57b-1620803493
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:36 GMT
last-modified: Fri, 25 Sep 2020 03:04:51 GMT
server: AmazonS3
x-amz-request-id: 03A09A05F9B00284
etag: "c4ced7adf03d84494a6c1da275896d38"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=156458
accept-ranges: bytes
content-length: 11472
x-amz-id-2: 7SgQOtE5DXd+yw+muGSpBKQgUFNdC0N34VLuVoyrpGsNX+GQQMChOOxitD5N1YsghRlU3RgeUFw=
expires: Fri, 14 May 2021 02:39:14 GMT

GET
H/1.1 200
OK games.svg
news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/ 4 KB
5 KB 1132ms
287ms Image
image/svg+xml 52.95.132.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/games.svg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.238 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: e04775740ec8b9db7622970f707a9bf458ebb5385fc1d6a414312447f8e71ab7

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 07:11:38 GMT
Last-Modified: Thu, 05 Nov 2020 03:40:33 GMT
Server: AmazonS3
x-amz-request-id: AQNFVQG7YDCD04TN
ETag: "2fa79b1c302fa407df95b287a47e01bc"
Content-Type: image/svg+xml
x-amz-version-id: mY_fhaFXa9wAEjGJ51huxNeB77eQfnyv
Accept-Ranges: bytes
Content-Length: 4533
x-amz-id-2: QS4W4Cv/wk0/ZynlvlpJ0ltwQQtgVIcFD6ij/MTlm6R6VP11tIRKJEKwgJ7FaQtY9pGCg2ROOFc=

GET
H/1.1 200
OK horoscopes.svg
news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/ 9 KB
9 KB 1155ms
298ms Image
image/svg+xml 52.95.132.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/horoscopes.svg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.238 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 627f624619aff030ba3563ff816f50a9183c8875698ef101ae4da41346ea3b18

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 07:11:38 GMT
Last-Modified: Thu, 05 Nov 2020 03:40:33 GMT
Server: AmazonS3
x-amz-request-id: AQN60M3G3D2R0TA4
ETag: "e9dc4230a2305a0cb7743e2ade763349"
Content-Type: image/svg+xml
x-amz-version-id: NaxMYGcYiBqyljIpDSJQNqEzm8yfC62_
Accept-Ranges: bytes
Content-Length: 9223
x-amz-id-2: tVj5E62UGKc9hX+0lAMSlweKTpj1ZOJ7pWEBQmld9UdDNPDj8EL5zutCj6OwFrwAc/Szg10KZ4g=

GET
H/1.1 200
OK NCHRS_thumb.jpg
s3-ap-southeast-2.amazonaws.com/t3-resources/prod/publications/smedia/NEWSCORPTITLES/ 23 KB
24 KB 1152ms
294ms Image
image/jpeg 52.95.129.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-ap-southeast-2.amazonaws.com/t3-resources/prod/publications/smedia/NEWSCORPTITLES/NCHRS_thumb.jpg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.129.39 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5b2f2fcf0ac38b6a43bbe5b2178b91430f634a859a28d634699eab95d80b93d8

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 07:11:38 GMT
Last-Modified: Tue, 11 May 2021 16:50:24 GMT
Server: AmazonS3
x-amz-request-id: AQN2CHE7RQ67FZYB
ETag: "679730cf61e5129b6437876fe1b0c9c6"
Content-Type: image/jpeg
x-amz-version-id: V_TlK3XV4Nc8wbm9RFZ79__hFLz71_Nm
Accept-Ranges: bytes
Content-Length: 23869
x-amz-id-2: Pd5rcu4N7qEYATw8XdfgNCgxIq2W4CyAK+uNIjZjd1o7eBpGK0aGgiFmel3fCj9tRVr22tRvSbE=

GET
H2 200 heraldsun-white.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 8 KB
3 KB 37ms
36ms Image
image/svg+xml 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun-white.svg

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path: /wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun-white.svg
pragma: no-cache
cookie: n_regis=123456789; AWSALB=T2g/BYfIC28uPf7pAUM6KMF0+PU7CQdpjP3/nDShse8CQcG020GJ7Zvqo/0XCsc84VpmIWfOWzRMID3z+9JJ15os/uAFfWziDecPwl4axycX3iq4rVKahMsvpotv; nk=cadeda36c756ad14e35322721241c57b; AWSALBCORS=T2g/BYfIC28uPf7pAUM6KMF0+PU7CQdpjP3/nDShse8CQcG020GJ7Zvqo/0XCsc84VpmIWfOWzRMID3z+9JJ15os/uAFfWziDecPwl4axycX3iq4rVKahMsvpotv
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.heraldsun.com.au
referer: https://www.heraldsun.com.au/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:36 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 2891
x-rq: ewr4 113 245 3165
last-modified: Tue, 02 Feb 2021 00:35:25 GMT
server: nginx
etag: W/"60189e4d-1e5e"
vary: User-Agent
content-type: image/svg+xml
cache-control: max-age=2208393
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Sun, 06 Jun 2021 20:38:09 GMT

GET
H2 200 js-critical-desktop.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 5 KB
2 KB 151ms
150ms Script
application/javascript 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

c90eae5c92821e1331128c9346a7665710813be0bad539e27f94720fcadd970e

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path: /wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
pragma: no-cache
cookie: n_regis=123456789; AWSALB=T2g/BYfIC28uPf7pAUM6KMF0+PU7CQdpjP3/nDShse8CQcG020GJ7Zvqo/0XCsc84VpmIWfOWzRMID3z+9JJ15os/uAFfWziDecPwl4axycX3iq4rVKahMsvpotv; nk=cadeda36c756ad14e35322721241c57b; AWSALBCORS=T2g/BYfIC28uPf7pAUM6KMF0+PU7CQdpjP3/nDShse8CQcG020GJ7Zvqo/0XCsc84VpmIWfOWzRMID3z+9JJ15os/uAFfWziDecPwl4axycX3iq4rVKahMsvpotv
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.heraldsun.com.au
referer: https://www.heraldsun.com.au/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:36 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 1908
x-rq: ewr4 113 43 3243
last-modified: Thu, 06 May 2021 04:43:50 GMT
server: nginx
etag: W/"60937406-1248"
vary: User-Agent
content-type: application/javascript
cache-control: max-age=1
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Wed, 12 May 2021 07:11:37 GMT

GET
H2 200 title-arrow-white.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 535 B
855 B 27ms
26ms Image
image/svg+xml 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow-white.svg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=cadeda36c756ad14e35322721241c57b-1620803493
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:36 GMT
last-modified: Thu, 17 Sep 2020 00:28:25 GMT
server: AmazonS3
x-amz-request-id: BX6X5G9GEK1G9M4M
etag: "b0f5ec7455ded53e84de4fee006a5110"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=361330
accept-ranges: bytes
content-length: 535
x-amz-id-2: DaJA+c3KcMZ/NSCnfYFtodFhl20AOf2rAAm9dMwdtqM4FPtgkxYVKxyt+50eW/YJb1+mPpYz97g=
expires: Sun, 16 May 2021 11:33:46 GMT

GET
H2 200 charter_regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 11 KB
11 KB 27ms
26ms Font
binary/octet-stream 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_regular.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=cadeda36c756ad14e35322721241c57b-1620803493
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:36 GMT
last-modified: Fri, 25 Sep 2020 03:04:51 GMT
server: AmazonS3
x-amz-request-id: 4N2W2Y6HDY8Z3Q2W
etag: "29e85ea235248e0a7761df4fe6643e1a"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=287215
accept-ranges: bytes
content-length: 11372
x-amz-id-2: Z1HhaEEhR+4SW45rFV+SZJ/QiklrgDUhrbvWmFxzzpa1Kifm2MvbbI9Ateo09sYRHNLYlfgsmGM=
expires: Sat, 15 May 2021 14:58:31 GMT

GET
H2 200 load.js Show response
widget.perfectmarket.com/newscorpau-aud-heraldsun/ 3 KB
2 KB 351ms
303ms Script
application/javascript 151.101.13.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/newscorpau-aud-heraldsun/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c6b30be9e2ecab19294bbf313c1b95df4ef35c8299bbabfd6e4ec67d95a12376

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 7clDTlv1b9nqXkJZmi.ciVRIswky16L3
content-encoding: gzip
etag: "1a868d280f9424f5d82876d6cf0c46b9"
age: 136
x-cache: HIT, MISS
content-length: 1123
x-amz-id-2: Fm+Nrvt3JluGkbFmtcEODrQpFAmBy5zm+BVMX/WEBd+rb/jVUnueOgESrKMzKMfvikwMxh6ZR/I=
x-served-by: cache-lax10622-LGB, cache-fra19125-FRA
last-modified: Tue, 07 Apr 2020 10:39:09 GMT
server: AmazonS3
x-timer: S1620803496.245271,VS0,VE282
date: Wed, 12 May 2021 07:11:36 GMT
vary: Accept-Encoding,,
x-amz-request-id: V2D7V30MEKZ2Z8DM
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 0

GET
H2 200 impl.20210506-7-RELEASE.js Show response
cdn.taboola.com/libtrc/ 483 KB
111 KB 22ms
22ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210506-7-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 8add9975d90befa00fd949bddf38c8fbde9e000837058684bd26366e71b3ddfb

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 41boWY3bJBMsg5YZKthz6VWW_ra1A1Nu
content-encoding: br
etag: "6d4c8a6b6f8d35505c6e01c7fb07f642"
age: 23632
x-cache: HIT
content-length: 113273
x-amz-id-2: GGarzP9HAhys+mMuf3xwncpaqKJ1Z9IIJXtkA4pVY0E3aprzmp496+ELBnRPwJ55krbxqNYlNF8=
x-served-by: cache-fra19136-FRA
last-modified: Thu, 06 May 2021 08:25:51 GMT
server: AmazonS3-br
x-timer: S1620803496.198281,VS0,VE0
date: Wed, 12 May 2021 07:11:36 GMT
vary: Accept-Encoding
x-amz-request-id: S3X3TT536SHP7QTD
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 22
x-cache-hits: 30419

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 108ms
35ms Script
application/javascript 13.224.95.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-70.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:06:45 GMT
via: 1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 292
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: stvUORhMWO5Kls7ztCnDwUqRkhjYYd7fTL6Fsz_A1xNiM0dXNBqgkw==

GET
H2 200 rampart.js Show response
www.heraldsun.com.au/remote/identity/rampart/latest/ 269 KB
83 KB 167ms
166ms Script
application/x-javascript 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

203e6a61b58046221bbf6ade2ba5b3f050244ab0f76e87326bbcc1e9cde86862

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path: /remote/identity/rampart/latest/rampart.js
pragma: no-cache
cookie: n_regis=123456789; AWSALB=T2g/BYfIC28uPf7pAUM6KMF0+PU7CQdpjP3/nDShse8CQcG020GJ7Zvqo/0XCsc84VpmIWfOWzRMID3z+9JJ15os/uAFfWziDecPwl4axycX3iq4rVKahMsvpotv; nk=cadeda36c756ad14e35322721241c57b; AWSALBCORS=T2g/BYfIC28uPf7pAUM6KMF0+PU7CQdpjP3/nDShse8CQcG020GJ7Zvqo/0XCsc84VpmIWfOWzRMID3z+9JJ15os/uAFfWziDecPwl4axycX3iq4rVKahMsvpotv; lux_uid=162080349614505323
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.heraldsun.com.au
referer: https://www.heraldsun.com.au/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: AkamaiNetStorage
etag: "f70e66940635c830184a0ff078903701:1620021396.013982"
vary: User-Agent Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1425
date: Wed, 12 May 2021 07:11:36 GMT
is-https: true
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Wed, 12 May 2021 07:35:21 GMT

GET
H2 200 js-metro-desktop-lazy.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 47 KB
15 KB 144ms
143ms Script
application/javascript 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

919a09d45286a3828a624e7dae7c7ee6b964ba70339274d8e333c5aaaf9c9ec9

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path: /wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js
pragma: no-cache
cookie: n_regis=123456789; AWSALB=T2g/BYfIC28uPf7pAUM6KMF0+PU7CQdpjP3/nDShse8CQcG020GJ7Zvqo/0XCsc84VpmIWfOWzRMID3z+9JJ15os/uAFfWziDecPwl4axycX3iq4rVKahMsvpotv; nk=cadeda36c756ad14e35322721241c57b; AWSALBCORS=T2g/BYfIC28uPf7pAUM6KMF0+PU7CQdpjP3/nDShse8CQcG020GJ7Zvqo/0XCsc84VpmIWfOWzRMID3z+9JJ15os/uAFfWziDecPwl4axycX3iq4rVKahMsvpotv; lux_uid=162080349614505323
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.heraldsun.com.au
referer: https://www.heraldsun.com.au/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:36 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 14341
x-rq: ewr4 114 88 3279
last-modified: Mon, 19 Apr 2021 23:52:30 GMT
server: nginx
etag: W/"607e17be-bbb6"
vary: User-Agent
content-type: application/javascript
cache-control: max-age=1
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Wed, 12 May 2021 07:11:37 GMT

GET
H2 200 js-weather.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 6 KB
3 KB 309ms
309ms Script
application/javascript 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-weather.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

6d90199995b493e006d03ef62d624e59120a272ed586ff1496bd7a5c38ccb3fe

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path: /wp-content/themes/newscorpau-news-dna/dist/javascripts/js-weather.js
pragma: no-cache
cookie: n_regis=123456789; AWSALB=T2g/BYfIC28uPf7pAUM6KMF0+PU7CQdpjP3/nDShse8CQcG020GJ7Zvqo/0XCsc84VpmIWfOWzRMID3z+9JJ15os/uAFfWziDecPwl4axycX3iq4rVKahMsvpotv; nk=cadeda36c756ad14e35322721241c57b; AWSALBCORS=T2g/BYfIC28uPf7pAUM6KMF0+PU7CQdpjP3/nDShse8CQcG020GJ7Zvqo/0XCsc84VpmIWfOWzRMID3z+9JJ15os/uAFfWziDecPwl4axycX3iq4rVKahMsvpotv; lux_uid=162080349614505323
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.heraldsun.com.au
referer: https://www.heraldsun.com.au/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:36 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 1987
x-rq: ewr4 119 71 3093
last-modified: Tue, 13 Apr 2021 00:42:15 GMT
server: nginx
etag: W/"6074e8e7-182d"
vary: User-Agent
content-type: application/javascript
cache-control: max-age=1
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Wed, 12 May 2021 07:11:37 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.6.3/css/ 52 KB
13 KB 19ms
19ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:36 GMT
content-encoding: gzip
last-modified: Thu, 20 Dec 2018 17:45:13 GMT
server: NetDNA-cache/2.2
etag: W/"dc93d584e41f8417f6b7163320d34329"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 json Show response
trc.taboola.com/newscorpau-aud-heraldsun/trc/3/ 3 KB
2 KB 168ms
166ms XHR
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/newscorpau-aud-heraldsun/trc/3/json?tim=09%3A11%3A36.322&lti=deflated&data=%7B%22id%22%3A854%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1620315297435%2C%22vi%22%3A1620803496285%2C%22cv%22%3A%2220210506-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A10668%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-midrail-native%3Aabp%3D0%22%2C%22uip%22%3A%22Desktop%20Mid%20Rail%20Home%20Native%22%2C%22orig_uip%22%3A%22Desktop%20Mid%20Rail%20Home%20Native%22%2C%22cd%22%3A1564.5%2C%22mw%22%3A194%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210506-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9226d4356a634847c237e53ada616a91563fb53b8d91898fb01ee7c71783d1d0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 144
date: Wed, 12 May 2021 07:11:36 GMT
content-encoding: gzip
server: nginx
x-timer: S1620803496.333309,VS0,VE144
x-served-by: cache-fra19136-FRA
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.heraldsun.com.au
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1620803496344&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=ht...
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1620803496344&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=h...

64 B
330 B

46ms
46ms

Image
image/gif

13.224.95.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1620803496344&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9=
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-70.zrh50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:36 GMT
via: 1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: H-TzIoauOhjwlQmGDiL_MboasQEoP92TFiz0FkspTHX3ZuFuYhziDQ==

Redirect headers

date: Wed, 12 May 2021 07:11:36 GMT
via: 1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1620803496344&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9=
content-length: 259
x-amz-cf-id: p1_yJKQCA-0plkhP10B2etSG749ca5vT_5tVHMWfx8J47y7jf3bx4A==

GET
H2 200 comments-count Show response
mhr.talk.news.com.au/api/v1/ 1 KB
1 KB 1313ms
1233ms Fetch
application/json 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mhr.talk.news.com.au/api/v1/comments-count?ids=ec47be68aacb29240eeebbc4b908773b,f08e6d229bd661067cc0839d7249c87e,de6fbe375cfd97fb460c555e4cd1f40f,fb7d8af530080427475335f7614669e0,f3165303b75756b9b6f09987322b7782,f31fb2e2e77e0869ee47ddfc6ab9c526,2a8212ea35999e2e62bdcbc39afd3558,0a283cf278ea8e2ed92dab7d32010a8b,0e07784cad1abe4b41c1f2f69e7fc425,68e08eb448f65faa771076f6d0899f46,46aff559f080dbeabad699edc83c340b,72d79394a4bf2b2498f389fff5618441,5e5af42512f628e39f107904e8345961,c5fb8f5bf7cfd7fa3330292d3b9b00d6,89132435c4a579be39f4a17bbf8fa40b,22cc25d4c87116ab7216f61d3853157c,54aea9a403c48f58470210c1d497768e,86edaef558d28aeb547a28a582f0679e,e6c9bc004dcc4902682fca2dfdb8a612,065805e456bb20a3f15ecfcc64bd1b45,5aa6614d8ca60914394ca6d46f8f1522,15a3c524a7b74e5d0fc5bb0fe3c6a606,c5fb8f5bf7cfd7fa3330292d3b9b00d6,fa26cc0071ec5b0a9f55c50b94d42c9d,3dc6951c23625c721ba18950d9e51353,860c3ffcc50e2f5d2f8bf0008ebe456f,8ee2d05284b64a5c574da7c547c4f0bf,658ca8e573ab9226c7454058c5dc2ebc,5af8ac5f05d9546f937afe3408b3aec2,4f25c70812dbe94d5df70b554ab939e1,ab238e1ceffc8cf28e00ff39b0efb324,7984111f8ff066e76801c7b5df5dd2a6,77dad7e1d0111573bb84a60d09183fdc,e6567a31389ae104c2374b8b4dca827d,35bd87aa7fa79756fb2ec5e598ef63ce,5096f870db75693fae9c65c2ee66a197,a7e5bf7ee40702d6a953a902b2c30960,7ff5a4bfd77f93f0b59ea7506e4f245a

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx/1.16.1 /

Resource Hash

f12c71c547a1e7c42b63d1cb8c5c22284a86eb44d1e63fe18656311f2804ba0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.16.1
etag: W/"570-N3z8D+h7yC9tpA4XYyuG8fynup0"
x-download-options: noopen
x-dns-prefetch-control: off
content-type: application/json; charset=utf-8
access-control-allow-origin: *
date: Wed, 12 May 2021 07:11:37 GMT
x-talk-trace-id: 4ab265c0-b2f1-11eb-b55b-957322eae73c
vary: Accept-Encoding
content-length: 794
x-xss-protection: 1; mode=block

GET
H2 200 9cd718688ea3eea89d98f06abcc67744
content.api.news/v3/images/bin/ 10 KB
11 KB 52ms
51ms Image
image/webp 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/9cd718688ea3eea89d98f06abcc67744?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 88d8195bc544f718e4dd7714178dcdf22fade25c9b9ab39931da25ca68be9835

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag: 9cd718688ea3eea89d98f06abcc67744
date: Wed, 12 May 2021 07:11:36 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 2e11567df15beb54aae8dca4d7c30a36-9cd718688ea3eea89d98f06abcc67744-150
x-serial: 2025
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5179493
last-modified: Wed, 12 May 2021 05:57:42 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 10610
expires: Sun, 11 Jul 2021 05:56:29 GMT

GET
H2 200 e55a59bb2436e404da0578199afd3769
content.api.news/v3/images/bin/ 6 KB
7 KB 56ms
56ms Image
image/webp 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/e55a59bb2436e404da0578199afd3769?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 20c8fbf2079f97df7a525f83bf8e0ce70a2fe15d5eff77cbfc77d0c118cc9eee

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag: e55a59bb2436e404da0578199afd3769
date: Wed, 12 May 2021 07:11:36 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 53b98ed63696015825dfe952c6cded55-e55a59bb2436e404da0578199afd3769-150
x-serial: 762
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5179787
last-modified: Wed, 12 May 2021 06:00:53 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 6356
expires: Sun, 11 Jul 2021 06:01:23 GMT

GET
H2 200 081ff06b29183914c9890a0911ad1f8d
content.api.news/v3/images/bin/ 4 KB
5 KB 62ms
61ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/081ff06b29183914c9890a0911ad1f8d?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: d89cae39e3494214df2bb6ad32c4a9d8db99fbb2bd8b3b47a6668e0298a52b7d

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag: 081ff06b29183914c9890a0911ad1f8d
date: Wed, 12 May 2021 07:11:36 GMT
last-modified: Wed, 12 May 2021 04:27:43 GMT
server: Akamai Image Manager
etag: 27004fa6a23f04a7c31b73db9054a4b2-081ff06b29183914c9890a0911ad1f8d-150
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5174154
access-control-allow-headers: x-newsapi-api-key
content-length: 4404
expires: Sun, 11 Jul 2021 04:27:30 GMT

GET
H2 200 authorize Show response
login.newscorpaustralia.com/ Frame C24E 2 KB
3 KB 573ms
498ms Document
text/html 104.111.230.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=ogdP8dbzbS.JIY_jZ3EZMhfpTrnsUI_w&nonce=NuPlDcb8GtVECjXr-bARJE5gpebHamHn&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNi4wIn0%3D

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.230.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-230-77.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

70388ac2332eff6268b2ac7fd191a8adbff652aa469728de9baa38e4fa279d58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: login.newscorpaustralia.com
:scheme: https
:path: /authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=ogdP8dbzbS.JIY_jZ3EZMhfpTrnsUI_w&nonce=NuPlDcb8GtVECjXr-bARJE5gpebHamHn&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNi4wIn0%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

content-type: text/html;charset=UTF-8
cf-ray: 64e1d57d9e396244-OTP
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
cf-request-id: 0a0103c28200006244cdba4000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id: 64e1d57d9e396244
ot-tracer-sampled: true
ot-tracer-spanid: 00e377f2088403cb
ot-tracer-traceid: 15768a7e126b1b13
x-auth0-requestid: 2a069ddeb2e82a5f453b
x-content-type-options: nosniff
x-ratelimit-limit: 1000
x-ratelimit-remaining: 999
x-ratelimit-reset: 1620803497
server: cloudflare
content-encoding: gzip
x-akamai-transformed: 9 567 0 pmb=mTOE,3
expires: Wed, 12 May 2021 07:11:37 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 12 May 2021 07:11:37 GMT
content-length: 845
vary: Accept-Encoding
set-cookie: did=s%3Av0%3A4a4a7c30-b2f1-11eb-91bf-cb69bc7c0be4.vXK3k3OdJksh9xSF0PDq7v%2BL8qXq8zWci8rS9M4nqY0; Max-Age=31557600; Path=/; Expires=Thu, 12 May 2022 13:11:36 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A4a4a7c30-b2f1-11eb-91bf-cb69bc7c0be4.vXK3k3OdJksh9xSF0PDq7v%2BL8qXq8zWci8rS9M4nqY0; Max-Age=31557600; Path=/; Expires=Thu, 12 May 2022 13:11:36 GMT; HttpOnly; Secure ak_bmsc=C15487E3AE3CC24555DA29DD1F0072C40210BB8C80690000A97F9B60F0921B57~pldZEuHN1LA3OKAEYbzUTz9x1YDBx7BKY2GOxMiWrRmSEtStxrUHhlR17FeCzqQ/5GspLGa4IKRLiklmkYtk1MLKOtVLkeR9q1XmHRp0jlR65FwXM3rK7TXvTEWapKJm8iWlLZ7Nbsr33vdfgnSKovlXUQd6/gnP7jVd8uTv2wwDEoPKd3OmP83UpZiRmZF+QAU0a/3TOTs1SKq+FXSl/H8FCoea3YUjPmP06X7a/gCpDJO9tvlCLjNHkLxzrPkui8; expires=Wed, 12 May 2021 09:11:37 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=89A761A213C082A42BD7D5E0AE2F3D39~Lscu6moI2yP4SEkles+bKQBCnMLp17DpBBMFA+4tk7vIUA/e3cs0ibzakHJvoXVwFVsjaLfyJPC6Wwc109UPbNPqKsnQXmlLvMusmlDoCXfgc6BguQVgGGrr4P8gcD2uEponPE2UYLNfE2NTh5nEs9lYsgPY1iiD/WsFgcD3VZ1/LyM81LZkJTEMIlEKvuucgTQwYHEsrgmUSkMnifRuDmc3Knx8MjYqLrAtkWWQ4EejVvIk/9maQNhn9i17Xk5A; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=CCB19E4045131F0A0B7FC03162F39233~YAAQjLsQAqFTkzh5AQAAKKxqXwsQSoNS9MQAUIfW9OYogcxb/4y8/40uX+0yfzTA/r6aD+UIkGIomRyb8jD+AhB9tf9L0ZCMQcA6c4OOWG7SV3WNq4feOuYIp0ylaMwf9YBsvs088NFnT7EzN3h+gKX2Q76FOMJOzR1+r+RFjTen06RnbhBpMXNTrAAKOuj4glah+SMqt+zBBi0=; Domain=.newscorpaustralia.com; Path=/; Expires=Wed, 12 May 2021 11:11:36 GMT; Max-Age=14399; HttpOnly _abck=ED2E0BBA9346830E8E479F740CDABF16~-1~YAAQjLsQAqJTkzh5AQAAKKxqXwUoXWAKc5J732IgmcYqoIlKgLNnCxgc7D58VxblHAsmWAOWHQP73OH9rWxbOPykDTofLZnj76iEHGOeoyjQmkN4AnmjvaBslTsHb8RK8hLVVFeNWK24v3c94dLhva4yt2sbPXdEH0XN0/K/KY8clUM0D5HRwxZFFuETZbCxPEXLVmLhc6s/Pclq6Fe1NNab8XdSAiZXARKmb2DBTJz5gyQVOO2mIxKuo33qWKm5NDoKsfqOvX60O4HXwwzQMncvdjkUVzbSdsHDUdFAP4G5cndyZtynAblhb5EO9E3djFVkONaxOJu9fNsftZS+7INR9icsxUrb6M7cvegom3SkT96ooe0omdOIdCY6HlHKru+Ch4Z5bg==~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Thu, 12 May 2022 07:11:37 GMT; Max-Age=31536000; Secure

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 3 KB
1 KB 67ms
22ms Script
application/x-javascript 104.109.77.38
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.sync.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.77.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-77-38.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4379b5695f319d7ad15e6c86346e9117f0b4f4a8d4bcbab18aa840fd9e6d900a

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:36 GMT
content-encoding: gzip
last-modified: Wed, 14 Apr 2021 03:49:38 GMT
server: AkamaiNetStorage
etag: "cd574ccc8294fe1328dbeab462c8cb3f:1618372178.026573"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 1234
expires: Wed, 12 May 2021 07:16:36 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 71 KB
19 KB 71ms
26ms Script
application/x-javascript 104.109.77.38
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.77.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-77-38.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: aeff34d9a1c253a230b7436d1f8798f9d4d096c0dd88ac2983997dce9ef88508

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:36 GMT
content-encoding: gzip
last-modified: Wed, 14 Apr 2021 03:49:39 GMT
server: AkamaiNetStorage
etag: "baf18b342a54172ca520ae382752ce1c:1618372179.176935"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 19094
expires: Wed, 12 May 2021 07:16:36 GMT

GET
H2 200 indies-loader.js Show response
ts2020-indies-client.web.app/ 7 KB
3 KB 74ms
20ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://ts2020-indies-client.web.app/indies-loader.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9c96c025f6aa0b8edff6538d533ddd012d17e860c8fa47140314e81886ce22e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
last-modified: Thu, 22 Apr 2021 01:47:05 GMT
x-timer: S1620803497.507603,VS0,VE0
etag: "5c2c9c77edcfefaf1619408144b41c5b44f64c00ae68f3981ff348f0dc03807f-br"
x-served-by: cache-ams21055-AMS
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Wed, 12 May 2021 07:11:36 GMT
accept-ranges: bytes
content-length: 2347
x-cache-hits: 2

GET
H2 200 js-c3po-bundle.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 155 KB
36 KB 137ms
136ms Script
application/javascript 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-c3po-bundle.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

da4c81ef1f258a59c89e07f6599b86b9716185e7d670448c7ecaa9efe733a439

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path: /wp-content/themes/newscorpau-news-dna/dist/javascripts/js-c3po-bundle.js
pragma: no-cache
cookie: n_regis=123456789; AWSALB=T2g/BYfIC28uPf7pAUM6KMF0+PU7CQdpjP3/nDShse8CQcG020GJ7Zvqo/0XCsc84VpmIWfOWzRMID3z+9JJ15os/uAFfWziDecPwl4axycX3iq4rVKahMsvpotv; nk=cadeda36c756ad14e35322721241c57b; AWSALBCORS=T2g/BYfIC28uPf7pAUM6KMF0+PU7CQdpjP3/nDShse8CQcG020GJ7Zvqo/0XCsc84VpmIWfOWzRMID3z+9JJ15os/uAFfWziDecPwl4axycX3iq4rVKahMsvpotv; lux_uid=162080349614505323; com.auth0.auth.ogdP8dbzbS.JIY_jZ3EZMhfpTrnsUI_w={%22nonce%22:%22NuPlDcb8GtVECjXr-bARJE5gpebHamHn%22%2C%22state%22:%22ogdP8dbzbS.JIY_jZ3EZMhfpTrnsUI_w%22}
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.heraldsun.com.au
referer: https://www.heraldsun.com.au/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:36 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 36438
x-rq: ewr4 113 203 3118
last-modified: Wed, 05 May 2021 01:33:23 GMT
server: nginx
etag: W/"6091f5e3-26ad0"
vary: User-Agent
content-type: application/javascript
cache-control: max-age=2
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Wed, 12 May 2021 07:11:38 GMT

GET
H2 200 js-vidora-client.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 7 KB
4 KB 223ms
222ms Script
application/javascript 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

5d630b02705945f83750220e2544986af8ae2699aa1a60cc543dc14f0214888d

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path: /wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js
pragma: no-cache
cookie: n_regis=123456789; AWSALB=T2g/BYfIC28uPf7pAUM6KMF0+PU7CQdpjP3/nDShse8CQcG020GJ7Zvqo/0XCsc84VpmIWfOWzRMID3z+9JJ15os/uAFfWziDecPwl4axycX3iq4rVKahMsvpotv; nk=cadeda36c756ad14e35322721241c57b; AWSALBCORS=T2g/BYfIC28uPf7pAUM6KMF0+PU7CQdpjP3/nDShse8CQcG020GJ7Zvqo/0XCsc84VpmIWfOWzRMID3z+9JJ15os/uAFfWziDecPwl4axycX3iq4rVKahMsvpotv; lux_uid=162080349614505323; com.auth0.auth.ogdP8dbzbS.JIY_jZ3EZMhfpTrnsUI_w={%22nonce%22:%22NuPlDcb8GtVECjXr-bARJE5gpebHamHn%22%2C%22state%22:%22ogdP8dbzbS.JIY_jZ3EZMhfpTrnsUI_w%22}
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.heraldsun.com.au
referer: https://www.heraldsun.com.au/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:36 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 2979
x-rq: ewr4 115 233 3223
last-modified: Wed, 05 May 2021 01:32:59 GMT
server: nginx
etag: W/"6091f5cb-1afd"
vary: User-Agent
content-type: application/javascript
cache-control: max-age=1
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Wed, 12 May 2021 07:11:37 GMT

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ 19 KB
6 KB 22ms
22ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210506-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f2f6d277e9a00330022be2b7ef4441ed84127e2359bfe7f7800c10f294e81917

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: scc9i0WjBcezJETEcKeKlmIHFeg5X8y4
content-encoding: gzip
etag: "559c107d74fc83d8062b2553a1818b07"
age: 8865
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5911
x-amz-id-2: oaWjtoybwXcf/v4WF3utsrEWOVBLZIrki4l6iAzPN8PIUxUS/oRUXtX5vCXEBwWMVIZpQj6Qwv0=
x-served-by: cache-fra19136-FRA
last-modified: Mon, 03 May 2021 12:43:43 GMT
server: AmazonS3
x-timer: S1620803497.502998,VS0,VE0
date: Wed, 12 May 2021 07:11:36 GMT
vary: Accept-Encoding
x-amz-request-id: 7QP61W5ZQ629Q8FB
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 22
x-cache-hits: 39367

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 2 KB
973 B 23ms
22ms Stylesheet
text/css 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210506-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 10qGt8O9hKdbB5IigEtXn8Bn._HPfO8j
content-encoding: gzip
etag: "10c372ee2c83a7fd12df18aebc5320c6"
age: 1355
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 719
x-amz-id-2: UmOOaCltTJva9V4gBfdf27Oy7jykaqbYXsCDo0A/soIFodQTYZAaWWoYstK76SsHg3hRgjqb/Fo=
x-served-by: cache-fra19136-FRA
last-modified: Tue, 06 Apr 2021 14:48:01 GMT
server: AmazonS3
x-timer: S1620803497.503159,VS0,VE0
date: Wed, 12 May 2021 07:11:36 GMT
vary: Accept-Encoding
x-amz-request-id: CR41745BE06MC588
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 22
x-cache-hits: 7741

GET
H2 200 tfa-eid.20210506-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 13 KB
5 KB 22ms
22ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tfa-eid.20210506-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 59587e68ed187fdfda4f5f89b3e97a64690a13463dfefc1141eaea03bebdc1eb

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: JeTFio8RB25hb0.b.oW6hIUHdtaChnl.
content-encoding: gzip
etag: "497313b7766db3c042e0e09e5eb6bd83"
age: 114
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4868
x-amz-id-2: GYRdj1Sp2cz303aXkKSo/uv/4uMVEsITbWYkKdFK2pVZLe8HMhiBcIEdRDIjwkqjL5Kq9ecGaxM=
x-served-by: cache-fra19136-FRA
last-modified: Thu, 06 May 2021 12:09:39 GMT
server: AmazonS3
x-timer: S1620803497.505153,VS0,VE0
date: Wed, 12 May 2021 07:11:36 GMT
vary: Accept-Encoding
x-amz-request-id: 4511WP7MAA3KHCYK
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 22
x-cache-hits: 417

GET
H2 200 sha256.20210506-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 6 KB
3 KB 23ms
23ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/sha256.20210506-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ee0a7fdd5b315817774fc9f3c302bb1470236e0e177fe8ef8334c2f6f75afc1d

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: VgwndrRwnm.4MEVGa4FKVyvAo_uRUKgE
content-encoding: gzip
etag: "9006e6d602ca140d7ed04ab61f41eaed"
age: 8
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2595
x-amz-id-2: lYOTLkivosfDLcV95+HDXPiN2hstDh6a2PZKnkiZmcM1lhmPYvG2zYtGmakSQq0ILnbrFcGlOow=
x-served-by: cache-fra19136-FRA
last-modified: Thu, 06 May 2021 12:09:48 GMT
server: AmazonS3
x-timer: S1620803497.505515,VS0,VE0
date: Wed, 12 May 2021 07:11:36 GMT
vary: Accept-Encoding
x-amz-request-id: PR11BT0MMZ24JW75
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 22
x-cache-hits: 31

GET
H2 200 distance-from-article.20210506-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 22ms
21ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20210506-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5fdc9cb116e3a6cb2363710075fbff64f49b72356d6130f60e39070501c571a7

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 5c1C6.P51BoSihLxM32pPReCHLPgRly0
content-encoding: gzip
etag: "5638fd0ca273cbfb111c199d788ff8d8"
age: 98
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1012
x-amz-id-2: KMK/G6KZ34Rr2bKs7blTOcuqInvNNzuteQxFXbO4uxjEeZV8NODPX+T69wEXLY7GOU+KUOsXY38=
x-served-by: cache-fra19136-FRA
last-modified: Thu, 06 May 2021 12:10:13 GMT
server: AmazonS3
x-timer: S1620803497.510833,VS0,VE0
date: Wed, 12 May 2021 07:11:36 GMT
vary: Accept-Encoding
x-amz-request-id: 0B76MZ1G17VX7Q2E
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 22
x-cache-hits: 58

GET
H2 200 article-detection.20210506-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 22ms
22ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20210506-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2d73e6fc5c61e17b7539da439f8a6903ffd613270b379c9a54a96124ce1b99c4

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: l58JSFNc50ci_4ePYBM_w15ppHgDe_5p
content-encoding: gzip
etag: "cd3b6cdbb2e3168ac2ba767a5f501dae"
age: 54
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 865
x-amz-id-2: bAZ3CNabD05V42sQIPPMJQVbefNHd/SBVwRF+GlqP+mhAgCnVfnoxN2m31WIp5wIygWpO5rhvRs=
x-served-by: cache-fra19136-FRA
last-modified: Thu, 06 May 2021 12:10:22 GMT
server: AmazonS3
x-timer: S1620803497.511069,VS0,VE0
date: Wed, 12 May 2021 07:11:36 GMT
vary: Accept-Encoding
x-amz-request-id: NHTCRVXPCTV3NXA0
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 22
x-cache-hits: 31

GET
H2 204 debug
trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/ 0
277 B 63ms
18ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/debug?tim=09%3A11%3A36.503&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbnails-midrail-native&id=2134&cv=20210506-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:36 GMT
server: nginx
x-fastly-to-nlb-rtt: 3990
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.41.22.181:10213

GET
H2 200 authorize Show response
login.newscorpaustralia.com/ Frame E99E 2 KB
3 KB 1451ms
1450ms Document
text/html 104.111.230.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=uJRBan1bo1nfap9aDk9gKyDbq.c59AbS&nonce=jXMogxLtR0rvZQFI-KF51JGElj2oXwHA&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNi4wIn0%3D

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.230.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-230-77.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

18e7327d41d6ea58a4134c84551eee4573018d6b23814db33fcc5ba9aefcca11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: login.newscorpaustralia.com
:scheme: https
:path: /authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=uJRBan1bo1nfap9aDk9gKyDbq.c59AbS&nonce=jXMogxLtR0rvZQFI-KF51JGElj2oXwHA&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNi4wIn0%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

content-type: text/html;charset=UTF-8
cf-ray: 64e1d57d99ba6261-OTP
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
cf-request-id: 0a0103c28400006261e927a000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id: 64e1d57d99ba6261
ot-tracer-sampled: true
ot-tracer-spanid: 76a6333a7bec849a
ot-tracer-traceid: 5551c7dc417755e3
x-auth0-requestid: 58ee5e7fbd8c2f45deb7
x-content-type-options: nosniff
x-ratelimit-limit: 1000
x-ratelimit-remaining: 999
x-ratelimit-reset: 1620803498
server: cloudflare
content-encoding: gzip
x-akamai-transformed: 9 534 0 pmb=mTOE,3
expires: Wed, 12 May 2021 07:11:37 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 12 May 2021 07:11:37 GMT
content-length: 843
vary: Accept-Encoding
set-cookie: did=s%3Av0%3A4ad90090-b2f1-11eb-aaa8-7faa5498f85b.uD8hyIc%2FlHJ18Ebd2XmWyTA6J6%2FKO1Jyz%2BgGGRG4C3Y; Max-Age=31557600; Path=/; Expires=Thu, 12 May 2022 13:11:37 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A4ad90090-b2f1-11eb-aaa8-7faa5498f85b.uD8hyIc%2FlHJ18Ebd2XmWyTA6J6%2FKO1Jyz%2BgGGRG4C3Y; Max-Age=31557600; Path=/; Expires=Thu, 12 May 2022 13:11:37 GMT; HttpOnly; Secure ak_bmsc=305CC9526EC579772E2D4C5FA2663E050210BB8C80690000A97F9B6067EE8230~pl0QVSIEx46gmGIWkh38iZwIuXhRiy1JscT2oWOcoXLPHDisaGrQ9VHxjKwX+wh+MTriFp8SLjWjdDZMEAbwz1IxUqecTMcdbUKgic3f8MmeL3bC1kzTstgyj2cpPbKzhxiKi7hvXnaYtAXNUH1K4E1CqLjEtPmIepYmjujQ9yfz1SkR2OLbTysd/vQcCp+Xwlqgf2VJUteNOzODgrl3z5dB+QsyAvHtSlJyx+vGhLsJdwNpUaujtjLNlDIcDdaqc7; expires=Wed, 12 May 2021 09:11:37 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=022D581963BBD31CD12DFB37731B0BCC~Lscu6moI2yP4SEkles+bKYK8fD7ph6Lc7IBKjEXAwns4jX+L2SJDJO+zVJZDb7Bb6WkZF8rAoBAB1G1RN4pOb1Xahliap6F5NllhkqWKUD8IbZ0kQpy8mY9HEYBICBtxA5HyVObD3MDUgt4Lr1rOEcmI9CXoevZAy0aN2Wn1d4DUgv74kipzTF4vmPjLhwxs2Tq4NdCtbYoWaDnGUner8mGyFzJN89/OdQKRgm1qr++fnNmZ5v2sS/mWrIJgWPtI; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=9598E26F4D2F419F18C211F3A36B3990~YAAQjLsQAqpTkzh5AQAA4a9qXwuELtZoqegmPrPYLsJ2DGYWygvcxH+OKZ7YOw3lZ2z/ysFSJfaunSQRnIZ3QfEseMWucpTCf0QC/7SfCddzBbKUNXwZBR8dvAn25U/mPNgDSYfgoxNImZ9KTR1I29bwRa1vY7h4UhR8uvgfVXaIM1qAb1sfB0bEKuaHV8NO9pOwONEOxlMmYig=; Domain=.newscorpaustralia.com; Path=/; Expires=Wed, 12 May 2021 11:11:36 GMT; Max-Age=14399; HttpOnly _abck=A7DC66A03C26419A1EE4DEEBCCF3EFAB~-1~YAAQjLsQAqtTkzh5AQAA4a9qXwWCD6Oiok9+bKSeMCI8ezbaqolx317Vk3YrMQ3FhwG08nFjKdh7Qbwd5AdFi3g/5LERmMe4m1BuaV2r0PmjS0g5SGXPZ3DQbHUba6UCh8J7HmagKGF9M1QYkpzfsJSibsQSNoIPrIIFi/uNgu/FiV1sU1sTk9tHvaYGzvEaZV739JsmayUENcIRZ2fgP/pFbvnF55wJ77z63rrLAk57HMJ/uPyMYWL7sr1tvzgZwv5W75F+E/8AQ6wUM3huTcYQLw4qcAGQHa9FNPY2t5vdUHQqjcZ7phyOR9YUYzUdy/nbTLvYwE8imH3Mj4GYvG6iX0Lt+hQdCnBP92gJiKO1q/FcH7vBcUX2tdKpJe2xPVOvlETqGw==~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Thu, 12 May 2022 07:11:37 GMT; Max-Age=31536000; Secure

GET
H2 200 authorize Show response
login.newscorpaustralia.com/ Frame 02DE 2 KB
3 KB 470ms
470ms Document
text/html 104.111.230.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=7HEVIvsL6DwQe054L1MHV~UJX~xUsB7r&nonce=OlFk8toDLvF29E1dAuetgNKfNHveR2gM&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNi4wIn0%3D

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.230.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-230-77.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

5e828421e3580ceb86fd1d4181550cecc2e82c9cbc203db8e4dbdd92fff0d387

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: login.newscorpaustralia.com
:scheme: https
:path: /authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=7HEVIvsL6DwQe054L1MHV~UJX~xUsB7r&nonce=OlFk8toDLvF29E1dAuetgNKfNHveR2gM&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNi4wIn0%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

content-type: text/html;charset=UTF-8
cf-ray: 64e1d57d9f1d625f-OTP
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
cf-request-id: 0a0103c2800000625ff808d000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id: 64e1d57d9f1d625f
ot-tracer-sampled: true
ot-tracer-spanid: 33fd78b32764de5d
ot-tracer-traceid: 504a853b3a0f5c6d
x-auth0-requestid: 4ec79fec5ffea724d00a
x-content-type-options: nosniff
x-ratelimit-limit: 1000
x-ratelimit-remaining: 998
x-ratelimit-reset: 1620803497
server: cloudflare
content-encoding: gzip
x-akamai-transformed: 9 540 0 pmb=mTOE,3
expires: Wed, 12 May 2021 07:11:36 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 12 May 2021 07:11:36 GMT
content-length: 849
vary: Accept-Encoding
set-cookie: did=s%3Av0%3A4a46f9c0-b2f1-11eb-be11-e935b78bc34c.O0%2BloqA6ZO%2BBU4kjKecQlaYeXrIZdGQwoDvpYoT6XKU; Max-Age=31557600; Path=/; Expires=Thu, 12 May 2022 13:11:36 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A4a46f9c0-b2f1-11eb-be11-e935b78bc34c.O0%2BloqA6ZO%2BBU4kjKecQlaYeXrIZdGQwoDvpYoT6XKU; Max-Age=31557600; Path=/; Expires=Thu, 12 May 2022 13:11:36 GMT; HttpOnly; Secure ak_bmsc=A0A599E635BB6B83A1B60DD1C095B01C0210BB8C80690000A87F9B60A63D9D30~plbyi+/8HbfjI5tPYTwdMQnTmN/VcwWSmEDd7ciiPOS2tXv/ExKPLPvpvmUlpWOfdBrjSB33vxEKz8O+IIzsNVPa4opqDWoveTxyMb/owqrrQ4w9dGVxS8pazjGtS+ihlOWmbolYFYorpZmdfUaEUiQ4nSt0qhti9akDzjcVew2wZfLWBmhMnn7VLGEmNDlc/+9j1+x+3x2pzUXgVMYmvFO+Mk7ACw9efgHiLOS5KTCZJ4z2AQdCEcSezD199Llv3s; expires=Wed, 12 May 2021 09:11:36 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=2D4B6438A9026D19D2BF5881B0E17C6E~Lscu6moI2yP4SEkles+bKXqULiBgaafZtHK8wytX2rnf3eaJxi7pxroqc6VP1yZQEuBjMLB1zswuealUmEFayAPVXmVz05gWQjpJBfj0LMTBsEpcAaPeQTbLfEiHDdzpsaEWrIadUc9EogWQ8CFLnuqRVMbSWv5bmqcCHtwlpLSo2fEH+fOo966XvLlrOkBIHyZKR9iNI2KgexjWsUs4jQMD15hHfVm0NwzttcM5oAG7j0lWBmQlLxkFUUVIEDfH; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=BBA6D9BA7D40D4626E7EC65D51F7779A~YAAQjLsQAp9Tkzh5AQAAFaxqXwt4UcDd7LLAN5nvLVOKWkNK+E+obBHtJ427fZZVWDzYJUEW8OKkGT+Iv9ZClprpqg3xq34xYGbdlRgx/0boh7Q43xDG/gDaKy3xduILbDSjo9T7J0ak6TuVP9OHtcblhN3YC94CuwjiOKjU9zaUDpSUvfROBTMcsoAlDJCU4rsE1/Zqp8begaU=; Domain=.newscorpaustralia.com; Path=/; Expires=Wed, 12 May 2021 11:11:36 GMT; Max-Age=14400; HttpOnly _abck=1BC0DC9C4E8B2D0A5B27483E9FC48D77~-1~YAAQjLsQAqBTkzh5AQAAFaxqXwXHppVcueukFVmVkjAxiZvwgg6Uh5EkXpW2esdl6QcwAvoHL+UI6dH8ZLSr6zNCOPhZ1YZTYYRExjxsnLmJPwQ8az/xS5jRohx+Ilhe8s2m6AFRv72Kj6/QHM+XqmsTA8/KHdQXp/Bbh0yc3iE9G0x2kv1PJHDRSq5oRNEcQUu6FDSMR2j2+eF7WOSR2zMMS0VQlKuHmpC3jGmG8tMyDOpUbHcKOCBlQfXpF6J7qtJwRUpiFNMIkeCZGs2lvSFg5NyNUVZAJUxj31myEeo77M07h1vOUP+3NXKxtJS5wwfI9h96DILef+JcSUUiBbtB0dT5GgNldVumMLZi6uUuOD4MvxDZAl//3uqh3hzO+TNKv+YFuw==~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Thu, 12 May 2022 07:11:36 GMT; Max-Age=31536000; Secure

GET
H2 204 supply-feature
trc.taboola.com/newscorpau-aud-heraldsun/log/3/ 0
314 B 83ms
82ms Image
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/newscorpau-aud-heraldsun/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=d745fb6ff0abb654bb1cca0b7e30e879&sd=v2_82dc2a61b522fe42f9d7eb11b55f0a91_bee2bc59-7cee-4e0d-b107-5aa5de5f0f1c-tuct7950528_1620803496_1620803496_CIi3jgYQgPNHGN3SqvuVLyABKAEwFjjqxgdA4IYQSP7m2QNQ____________AVgAYABosa_ptcr9986tAQ&ui=bee2bc59-7cee-4e0d-b107-5aa5de5f0f1c-tuct7950528&pi=/&wi=873729681997272865&pt=home&vi=1620803496285&d=%7B%22event_type%22%3A%22END_OF_ARTICLE_MEASUREMENT%22%2C%22event_state%22%3A%22REPORTED%22%2C%22event_value%22%3A%22%7B%5C%22distance%5C%22%3A1144.5%2C%5C%22articleClasses%5C%22%3A%5C%22site-content%5C%22%2C%5C%22articleTag%5C%22%3A%5C%22SECTION%5C%22%2C%5C%22threshold%5C%22%3A%5C%22246%5C%22%7D%22%7D&tim=09%3A11%3A36.545&id=9863&llvl=1&cv=20210506-7-RELEASE&
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 61
pragma: no-cache
date: Wed, 12 May 2021 07:11:36 GMT
via: 1.1 varnish
server: nginx
x-timer: S1620803497.552615,VS0,VE61
x-served-by: cache-fra19136-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 utrack.js Show response
tags.news.com.au/prod/utrack/ 2 KB
1 KB 35ms
35ms Script
application/x-javascript 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/utrack/utrack.js?cb=16208034965500.5455048190087932
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 025a5d71ab0df0454be8a58f5f2e8af19545da2d24fac6fc318f6ab6db26ad40

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:36 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "ab4f3fe7c5c43b61d4377ef72d3952fa:1558613430"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=0, no-cache, no-store
content-type: application/x-javascript
content-length: 831
expires: Wed, 12 May 2021 07:11:36 GMT

GET
H2 200 mitas.js Show response
tags.news.com.au/prod/mitas/ 666 B
905 B 33ms
33ms Script
application/x-javascript 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/mitas/mitas.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:36 GMT
cache-control: max-age=24934
server: AkamaiNetStorage
content-type: application/x-javascript
etag: "83a2bbd4d3829f1d4278f4ff0988804c:1490850995"
content-length: 666
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"

GET
H2 200 B7670439;dcadv=4149947;sz=1x2;ord=594662972113.9536 Show response
ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/ 19 KB
8 KB 100ms
46ms Script
text/javascript 142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=594662972113.9536?

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

1e582affc78aced83a75e63769cc88004accab09cd2d7cbca2abe75b10629dd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7125
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 69 KB
23 KB 67ms
14ms Script
application/x-javascript 2600:9000:2127:4800:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:4800:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 59bf4920a322377c761eec2dba5b7de57b64267e82b0d3a7e9fafcfd4a954e34

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 16:56:45 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 00:06:15 GMT
server: nginx
age: 51290
etag: W/"60665ff7-11377"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: l2n7_V2__EF58C1_z2iv2gz0EWaKS5sbvYY1xHMOglVnqHMkmMwsQQ==
expires: Wed, 12 May 2021 16:56:45 GMT

GET
H2 200 metrics.js Show response
tags.news.com.au/prod/metrics/ 177 KB
61 KB 60ms
59ms Script
application/x-javascript 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/metrics/metrics.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: fb2cb737a3db9426e955b9ae803f952b73786fa129fbed049e59ef40fce288c9

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:36 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "b6f3fb4b5431948f6d38c971b9b271fe:1620103281.390794"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=20050
content-type: application/x-javascript

GET
H2 200 tad.js Show response
tags.news.com.au/prod/tad/ 99 KB
29 KB 46ms
44ms Script
application/x-javascript 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/tad/tad.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 1d7a0d33c9d6f9632f3d1602dd71f19c1cf41812a84df94948fbfdfac6733cc0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:36 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "15ea94e2df70c8acbb10e9aa0163256b:1620781641.942769"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=64568
content-type: application/x-javascript
content-length: 29576

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 62 KB
21 KB 85ms
30ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

fcbfa0bfa5bc18cbe33f268d50084e411d98744856e0c22ba9ab22996acbd595

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "869 / 821 of 1000 / last-modified: 1620770985"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21301
x-xss-protection: 0
expires: Wed, 12 May 2021 07:11:36 GMT

GET
H2 200 prebid.js Show response
tags.news.com.au/prod/prebid/ 382 KB
114 KB 74ms
73ms Script
application/x-javascript 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/prebid/prebid.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: efcd038fff3becbe148fefb893ed26081fd0d8e7293fcd49d470c13fcd522e02

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:36 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "fb921cb139744e2aabd21ff0559deaa9:1617770917.60892"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=20088
content-type: application/x-javascript

GET
H2 200 nielsen.js Show response
tags.news.com.au/prod/nielsen/ 30 KB
11 KB 38ms
37ms Script
application/x-javascript 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4e81f02c9a78bae8b3940218b2087759c48baf93e05933672a5535ccb5d032db

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:36 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "7e772c1b70087925ee362e752848b6cc:1620784536.145313"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=67494
content-type: application/x-javascript
content-length: 10484

GET
H2

200

v60.js Show response
cdn-gl.imrworldwide.com/
Redirect Chain

https://secure-gl.imrworldwide.com/v60.js
https://cdn-gl.imrworldwide.com/v60.js

21 KB
7 KB

19ms
17ms

Script
application/javascript

2600:9000:2190:d400:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/v60.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:d400:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 75481bc06d1b02e50fd1cc921a7838e3af6caa9b8c0745b50182ebf29f195e20

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 11 May 2021 22:28:59 GMT
content-encoding: gzip
last-modified: Mon, 12 Oct 2020 13:35:53 GMT
server: AmazonS3
age: 31358
etag: W/"cc7339d315e5ab16597dd66d153a0e7e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: .KrDWJ6YcsmnfI6j8sx8eWw9CjCealBE
via: 1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript
x-amz-cf-id: qjDbVyKk2FeQi9pNTm8bP4gAhPkCF6i6q5dXo3i1ImONhZ1TBYQqrw==

Redirect headers

date: Wed, 12 May 2021 07:11:36 GMT
via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
server: awselb/2.0
x-amz-cf-pop: ZRH50-C1
x-cache: Miss from cloudfront
content-type: text/html
location: https://cdn-gl.imrworldwide.com:443/v60.js
content-length: 134
x-amz-cf-id: cPq9qQzBPr6QPRJ5XKMkpqGP2z1P632LV0Z25pV9ZIHG6CvoMWYQFQ==

GET
H/1.1 200
OK ncg.js Show response
au.tags.newscgp.com/prod/ncg/ 155 KB
48 KB 154ms
49ms Script
text/javascript 65.9.97.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.97.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 89868194e8809928df37974211d2477ad0723d6aee71386fb438b3e939eb5bce

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 07:01:49 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 16 Dec 2020 00:19:19 GMT
Server: AmazonS3
Age: 644
ETag: W/"a0ed145148d17426a72696cecfa585ae"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
Transfer-Encoding: chunked
X-Amz-Cf-Pop: PRG50-C1
X-Amz-Cf-Id: p20leIY7OWveAyO4euzYNUqwz5h3Y-IAdztpUMtPYBqeTTXmTlHydA==

GET
H2 200 2988.js Show response
script.crazyegg.com/pages/scripts/0018/ 4 KB
2 KB 17ms
17ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0018/2988.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fd1737f4343dbfc7a9b915eaf41e30b6f114d254d7043d13b4faa370a36589c

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:36 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 28391
cf-polished: origSize=4157
ce-version: 11.1.292
cf-request-id: 0a0103c27f0000062995a99000000001
timing-allow-origin: *
last-modified: Tue, 11 May 2021 23:18:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
cf-ray: 64e1d57d9d740629-FRA
cf-bgj: minify

GET
H2 200 utag.985.js Show response
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 2 KB
1 KB 21ms
21ms Script
application/x-javascript 104.109.77.38
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.985.js?utv=ut4.46.201911200449
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.77.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-77-38.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d5ba954163b526260314b95b75779981e8bc6645c4b3a7bd40cede3ba2799c80

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:36 GMT
content-encoding: gzip
last-modified: Wed, 20 Nov 2019 04:49:47 GMT
server: AkamaiNetStorage
etag: "a2af0d00bb0e150c0e6e47d44b9436d7:1574225387.905732"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 900
expires: Thu, 27 May 2021 07:11:36 GMT

GET
H2 200 pmk-202003261.4.js Show response
widget.perfectmarket.com/newscorpau-aud-heraldsun/ 111 KB
30 KB 22ms
22ms Script
application/javascript 151.101.13.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/newscorpau-aud-heraldsun/pmk-202003261.4.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/newscorpau-aud-heraldsun/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f6f9b28ce46bc46d6dc12b7a3e09437e46b159144cf7ea835cfd4702cad05ad8

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: vvUnpxiCp2d1vGKAsSzC893juA9_vk_J
content-encoding: gzip
etag: "b7fcedf037c57085d364b689ca46f32e"
age: 1109266
x-cache: HIT, HIT
content-length: 30954
x-amz-id-2: GKYbfdFuq64jEynHuf1hXo/vQBCQViOMRC4meflH0XM1iJfM9FRBXaoCRhedk4KcMjEwj2bzhX0=
x-served-by: cache-lax10627-LGB, cache-fra19125-FRA
last-modified: Tue, 07 Apr 2020 10:39:09 GMT
server: AmazonS3
x-timer: S1620803497.580834,VS0,VE1
date: Wed, 12 May 2021 07:11:36 GMT
vary: Accept-Encoding,,
x-amz-request-id: KX1RVWZG6647QAT1
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 1

GET
H2 200 2988.json Show response
script.crazyegg.com/pages/data-scripts/0018/ 23 KB
2 KB 14ms
13ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0018/2988.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0018/2988.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37060f4252bad65de29fefc25769e0c60e5e3d28c396cf099ead3363410a94f5

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:36 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 28396
ce-version: 11.1.292
content-length: 1663
cf-request-id: 0a0103c29100002b22d0160000000001
timing-allow-origin: *
last-modified: Tue, 11 May 2021 23:18:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 64e1d57dbbaa2b22-FRA

GET
H2 200 authorize Show response
login.newscorpaustralia.com/ Frame 6EF3 2 KB
3 KB 1456ms
1456ms Document
text/html 104.111.230.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=.wiZ.2lZUkKDX3VUu57175kc86sJsMLX&nonce=ULdyk.lfTkmACnYQO1P1QjMOit02hgP8&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNi4wIn0%3D

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.230.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-230-77.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

30b1fe94e9d7aa344eb1ae6d9ffe65577065da354de4026427d170eaed63d462

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: login.newscorpaustralia.com
:scheme: https
:path: /authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=.wiZ.2lZUkKDX3VUu57175kc86sJsMLX&nonce=ULdyk.lfTkmACnYQO1P1QjMOit02hgP8&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNi4wIn0%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

content-type: text/html;charset=UTF-8
cf-ray: 64e1d57e49b8acf4-OTP
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
cf-request-id: 0a0103c2f50000acf4a0a1e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id: 64e1d57e49b8acf4
ot-tracer-sampled: true
ot-tracer-spanid: 13a0375b623a1960
ot-tracer-traceid: 60e14a71212680bf
x-auth0-requestid: 7a8d14f9515002a9ebbf
x-content-type-options: nosniff
x-ratelimit-limit: 1000
x-ratelimit-remaining: 999
x-ratelimit-reset: 1620803498
server: cloudflare
content-encoding: gzip
x-akamai-transformed: 9 538 0 pmb=mTOE,3
expires: Wed, 12 May 2021 07:11:38 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 12 May 2021 07:11:38 GMT
content-length: 845
vary: Accept-Encoding
set-cookie: did=s%3Av0%3A4aed9a00-b2f1-11eb-ae68-ab6a4c4ea167.4MoySMDKOaJE39Ddp4yGZPZmhZVzbghCA2grV7pOlqI; Max-Age=31557600; Path=/; Expires=Thu, 12 May 2022 13:11:37 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A4aed9a00-b2f1-11eb-ae68-ab6a4c4ea167.4MoySMDKOaJE39Ddp4yGZPZmhZVzbghCA2grV7pOlqI; Max-Age=31557600; Path=/; Expires=Thu, 12 May 2022 13:11:37 GMT; HttpOnly; Secure ak_bmsc=6982CADB9CFD7FE7C9E216FC530304650210BB8C80690000AA7F9B60DF0C746B~plMHCqaGy35830B2REPyERrIzyhSOupCRAMNC+H6E2gw+PiMA2r+xnnPclQ5nBvhXHTbkq8paej7kAayl+RG/wYLxm1Ov+5sBilw2+3sgMBYMNPL51Lck0Bnk/VZbwM8ytSUtmjfO7zGJypPX5/EkLMoREgfZddUTQjVxVH1KcMYF5ymg1nszOhqGtMXyKyE4lwMyxsb4BgQLw8SSLDyKhHB9+H3bszKkU3FU/zE4X9gFwlLGk61xoaF1H9YP1G1iz; expires=Wed, 12 May 2021 09:11:38 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=E28CBB4AAC41658A4B1AA3B47989C741~Lscu6moI2yP4SEkles+bKapDcMYPpnmQ5tCoknrnHNeblOAlV+ovJ/n6ctNMT/M3uIvBDTXaS3iMEC+kNkJ79aRCMV5XqNgDkFNQNAvtazOrOAhe3Hgd0oUPG0PeII6C3hKXKwkMNGP//Ke1RCoLFj1k1Ab52aFLhJWB1SELZqREVQg4WM1IGWYK58BFV3AwJVPJ5wXZjrRyY8ZS/0E60cjEwZmZV5g3y0i1Xt0aybxXXChY6+/O0WoPVuvCyFFa; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=1FAF5E8AFDF6F48FEA21343A9FD5F39F~YAAQjLsQAq5Tkzh5AQAAZbBqXwsBnImMzN7gyHUPztC1680GDLem/3Z9gJNJnUqgXBLsNa1oYQJDPgJC9ELpb3vlaQ8/DFMxqwvXO4pQX36tEZMpUx3ET7UlcOyDHXppvr+gKcIIs+kZgq+1nWRvmJMjLfhDdYpyLkzCTc4SnvCSP9cKKLvRBhGfmtVcalmilcSkrTXJkWMVc5I=; Domain=.newscorpaustralia.com; Path=/; Expires=Wed, 12 May 2021 11:11:36 GMT; Max-Age=14398; HttpOnly _abck=9E084C9B71E5E8C4735AADAF39292972~-1~YAAQjLsQAq9Tkzh5AQAAZbBqXwXxzxaej2kPu6zBjOrZKtNIWsA6OUKe/uMQYu7hLWBCi6fJ/dJsA1ZMHMFROCwn7RGoXLy4CeSvQFnWQfP/kYjQsHAXHcL5lic8S94HBFetE6mGuv3M8ciK1W9Ii5Ov0A7E0LXn81vSG/8ggLoLK9MToxVDgSGCdRNrCmvimMCBV3GiyUOBeUgD1PUf8PRRR3W6TiWHZAxao4Ekw8mgv2oHvzu0q6PE5NV+kqAv7cbrZnxDc91IUc/vS1k+LZVXdx5XX8K/Hr/VvFQP7yY7nBk6VyxVW4OAqb2avG/xwT+QjFn+niJ3k9++U6bKP80vfg6vd7RudHDntl+K4lK31WQbvru2vKr58sHCGprKN4IQuw/Evw==~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Thu, 12 May 2022 07:11:38 GMT; Max-Age=31536000; Secure

GET
H2 200 mynews-promo.png
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/c3po/ 366 KB
367 KB 34ms
34ms Image
image/png 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/c3po/mynews-promo.png

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

07e67598714a0c4563e38e21462f805842803eea1954787eb593acafbe8e9740

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

:path: /wp-content/themes/newscorpau-news-dna/dist/images/c3po/mynews-promo.png
pragma: no-cache
cookie: n_regis=123456789; AWSALB=T2g/BYfIC28uPf7pAUM6KMF0+PU7CQdpjP3/nDShse8CQcG020GJ7Zvqo/0XCsc84VpmIWfOWzRMID3z+9JJ15os/uAFfWziDecPwl4axycX3iq4rVKahMsvpotv; nk=cadeda36c756ad14e35322721241c57b; AWSALBCORS=T2g/BYfIC28uPf7pAUM6KMF0+PU7CQdpjP3/nDShse8CQcG020GJ7Zvqo/0XCsc84VpmIWfOWzRMID3z+9JJ15os/uAFfWziDecPwl4axycX3iq4rVKahMsvpotv; lux_uid=162080349614505323; com.auth0.auth.ogdP8dbzbS.JIY_jZ3EZMhfpTrnsUI_w={%22nonce%22:%22NuPlDcb8GtVECjXr-bARJE5gpebHamHn%22%2C%22state%22:%22ogdP8dbzbS.JIY_jZ3EZMhfpTrnsUI_w%22}; trc_cookie_storage=newscorpau-aud-heraldsun%253Asession-data%3Dv2_82dc2a61b522fe42f9d7eb11b55f0a91_bee2bc59-7cee-4e0d-b107-5aa5de5f0f1c-tuct7950528_1620803496_1620803496_CIi3jgYQgPNHGN3SqvuVLyABKAEwFjjqxgdA4IYQSP7m2QNQ____________AVgAYABosa_ptcr9986tAQ%7Ctaboola%2520global%253Alocal-storage-keys%3D%255B%2522newscorpau-aud-heraldsun%253Asession-data%2522%252C%2522taboola%2520global%253Auser-id%2522%255D%7Ctaboola%2520global%253Auser-id%3Dbee2bc59-7cee-4e0d-b107-5aa5de5f0f1c-tuct7950528; com.auth0.auth.uJRBan1bo1nfap9aDk9gKyDbq.c59AbS={%22nonce%22:%22jXMogxLtR0rvZQFI-KF51JGElj2oXwHA%22%2C%22state%22:%22uJRBan1bo1nfap9aDk9gKyDbq.c59AbS%22}; com.auth0.auth.7HEVIvsL6DwQe054L1MHV~UJX~xUsB7r={%22nonce%22:%22OlFk8toDLvF29E1dAuetgNKfNHveR2gM%22%2C%22state%22:%227HEVIvsL6DwQe054L1MHV~UJX~xUsB7r%22}; utag_main=v_id:01795f6aaa6900587825914d828800072001d06a00b08$_sn:1$_se:1$_ss:1$_st:1620805296554$ses_id:1620803496554%3Bexp-session$_pn:1%3Bexp-session; com.auth0.auth..wiZ.2lZUkKDX3VUu57175kc86sJsMLX={%22nonce%22:%22ULdyk.lfTkmACnYQO1P1QjMOit02hgP8%22%2C%22state%22:%22.wiZ.2lZUkKDX3VUu57175kc86sJsMLX%22}
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.heraldsun.com.au
referer: https://www.heraldsun.com.au/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-rq: ewr4 116 215 3221
last-modified: Tue, 09 Feb 2021 21:38:05 GMT
server: nginx
etag: "602300bd-5b713"
vary: User-Agent
content-type: image/png
expires: Sun, 16 May 2021 16:00:44 GMT
cache-control: max-age=377348
date: Wed, 12 May 2021 07:11:36 GMT
is-https: true
content-length: 374547
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 11.1.292.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 62 KB
21 KB 14ms
13ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.292.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0018/2988.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a2c0fa57655ccdccf8f7279e06d01c8bd1a2629c867273a353cf1716be25c2f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:36 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 55680
cf-ray: 64e1d57e2ec20629-FRA
content-length: 20993
cf-request-id: 0a0103c2d700000629cd198000000001
last-modified: Tue, 04 May 2021 14:40:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ebOneTag.js Show response
secure-ds.serving-sys.com/SemiCachedScripts/ 52 KB
16 KB 87ms
27ms Script
application/javascript 104.111.247.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.247.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-247-190.deploy.static.akamaitechnologies.com
Software: / ARR/3.0
Resource Hash: 560ff2564fbf2bef305cf0e9533c4db2671c96297d978fd31ac0310727fe455f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:36 GMT
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 15:15:57 GMT
server
x-powered-by: ARR/3.0
etag: "84a7fce7aaabd61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=278
accept-ranges: bytes
content-length: 15848

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
202 B 20ms
20ms Script
application/x-javascript 104.109.77.38
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsltd/hwt/202104140349&cb=1620803496669
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.77.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-77-38.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:36 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Wed, 12 May 2021 07:21:36 GMT

GET
H2 200 ggcmb510.js Show response
seccdn-gl.imrworldwide.com/novms/js/2/ 12 KB
5 KB 69ms
28ms Script
application/javascript 2600:9000:2190:d400:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://seccdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Requested by: Host: tags.news.com.au
URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:d400:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: K4aOLy49NXAaSrZ_0U6RL8YfHaZQdTea
content-encoding: gzip
etag: W/"afa0d379b1e6e0a61fad577d0043ff26"
last-modified: Wed, 28 Apr 2021 14:18:22 GMT
server: AmazonS3
age: 3239
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Wed, 12 May 2021 06:17:38 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: Y-s2nnkQUG2OnyFuPH66tbjYcm44-Kelv_AZyJiXnJIzLKDHOr30vQ==

GET
H/1.1 200
OK iasPET.1.js Show response
cdn.adsafeprotected.com/ 22 KB
7 KB 114ms
37ms Script
application/javascript 13.224.95.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adsafeprotected.com/iasPET.1.js
Requested by: Host: tags.news.com.au
URL: https://tags.news.com.au/prod/tad/tad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-82.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 54138d578ed166d5381db70b3dd14a16830233553b6e4213402bae2fdb0564b4

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 08 May 2021 23:57:23 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 08 Jul 2020 20:34:30 GMT
Server: AmazonS3
Age: 285254
ETag: W/"a8663f72a1dbe614b19f167a59af368d"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
Cache-Control: max-age=604800
Transfer-Encoding: chunked
X-Amz-Cf-Pop: ZRH50-C1
X-Amz-Cf-Id: X6qDbQ_JquNCdG2vJ9PH0d81PlXl6emo-o_iKNCnAAkbX53LT7oVcQ==

GET
H2 200 ping
ping.chartbeat.net/ 43 B
169 B 303ms
100ms Image
image/gif 35.173.41.90
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2F&u=CAbPehmkNwoulF-L&d=heraldsun.com.au&g=36976&g0=home%2Chomepage%2Cno_video&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=10910&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=4025&t=LJlzIdhYZYDl8nHWxbqq_Tp-ZK&V=126&i=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&tz=-120&_acct=anon&sn=1&sv=ClmK5oBwt8_2B9rZcRCsNLl0CjbmNH&sd=1&im=06030402&_
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.41.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-41-90.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1620803496764
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1620803496764

5 KB
2 KB

48ms
45ms

XHR
application/json

52.214.120.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1620803496764

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.214.120.236 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-214-120-236.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bc85203de09a4e1807b97412a6bf9ee54e99adce107a4e84836f81a549c9ff76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v006-0639b6b4c.edge-irl1.demdex.com 6.2.1.20210507120117-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: SX89KURZTPo=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.heraldsun.com.au
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1538
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v006-0b6ebf483.edge-irl1.demdex.com 6.2.1.20210507120117-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://www.heraldsun.com.au
X-TID: iJyJ76F+TmE=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1620803496764
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3-29 200 pubads_impl_2021051001.js Show response
securepubads.g.doubleclick.net/gpt/ 303 KB
107 KB 63ms
34ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061038

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

b19865c2e8366fc6cef8f869b9447b23243e4917d73591e554f1b697a1f8da9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 10 May 2021 08:38:30 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109340
x-xss-protection: 0
expires: Wed, 12 May 2021 07:11:36 GMT

GET
H2 200 vidora-client.1.x.x.min.js Show response
assets.vidora.com/js/ 8 KB
4 KB 69ms
6ms Script
application/javascript 2600:9000:211e:4400:4:77d:a0c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:4400:4:77d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4754c1f1fb712883286295c92774dddebef215996cfdfab9fd972d265473f025

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 12:50:21 GMT
content-encoding: gzip
etag: W/"0d9785869d3d057828f29bcf6b0f8119"
last-modified: Mon, 15 Mar 2021 13:51:58 GMT
server: AmazonS3
age: 66077
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6f6de2de0e03603ac1b58353376153d3.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: QEjvb-TVylCkPendluMtruUlj8gUFmmZBDcycVyyAbuldiFJ_OYFJQ==

GET
H2 404 undefined
www.heraldsun.com.au/ 0
0 984ms
983ms Script
text/html 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/undefined

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

:path: /undefined
pragma: no-cache
cookie: n_regis=123456789; AWSALB=T2g/BYfIC28uPf7pAUM6KMF0+PU7CQdpjP3/nDShse8CQcG020GJ7Zvqo/0XCsc84VpmIWfOWzRMID3z+9JJ15os/uAFfWziDecPwl4axycX3iq4rVKahMsvpotv; nk=cadeda36c756ad14e35322721241c57b; AWSALBCORS=T2g/BYfIC28uPf7pAUM6KMF0+PU7CQdpjP3/nDShse8CQcG020GJ7Zvqo/0XCsc84VpmIWfOWzRMID3z+9JJ15os/uAFfWziDecPwl4axycX3iq4rVKahMsvpotv; lux_uid=162080349614505323; com.auth0.auth.ogdP8dbzbS.JIY_jZ3EZMhfpTrnsUI_w={%22nonce%22:%22NuPlDcb8GtVECjXr-bARJE5gpebHamHn%22%2C%22state%22:%22ogdP8dbzbS.JIY_jZ3EZMhfpTrnsUI_w%22}; trc_cookie_storage=newscorpau-aud-heraldsun%253Asession-data%3Dv2_82dc2a61b522fe42f9d7eb11b55f0a91_bee2bc59-7cee-4e0d-b107-5aa5de5f0f1c-tuct7950528_1620803496_1620803496_CIi3jgYQgPNHGN3SqvuVLyABKAEwFjjqxgdA4IYQSP7m2QNQ____________AVgAYABosa_ptcr9986tAQ%7Ctaboola%2520global%253Alocal-storage-keys%3D%255B%2522newscorpau-aud-heraldsun%253Asession-data%2522%252C%2522taboola%2520global%253Auser-id%2522%255D%7Ctaboola%2520global%253Auser-id%3Dbee2bc59-7cee-4e0d-b107-5aa5de5f0f1c-tuct7950528; com.auth0.auth.uJRBan1bo1nfap9aDk9gKyDbq.c59AbS={%22nonce%22:%22jXMogxLtR0rvZQFI-KF51JGElj2oXwHA%22%2C%22state%22:%22uJRBan1bo1nfap9aDk9gKyDbq.c59AbS%22}; com.auth0.auth.7HEVIvsL6DwQe054L1MHV~UJX~xUsB7r={%22nonce%22:%22OlFk8toDLvF29E1dAuetgNKfNHveR2gM%22%2C%22state%22:%227HEVIvsL6DwQe054L1MHV~UJX~xUsB7r%22}; utag_main=v_id:01795f6aaa6900587825914d828800072001d06a00b08$_sn:1$_se:1$_ss:1$_st:1620805296554$ses_id:1620803496554%3Bexp-session$_pn:1%3Bexp-session; com.auth0.auth..wiZ.2lZUkKDX3VUu57175kc86sJsMLX={%22nonce%22:%22ULdyk.lfTkmACnYQO1P1QjMOit02hgP8%22%2C%22state%22:%22.wiZ.2lZUkKDX3VUu57175kc86sJsMLX%22}; _tb_sess_r=; _tb_t_ppg=https%3A//www.heraldsun.com.au/; ad_site_view_t=2021-5-12; ad_site_view=1; _cb_ls=1; _cb=CAbPehmkNwoulF-L; _chartbeat2=.1620803496733.1620803496733.1.ClmK5oBwt8_2B9rZcRCsNLl0CjbmNH.1; _cb_svref=null; nc_eu=y; AMCV_5FE61C8B533204850A490D4D%40AdobeOrg=-637568504%7CMCIDTS%7C18760%7CvVersion%7C5.1.1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.heraldsun.com.au
referer: https://www.heraldsun.com.au/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
x-rq: ewr4 114 24 3179
server: nginx
date: Wed, 12 May 2021 07:11:37 GMT
vary: User-Agent Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
cache-control: max-age=32
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fundefined&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=undefined&session=cadeda36c756ad14e35322721241c57b
set-cookie: AWSALB=+8m7wUNEeEOLaAcX0ndtLaAAeK/AD12A2qHaPu5V89/ZGS/kjkfHYgvuR9Hoytn1EoeDvPBFC7pzyZkSemK31obHHuV2NdXo6cWfeNxE5/rQXLwWQ2I3WLW0k2AP; Expires=Wed, 19 May 2021 07:11:36 GMT; Path=/ nk=cadeda36c756ad14e35322721241c57b; expires=Sat, 11 May 2024 07:11:37 GMT; path=/; domain=heraldsun.com.au; SameSite=None; Secure; AWSALBCORS=+8m7wUNEeEOLaAcX0ndtLaAAeK/AD12A2qHaPu5V89/ZGS/kjkfHYgvuR9Hoytn1EoeDvPBFC7pzyZkSemK31obHHuV2NdXo6cWfeNxE5/rQXLwWQ2I3WLW0k2AP; Expires=Wed, 19 May 2021 07:11:36 GMT; Path=/; SameSite=None; Secure
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Wed, 12 May 2021 07:12:09 GMT

GET
H2 204 social
trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/ 0
275 B 18ms
18ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/social?route=AM:IL:V&lti=deflated&ri=d745fb6ff0abb654bb1cca0b7e30e879&sd=v2_82dc2a61b522fe42f9d7eb11b55f0a91_bee2bc59-7cee-4e0d-b107-5aa5de5f0f1c-tuct7950528_1620803496_1620803496_CIi3jgYQgPNHGN3SqvuVLyABKAEwFjjqxgdA4IYQSP7m2QNQ____________AVgAYABosa_ptcr9986tAQ&ui=bee2bc59-7cee-4e0d-b107-5aa5de5f0f1c-tuct7950528&pi=/&wi=873729681997272865&pt=home&vi=1620803496285&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_undefined_%22%2C%22hdl%22%3A%22Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=09%3A11%3A36.808&id=4806&llvl=1&cv=20210506-7-RELEASE&
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:36 GMT
server: nginx
x-fastly-to-nlb-rtt: 3979
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.41.14.57:10213

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210510/r20110914/elements/html/ 8 KB
3 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210510/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=594662972113.9536?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 06:55:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 995
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 06:55:01 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ 0
528 B 86ms
32ms Ping
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstTSDSlixJgtpGZy-UsN45o1Ur2fs3r4_LzrGmwEblnBbF52xKiIgXpuF7KKuvb-QZykksK77s_Xem7tr6ZUcw7idak9D5nGhMP2Uqpg3QX6cEHXOVb782hae_kIxdd17dR&sig=Cg0ArKJSzLTd9VPuMMEZEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20210510.51917&adurl=

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=594662972113.9536?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 07:11:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 6630 Show response
secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/ 16 KB
1 KB 345ms
291ms XHR
application/octet-stream 104.111.247.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/6630
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.247.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-247-190.deploy.static.akamaitechnologies.com
Software: ATS/7.1.0 /
Resource Hash: 4578c19c9c34c57fbb97b3547a613cc2435655f96bf40f4e1146f317ef1af1dc

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ai2V6U7ZVUQTcKI5R5D7TBRUGNknLW2z
content-encoding: gzip
last-modified: Tue, 11 May 2021 01:57:43 GMT
server: ATS/7.1.0
x-amz-request-id: 4GGTJ5DYH0W9P383
etag: "4b54a7fe7a0ce22f3d971e1f86e2b223"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=600
date: Wed, 12 May 2021 07:11:37 GMT
x-amz-replication-status: PENDING
accept-ranges: bytes
content-length: 1180
x-amz-id-2: /xY20pwXgVQc62xA3p6MDdqyDMzs/Zy9pL1DAK6kJ4BSBLONrAhTtLR8cWgbIfKDrYaqSy7gT1Q=

GET
H2 200 gdpr_user_check.esi Show response
tags.news.com.au/prod/data-esi/top/ 61 B
359 B 705ms
638ms XHR
text/plain 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi?
Requested by: Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: AkamaiGHost /
Resource Hash: 81e0d45f0dcb9d0ec79698b55a4bfd792677100c1b5f7b30aa37164e0d0412aa

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:37 GMT
server: AkamaiGHost
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
etag: "f1d1adc077c1f1f826a151ee3db530bc:1600839199.327003"
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=0, no-cache
content-length: 61
mime-version: 1.0
expires: Wed, 12 May 2021 07:11:37 GMT

GET
H2 200 2988.json Show response
script.crazyegg.com/pages/sampling-data-scripts/0018/ 2 KB
666 B 21ms
20ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/sampling-data-scripts/0018/2988.json?t=450223
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.292.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16b4a4ca69ec6dfb7b8026e86ffc3012f6ae6fa4fe4b788dd3e30f710cf85824

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:36 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 11479
ce-version: 11.1.292
content-length: 547
cf-request-id: 0a0103c3bd00002b22fdab6000000001
timing-allow-origin: *
last-modified: Wed, 12 May 2021 04:00:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 64e1d57f9fd82b22-FRA

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ 44 B
491 B 114ms
114ms Image
image/gif 2600:9000:2190:b000:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1620803496903&ci=newscorp&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&sr=1600x1200&tz=2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:b000:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:36 GMT
via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: ZRH50-C1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 44
x-amz-cf-id: Cqq0MUBR64cEiWcHngGc-CrpG-DM5z3-or0j2UcVF43TaI3nCNat0w==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK dest5.html Show response
newscorpau.demdex.net/ Frame C8DF 7 KB
3 KB 137ms
33ms Document
text/html 52.51.173.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://newscorpau.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.173.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-173-153.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: newscorpau.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.heraldsun.com.au/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=77209328200338166100765293161322666226
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Wed, 12 May 2021 07:11:37 GMT
DCS: dcs-prod-irl1-1-v006-03d063e7a.edge-irl1.demdex.com 6.2.1.20210507120117-PR_1432-SNAPSHOT
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Tue, 11 May 2021 11:18:16 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: bM4z7bcRTWM=
Content-Length: 2791
Connection: keep-alive

GET
H2 200 id Show response
metrics.heraldsun.com.au/ 48 B
515 B 135ms
32ms XHR
application/x-javascript 15.237.76.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.heraldsun.com.au/id?d_visid_ver=5.1.1&d_fieldgroup=A&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&mid=77233371614180867120762888821079476712&ts=1620803497017

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.76.117 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-237-76-117.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

456c9968631595fb205de9b07a9df842f910bacb7ce2017acf52a28a292c8145

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 12 May 2021 07:11:37 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-76898875b9-rbblj
vary: Origin
x-c: main-1461.Id0ac08.M0-490
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.heraldsun.com.au
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YJt-qQAAALb7zBNg
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=77209328200338166100765293161322666226
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YJt-qQAAALb7zBNg

42 B
973 B

38ms
37ms

Image
image/gif

52.214.120.236
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YJt-qQAAALb7zBNg

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.214.120.236 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-214-120-236.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v006-0b241566c.edge-irl1.demdex.com 6.2.1.20210507120117-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 5z6a13NaT+8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YJt-qQAAALb7zBNg
Date: Wed, 12 May 2021 07:11:37 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H3-29 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 14 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061038

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 06:35:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2155
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5863
x-xss-protection: 0
server: cafe
etag: 12453517290502062038
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 12 May 2021 07:35:42 GMT

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 637 B
874 B 108ms
39ms XHR
application/json 34.252.255.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=10507&slot=%7Bid:ad-block-728x90-1,ss:%5B728.90,970.250,970.50,1000.100%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x250-1,ss:%5B300.250,300.600%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x250-2,ss:%5B300.250%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-1000x50-1,ss:%5B1000.50,728.1%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-728x90-2,ss:%5B728.90,1000.150%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-out-of-page,ss:%5B1.1%5D,p:/5129/ndm.hwt/home,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=1026b315-577b-4560-b86b-2fcf91016b55&url=https%253A%252F%252Fwww.heraldsun.com.au%252F
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.255.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-255-244.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a32b0e5a439d26202a415cc099b0b08d0e0da9c5b6aa4ff3b4df382fcf0daf78

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:37 GMT
x-server-name: app11.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.heraldsun.com.au
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET 28fb22b
login.newscorpaustralia.com/akam/11/ Frame 02DE 0
0

GET fbc6eb3f718ti1818f0a460e313428da5
login.newscorpaustralia.com/staticweb/ Frame 02DE 0
0

GET 28fb22b
login.newscorpaustralia.com/akam/11/ Frame C24E 0
0

GET fbc6eb3f718ti1818f0a460e313428da5
login.newscorpaustralia.com/staticweb/ Frame C24E 0
0

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 5 KB
2 KB 50ms
38ms XHR
application/json 52.214.120.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=77233371614180867120762888821079476712&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=newsnkidcookie%01cadeda36c756ad14e35322721241c57b%011&ts=1620803497157

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.214.120.236 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-214-120-236.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e59cc7b10ad8ed8d3236b6b4290b50b4225fd347be0670332cc6aea9bc38e1aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v006-016235c0f.edge-irl1.demdex.com 6.2.1.20210507120117-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: S23Z8Rq4SZc=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.heraldsun.com.au
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1538
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 integrator.js Show response
adservice.google.be/adsid/ 107 B
799 B 175ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.be/adsid/integrator.js?domain=www.heraldsun.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061038

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 07:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.heraldsun.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061038

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 07:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 141 KB
17 KB 85ms
84ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2666602544625747&correlator=2177015340441819&output=ldjh&impl=fifs&hxva=1&scor=1331221894564235&eid=31060783%2C31060789%2C31061038%2C31060411%2C21065724&vrg=2021051001&ptt=17&co=1&npa=1&sc=1&sfv=1-0-38&ecs=20210512&iu_parts=5129%2Cndm.hwt%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%7C970x50%7C1000x100%2C300x250%7C300x600%2C300x250%2C1000x50%7C728x1%2C728x90%7C1000x150%2C1x1&ists=1&prev_scp=pos%3D1%26id%3D4a7b9e9a-b2f1-11eb-b656-024bf4a6d028%7Cpos%3D1%26id%3D4a7b9e9b-b2f1-11eb-b656-024bf4a6d028%26vw%3D40%2C50%2C60%26vw05%3D40%26grm%3D40%2C50%26pub%3D40%7Cpos%3D2%26id%3D4a7b9e9c-b2f1-11eb-b656-024bf4a6d028%7Cpos%3D1%26id%3D4a7b9e9d-b2f1-11eb-b656-024bf4a6d028%7Cpos%3D2%26id%3D4a7b9e9e-b2f1-11eb-b656-024bf4a6d028%7Cpos%3D1%26id%3D4a7b9e9f-b2f1-11eb-b656-024bf4a6d028&eri=1&cust_params=us%3Db%26s%3D0%26co%3D1%26kw%3D%26nk%3Dcadeda36c756ad14e35322721241c57b%26sec1%3Dhome%26ksgmnt%3D%26siteview%3D1%26pagetype%3Dhomepage%26adl%3Dfalse%26pvid%3Dcadeda36c756ad14e35322721241c57b-00000000000000000000000000000000-1620803496585-275064%26fr%3Dtrue%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3D&bc=31&abxe=1&lmt=1620803497&dt=1620803497178&dlt=1620803495884&idt=1153&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C1123%2C1124%2C176%2C176%2C0&adys=48%2C462%2C9487%2C10260%2C3444%2C10910&adks=1616217045%2C2956706420%2C1415436295%2C1982096792%2C3785065344%2C3544675803&ucis=1%7C2%7C3%7C4%7C5%7C6&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x134%7C300x0%7C300x0%7C1248x0%7C1248x0%7C1600x10910&msz=728x93%7C300x276%7C1248x250%7C1000x0%7C728x0%7C0x0&ga_vid=2038270065.1620803497&ga_sid=1620803497&ga_hid=280401519&ga_fc=false&fws=640%2C640%2C128%2C128%2C128%2C128&ohw=0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C0%7C1%7C2%7C3%7C4&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061038

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

b0bb476ab6ddfe80bd87b6d009225c4f48d7219eb1a98d7ec8bce715166da8ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17214
x-xss-protection: 0
google-lineitem-id: 4682990628,4682990628,4682990628,4682990628,4682990628,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138234025461,138234092441,138234025548,138234082178,138234092474,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.heraldsun.com.au
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
b7cb491d6e56c9ea1a104c2aa3acc6b1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 31ms
13ms Other
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b7cb491d6e56c9ea1a104c2aa3acc6b1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061038
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 6ms
5ms Other
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061038
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 glcfg510.js Show response
cdn-gl.imrworldwide.com/novms/js/2/configs/ 2 KB
1 KB 13ms
13ms Script
application/javascript 2600:9000:2190:d400:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/configs/glcfg510.js
Requested by: Host: seccdn-gl.imrworldwide.com
URL: https://seccdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:d400:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: INm4zoPCwSXZbYfWdFRn_D.hZjwdgfCD
content-encoding: gzip
etag: W/"931051f801612c3a0e2782961ac3d56c"
last-modified: Wed, 28 Apr 2021 14:18:22 GMT
server: AmazonS3
age: 2254
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Wed, 12 May 2021 06:34:04 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: VPZYz8IjVJiD-TZAgt9NY4o5sKBerxcusgWmv3-fsGe80gT7WPYILw==

GET
H/1.1 200 Serving Show response
bs.serving-sys.com/ 10 KB
3 KB 201ms
35ms Script
text/html 82.199.68.73
EQUINIX-CONNECT

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?cn=ot&onetagid=6630&dispType=js&sync=0&sessionid=2370591143295169598&pageurl=$$https%3A%2F%2Fwww.heraldsun.com.au%2F$$&activityValues=$$Session%3D5990416593012171878$$&ns=0&rnd=8656630221470807
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 82.199.68.73 Lemelerveld, Netherlands, ASN15830 (EQUINIX-CONNECT, GB),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 362b504c9576a6183fb4e247d952af0559f0866381ed108db2bd2256a0391252

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 07:11:36 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
P3P: CP="NOI DEVa OUR BUS UNI"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
Content-Type: text/html; charset=UTF-8
Content-Length: 2431
Expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 s44894676782027
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.0/ 43 B
440 B 33ms
33ms Image
image/gif 15.237.76.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.0/s44894676782027?AQB=1&ndh=1&pf=1&t=12%2F4%2F2021%209%3A11%3A37%203%20-120&cid.&newsnkidcookie.&id=cadeda36c756ad14e35322721241c57b&as=1&.newsnkidcookie&.cid&vid=cadeda36c756ad14e35322721241c57b&mid=77233371614180867120762888821079476712&aamlh=6&ce=UTF-8&ns=newscorpau&cdp=3&g=https%3A%2F%2Fwww.heraldsun.com.au%2F&cc=AUD&ch=D%3Dv4&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=D%3Dv1&v1=news%20corp%20au&h1=news%20corp%20au%7Cherald%20sun%7Cherald%20sun%20web%7Chome&c2=D%3Dv2&v2=herald%20sun&c3=D%3Dv3&v3=herald%20sun%20web&c4=D%3Dv4&v4=home&c9=D%3Dv9&v9=homepage&c10=D%3Dg&v10=D%3DpageName&c11=D%3Dv11&v11=D%3Dvid&c14=D%3Dv14&v14=anonymous&c22=D%3Dv22&v22=5%3A11%20PM%7CWednesday&c24=D%3Dv24&v24=New&c30=First%20Visit&v34=D%3Dg&c46=D%3Dv46&v46=not%20logged%20in&v52=1600x1200%7Cwindows%7C10&c60=TypeError%3A%20Cannot%20read%20property%20%27getItem%27%20of%20null&v77=D%3Dmid&v111=0&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&AQE=1

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.76.117 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-237-76-117.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:37 GMT
x-content-type-options: nosniff
x-c: main-1461.Id0ac08.M0-490
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 13 May 2021 07:11:37 GMT
server: jag
xserver: anedge-76898875b9-k968c
etag: 3480649008019505152-4622110254497131268
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Tue, 11 May 2021 07:11:37 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 71B3 0
0 58ms
57ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsunSdPRJItGEVx5otb-IQxBNwoT_42Wd6PEYuW-XKcPhXoXwaUmLgHg_3EnWpcuVDDDQq4Os2JVmjqQSCBXUFBKqQfZSpX6gyrGNpTQgO5T4FLq6uk_rxyVluRB-IdXtm3qlz2GWoKM2tkqW07fuuDjG46S_SVSMrowMXibhzzQvB_xo6aKE7u1c45OwOvLlSXJhIf8CJwN1JKQXQY19VAVAv8tn1bS0P0U-kofBkZD_gtl0dvOtylmT2HLpzFHrsmnIgcQJ6BfW6HXK1wTxPX9Ft1Gadw7_vAoA0iNZoy9LKc&sai=AMfl-YR64FH6qPYLz7cnXGSMaRQ5qbERbyoHUc3_pRZQX98yaTQg6UMYxuKX8gARrjSRodN5nvsoN_4etzCa&sig=Cg0ArKJSzP4GcW9Z2x2vEAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=cadeda36c756ad14e35322721241c57b-1620803493

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 07:11:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/ Frame 71B3 17 KB
7 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061038

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0489619b42dc28c6d135cf946eaea95f6206229dedbad28a2636d3525fdb3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:10:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7042
x-xss-protection: 0
server: cafe
etag: 8099588968410230469
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 07:10:54 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame 71B3 2 KB
1 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061038

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 06:56:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 06:56:38 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 71B3 116 KB
35 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061038

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e3de2e14d9c8708fe42cbb220f1c4d52b720493b1503aa266fac9361b64ac31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620696594685118"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36097
x-xss-protection: 0
expires: Wed, 12 May 2021 07:11:37 GMT

GET
H3-29 200 7114969398400660195
tpc.googlesyndication.com/simgad/ Frame 71B3 68 B
93 B 22ms
21ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7114969398400660195

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061038

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 10:06:19 GMT
x-content-type-options: nosniff
age: 248718
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 23 May 2018 07:39:36 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 09 May 2022 10:06:19 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 32F0 0
0 58ms
57ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssWyy5XIGU0RqgDpKT46CK70M5pb9eIVorWe9ZRc7-bnjdjrToB97x9YrxqCs5EbGDdfJixMHzDb0U_vVCymDLp2gWJa_mYGDjC63Qc5w8Ugi8hcuBYhf2h2u8-fGxs2nczFBYfeS2wBgrVTKvEWOkZECZ6Y3WjTIvmxyMJ45kXAVQ6nZxcSj8_Kv653dKrt9rdRoYyAFMF0tHC8Oxoi7XIUXgZ3Rh8hFqNYwuud79AUTEX-Lysy0gtY4WILfMDhKjqaYWDfLqX7Bvs4-_tH2tNtFn6ccEzf9eC7ufDQklRU-E&sai=AMfl-YQ_bAsyjqVaqYBRNCuJsB7fc0nhOIX4xqk2RNaveR8LLgBfMoJdDKNbVfIGRx1dKCGTACtttk5QnJw_&sig=Cg0ArKJSzOe8aCBvWFjBEAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=cadeda36c756ad14e35322721241c57b-1620803493

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 07:11:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/ Frame 32F0 17 KB
7 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061038

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0489619b42dc28c6d135cf946eaea95f6206229dedbad28a2636d3525fdb3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:10:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7042
x-xss-protection: 0
server: cafe
etag: 8099588968410230469
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 07:10:54 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame 32F0 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061038

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 06:56:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 06:56:38 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 32F0 116 KB
35 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061038

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e3de2e14d9c8708fe42cbb220f1c4d52b720493b1503aa266fac9361b64ac31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620696594685118"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36097
x-xss-protection: 0
expires: Wed, 12 May 2021 07:11:37 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 32F0 0
0 13ms
13ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQcQNaypiE9kYwTsC0vXuV9MFtOOzYZb9H1gbLFpkZfFm3hzWB9Fyf02PGiYGkvCS2LeCRb
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061038
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 13756812283639570429
tpc.googlesyndication.com/simgad/ Frame 32F0 68 B
93 B 16ms
15ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13756812283639570429

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061038

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 02:03:46 GMT
x-content-type-options: nosniff
age: 536871
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 23 May 2018 07:40:06 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 May 2022 02:03:46 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061038

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ef9a18aef9847638b3b4344a0b2ebed14e84fb0aeb8ce29292af06826a2580a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620696588139699"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28014
x-xss-protection: 0
expires: Wed, 12 May 2021 07:11:37 GMT

GET
H/1.1

200
OK

ibs:dpid=358&dpuuid=3668228889875249141
dpm.demdex.net/ Frame C8DF
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
https://dpm.demdex.net/ibs:dpid=358&dpuuid=3668228889875249141

42 B
973 B

38ms
38ms

Image
image/gif

52.214.120.236
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=358&dpuuid=3668228889875249141

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.214.120.236 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-214-120-236.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v006-0639b6b4c.edge-irl1.demdex.com 6.2.1.20210507120117-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: +xI4M6L2SbE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Wed, 12 May 2021 07:11:37 GMT
X-Proxy-Origin: 185.232.21.100; 185.232.21.100; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.237:80
AN-X-Request-Uuid: b6b83f85-a9b1-4621-bf2d-886703f09dee
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dpm.demdex.net/ibs:dpid=358&dpuuid=3668228889875249141
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 38ms
38ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sf_r&pvsid=2666602544625747&vrg=2021051001&nw_id=5129&nslots=6&eid=31060783%2C31060789%2C31061038%2C31060411%2C44714449%2C21065724&pub_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&GAM=null&Final=null

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame D477 0
0 58ms
57ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvISXAxTdzdLLDWYNwJ9LqtAPmAlkE-YD1__DDuUbxZ9Ao4QjDhsxaSMxACOhesA-Pl4aQtnDqDVFC9eR0XnI3K2C2B8ICZXdwHlMj0OqEeDEG0tAbleUDbBQHBdp0FPWbox3PW-0H2LWKHn_uWW1ZZPuM4mgE5SLTyPIhJ8XDzYjqp9vXGqNrcKtGcYLR7OeZuaHLWZsS4C1wq_5xrvsdfabBIdFR9901Wwy8ryCOl78hPsVXkIwJDcIB4ZP9zrbWtt3klQyZXl-dQ24uHWKPhIvADVWJ0f-PX5h9lxl-pyEI&sai=AMfl-YTZi2BBSo1JdfM3k6vfTIf4SYdIy5fiZZy8xEdNQQesYwC8BQEpdFD8qv29WNJm1iC1YwlF7JsqvV18&sig=Cg0ArKJSzPiUjoozYC8AEAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=cadeda36c756ad14e35322721241c57b-1620803493

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 07:11:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 13756812283639570429
tpc.googlesyndication.com/simgad/ Frame D477 68 B
93 B 6ms
6ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13756812283639570429

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061038

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 02:03:46 GMT
x-content-type-options: nosniff
age: 536871
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 23 May 2018 07:40:06 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 May 2022 02:03:46 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/ Frame D477 17 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061038

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0489619b42dc28c6d135cf946eaea95f6206229dedbad28a2636d3525fdb3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:10:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7042
x-xss-protection: 0
server: cafe
etag: 8099588968410230469
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 07:10:54 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame D477 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061038

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 06:56:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 06:56:38 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D477 116 KB
35 KB 27ms
13ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061038

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e3de2e14d9c8708fe42cbb220f1c4d52b720493b1503aa266fac9361b64ac31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620696594685118"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36097
x-xss-protection: 0
expires: Wed, 12 May 2021 07:11:37 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 89A0 0
0 57ms
57ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstDcxTWWv3GVqz1T3dUZ4ONwq-xTsH_4tTn23Tf285al2gzhatM4RAYhjJ4EtyaojmCigqCtKqIjK-He8P_IFb8caxB6TV4VVBldzOcRRu25OnD0dZrSRl4Bic1HgLrpsTh4LvJHx_LOiARTcAehKzEGNcLvI_NQC7tB9gqUFlzAhx6SMtZCB6uHlM-wngbb4rDoukJi2pEUZ1bTM6lQIjBkWMqUnnxxauAtQ10t9_1Ehyu4U7V6Z6I36x8Cm12LDAPdFfgQIr0UATbpIc-Hm8k1qpnpETmoC4fuQkur7llHiE&sai=AMfl-YTaOgoj74rFbOTw2BEP_S9OFBNTazecoll7TZBzU1YFVapa_wuS5FaNExPmIASa-zZVWdqVDKLFgnfA&sig=Cg0ArKJSzKUEMtogi68wEAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=cadeda36c756ad14e35322721241c57b-1620803493

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 07:11:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/ Frame 89A0 17 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061038

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0489619b42dc28c6d135cf946eaea95f6206229dedbad28a2636d3525fdb3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:10:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7042
x-xss-protection: 0
server: cafe
etag: 8099588968410230469
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 07:10:54 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame 89A0 2 KB
1 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061038

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 06:56:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 06:56:38 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 89A0 116 KB
35 KB 24ms
15ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061038

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e3de2e14d9c8708fe42cbb220f1c4d52b720493b1503aa266fac9361b64ac31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620696594685118"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36097
x-xss-protection: 0
expires: Wed, 12 May 2021 07:11:37 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 89A0 0
0 16ms
14ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRJvR7M-S8WiY1KZ9cL5ywFqOLBWjtAP410dJ9EMVTMtXqxRZdrhrgxDbahVwQ8kZCXNMKC
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061038
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 13503232906761715217
tpc.googlesyndication.com/simgad/ Frame 89A0 3 KB
3 KB 8ms
6ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13503232906761715217

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061038

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a87453753b5611e7806718ec99a837dc8068d9eb20b4b6b3bb0d38ee2bd84d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 02:20:03 GMT
x-content-type-options: nosniff
age: 535894
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3270
x-xss-protection: 0
last-modified: Wed, 23 May 2018 04:43:28 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 May 2022 02:20:03 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7C50 0
0 57ms
56ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstma8OjOXQeQIf3zmCyW-qYLHPzOj4vtcsvAjSm1VnxfGZJujM2D9f-6YAyRu-uSuJNILaUtnnf_N_0BWryNG4H0mMqwpWmej6Bu6T3jz0gc8ERLtoCUHBzeTnXHvMxK5BsCmhnZ-q0o6cs9pzfTkqRUbWYAPbaxrbs9sZGGplCS84lEIl_mdMiyDDqSUW5ECE51rSd1pxyXYRA4CwpPkKB9Bgb21a2nL_egGu-E3hVTzHE4u_7ByqKEsk2RG1ouVGLt8l8Mg8HWLujG0K97sCqu3lf0wwE3T9Y_7oFpjaY5Rs&sai=AMfl-YRWJ6GUSdS9yS0_BrQfhbmWEr6pSAuwnNk5IxTvevFOEkdBFOjEcis0iL5d6pPY9sZxPnB7b2WfHzzW&sig=Cg0ArKJSzL4rQ2c9bKDqEAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=cadeda36c756ad14e35322721241c57b-1620803493

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 07:11:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 7114969398400660195
tpc.googlesyndication.com/simgad/ Frame 7C50 68 B
93 B 6ms
5ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7114969398400660195

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061038

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 10:06:19 GMT
x-content-type-options: nosniff
age: 248718
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 23 May 2018 07:39:36 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 09 May 2022 10:06:19 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/ Frame 7C50 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061038

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0489619b42dc28c6d135cf946eaea95f6206229dedbad28a2636d3525fdb3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:10:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7042
x-xss-protection: 0
server: cafe
etag: 8099588968410230469
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 07:10:54 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame 7C50 2 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061038

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 06:56:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 06:56:38 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7C50 116 KB
35 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061038

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e3de2e14d9c8708fe42cbb220f1c4d52b720493b1503aa266fac9361b64ac31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620696594685118"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36097
x-xss-protection: 0
expires: Wed, 12 May 2021 07:11:37 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 7C50 0
0 16ms
13ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTtBKCGIj93n4q0jRtGsGoyWJhwiij3obNgGoYsHTApIBk2m1H7cvO0MiZALBbZs7Cztb5Q
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061038
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js Show response
cdn-gl.imrworldwide.com/conf/ 32 KB
7 KB 14ms
14ms Script
application/javascript 2600:9000:2190:d400:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Requested by: Host: secure-gl.imrworldwide.com
URL: https://secure-gl.imrworldwide.com/v60.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:d400:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bea52b91b6dbf31fcf8408d0044f09af2e60861ef77139eb9b8449aa0054dc27

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: MM17goFBXf2aOabgL9Pgsqf57dExtQ8G
content-encoding: gzip
etag: W/"08f5a1d366d24c1b07c48a025cdb7c6a"
last-modified: Mon, 10 May 2021 23:18:23 GMT
server: AmazonS3
age: 1326
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
cache-control: max-age=86400,s-maxage=86400
date: Wed, 12 May 2021 06:55:27 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: q7kWG7S-GodpmLiW5FgTrigqiE6HHDB4FK7o8LDLO3ffvWv_Ktq0zw==

GET
DATA 200
OK truncated
/ Frame 71B3 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1361168ace2c477919dc5f047b5b092b922dae7d53c6de3e222192a68554f059

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 36F5 46 KB
13 KB 109ms
47ms Script
application/javascript 34.252.255.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025461&pubOrder=305536031&cb=680797797&custom=homepage&custom3=168400391&adsafe_par&impId=4a7b9e9a-b2f1-11eb-b656-024bf4a6d028
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.255.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-255-244.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c4cb581c31ea68d21fc17e28e4709478223167a86cc72077c69c752dd739e501

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:37 GMT
content-encoding: gzip
x-server-name: app14.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
DATA 200
OK truncated
/ Frame 32F0 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cde5b55cdee3cfdda04c7d7ccd70375ec40bfa0a72e68e4cb6bac23b0fb280e0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame C72C 46 KB
13 KB 94ms
52ms Script
application/javascript 34.252.255.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092441&pubOrder=305536031&cb=375719769&custom=homepage&custom3=168400391&adsafe_par&impId=4a7b9e9b-b2f1-11eb-b656-024bf4a6d028
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.255.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-255-244.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a775a321926dd172d2420992ca2f6998e6651abd8a621ac48295328ae0781bf3

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:37 GMT
content-encoding: gzip
x-server-name: app25.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ Frame 27AE 4 KB
2 KB 138ms
44ms Script
application/x-javascript 13.226.89.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.89.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-89-119.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 06:32:24 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 2353
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 32f35b6a71829a460d6fdae31f270164.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: PRG50-C1
X-Amz-Cf-Id: epI-4F827NUdUUrHllhi0ALOQId5DNLK2z-ktgLgwgmTUWdCIiK70Q==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ Frame B09E 5 KB
2 KB 86ms
37ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=cadeda36c756ad14e35322721241c57b-1620803493
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:37 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 25935
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1620803498.596233,VS0,VE0
x-served-by: cache-fra19141-FRA

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame B3E3 4 KB
2 KB 31ms
16ms Script
application/x-javascript 2a02:26f0:6c00:2b0::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=cadeda36c756ad14e35322721241c57b-1620803493
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b0::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 07:11:37 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=46340
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 3A1B 84 KB
33 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-707564276

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6581cc3761e513e0d4a1f7521497d72320954438f1e4fe23fbe21ebf50ef4aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34052
x-xss-protection: 0
last-modified: Wed, 12 May 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 12 May 2021 07:11:37 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ Frame D69A 4 KB
2 KB 133ms
43ms Script
application/x-javascript 13.226.89.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.89.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-89-119.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 06:32:24 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 2353
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: PRG50-C1
X-Amz-Cf-Id: U8C0mPtcC97am9E1e_ly2JcIOqHoFGfatnuKH3r7WG-HN8JbzaQNog==

GET
H/1.1 200
OK pixie.js Show response
acdn.adnxs.com/dmp/up/ Frame 0119 7 KB
3 KB 62ms
19ms Script
application/javascript 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/up/pixie.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=cadeda36c756ad14e35322721241c57b-1620803493
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3883ff2a5b46193da5464f5ae5fb94169d1361cfecedbd187439d459dc669f31

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 07:11:37 GMT
Content-Encoding: gzip
Age: 41483
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 2601
X-Served-By: cache-lga21972-LGA, cache-hhn4067-HHN
Access-Control-Allow-Origin: *
Last-Modified: Thu, 14 May 2020 21:04:36 GMT
Server: nginx/1.13.10
X-Timer: S1620803498.595356,VS0,VE0
ETag: W/"5ebdb264-1cfb"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Thu, 10 Dec 2020 19:35:03 GMT
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 1, 11264

GET
H3-29

200

activityi;dc_pre=CIC058XLw_ACFaHnuwgddvQMHg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9193483728087.191 Show response
8228261.fls.doubleclick.net/ Frame 1986
Redirect Chain

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9193483728087.191?
https://8228261.fls.doubleclick.net/activityi;dc_pre=CIC058XLw_ACFaHnuwgddvQMHg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=919348372808...

402 B
354 B

99ms
70ms

Document
text/html

172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8228261.fls.doubleclick.net/activityi;dc_pre=CIC058XLw_ACFaHnuwgddvQMHg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9193483728087.191?

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=cadeda36c756ad14e35322721241c57b-1620803493

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f102.1e100.net

Software

cafe /

Resource Hash

1cc6c7bca002c0669955b203a629edf60067e4884a0aee73b74c5a2466cb7506

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8228261.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CIC058XLw_ACFaHnuwgddvQMHg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9193483728087.191?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 12 May 2021 07:11:37 GMT
expires: Wed, 12 May 2021 07:11:37 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 329
x-xss-protection: 0
set-cookie: IDE=AHWqTUm4X5TgEPdnKRclEcfieu0bY3MOn9gFXU4lHZYY6R25sBA0P1IHe8rO8dq2Klo; expires=Mon, 06-Jun-2022 07:11:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 12 May 2021 07:11:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8228261.fls.doubleclick.net/activityi;dc_pre=CIC058XLw_ACFaHnuwgddvQMHg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9193483728087.191?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

activityi;dc_pre=CKS158XLw_ACFdDmuwgd3RQApA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1856609321408.1736 Show response
8228261.fls.doubleclick.net/ Frame F06A
Redirect Chain

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1856609321408.1736?
https://8228261.fls.doubleclick.net/activityi;dc_pre=CKS158XLw_ACFdDmuwgd3RQApA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=185660932140...

403 B
356 B

100ms
71ms

Document
text/html

172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8228261.fls.doubleclick.net/activityi;dc_pre=CKS158XLw_ACFdDmuwgd3RQApA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1856609321408.1736?

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=cadeda36c756ad14e35322721241c57b-1620803493

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f102.1e100.net

Software

cafe /

Resource Hash

10fe77bc0b1fdb744ee733cf86d6250c647a0578357eff24c58354cba6475084

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8228261.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CKS158XLw_ACFdDmuwgd3RQApA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1856609321408.1736?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 12 May 2021 07:11:37 GMT
expires: Wed, 12 May 2021 07:11:37 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 331
x-xss-protection: 0
set-cookie: IDE=AHWqTUm-YZJO1J-vQrbu-HtXNmaC-5h2qCKuhcZbm68rSnButKmfB2vcro0-s1GLS80; expires=Mon, 06-Jun-2022 07:11:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 12 May 2021 07:11:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8228261.fls.doubleclick.net/activityi;dc_pre=CKS158XLw_ACFdDmuwgd3RQApA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1856609321408.1736?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame D68E 84 KB
33 KB 19ms
18ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-820018408

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7ac6aea4c5148c81355de9ff2078352dd22b8db8578ee768cada8ee3f0402cd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34055
x-xss-protection: 0
last-modified: Wed, 12 May 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 12 May 2021 07:11:37 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame 87DE 43 KB
16 KB 35ms
34ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

63df23aa8bd4d44c5696ef1e1efd1db5ea25d377f224ac63d76a4962d30ebff3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16679
x-xss-protection: 0
server: cafe
etag: 15134314911112061051
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 12 May 2021 07:11:37 GMT

GET
H2 200 activity
au-gmtdmp.mookie1.com/t/v2/ Frame 1616 43 B
609 B 325ms
269ms Image
image/gif 35.227.202.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296557&src.rand=[timestamp]
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.202.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 26.202.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:37 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK px
secure.adnxs.com/ Frame B3E0 43 B
970 B 143ms
103ms Image
image/gif 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/px?id=879166&seg=9702347&t=2

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 07:11:37 GMT
X-Proxy-Origin: 185.232.21.100; 185.232.21.100; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.141:80
AN-X-Request-Uuid: 58655146-c1f2-4ec9-a711-a2cf3a8b50fd
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK px
secure.adnxs.com/ 0
954 B 67ms
27ms Image
application/javascript 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 07:11:37 GMT
X-Proxy-Origin: 185.232.21.100; 185.232.21.100; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.238:80
AN-X-Request-Uuid: b141ecf0-e9af-41e0-acac-3cd228815d5b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK px
secure.adnxs.com/ 0
954 B 72ms
32ms Image
application/javascript 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/px?id=1049968&seg=15374298&t=1

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 07:11:37 GMT
X-Proxy-Origin: 185.232.21.100; 185.232.21.100; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.176:80
AN-X-Request-Uuid: 8ac0a4f2-cf7e-45e5-bfea-ff8ccaaaf6b4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 71B3 0
0 88ms
57ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstVU3T9cfqNaTmw9BFIm8zCScOcWJ4rZo_J6cbKzNOJis_Pa7TllMGBjHVhAvteznfB-qRw_-6vyXOZQD6OK_bmGj4yg7WVv9EWviHR5b6ix8pRCm7ManBzIIyx3h7xTqV1ctqXGic8F8zGGunS45EBv0kp2I-PpoRMvyG-LXApE1ncM-bvxUyC_eBhJ5IB9oW7676YJZXrSbEOOWtxVWtf8l-A9uSZuHkhrsrXF9PTETgZluE4z907wGuOH39pejCOfpw0I25va_RjYfR51wQEP4p0JaSw9HOF4G_YbESTCpAocg&sai=AMfl-YSNc3PZ21MSFw4IKiy_DQ29eZYY5myXKVvS5qROB4Kwv98D8gkA4gfLAUgB9jdWLcWCo0FD_GOAfFsS&sig=Cg0ArKJSzC_Z8toA2r57EAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 07:11:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

ibs:dpid=470&dpuuid=8108158609362032713
dpm.demdex.net/ Frame C8DF
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
https://dpm.demdex.net/ibs:dpid=470&dpuuid=8108158609362032713

42 B
979 B

44ms
43ms

Image
image/gif

52.214.120.236
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=470&dpuuid=8108158609362032713

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.214.120.236 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-214-120-236.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcscanary-prod-irl1-1-v013-05fef94bb.edge-irl1.demdex.com 6.2.1.20210507120117-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: nAPPA0epQ9E=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=470&dpuuid=8108158609362032713
pragma: no-cache
date: Wed, 12 May 2021 07:11:37 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 32F0 0
0 59ms
59ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstuOkPdEjNqZDB6l18VvoV50svoUpEurY-81boAESIfIOPtXqQI3_cycecxKZ0LZ5zmKmKZuMIPiDoGWSmaZH2eMfqx5O9e9yLgjKwNezmOaKr1dgmr1vnAJw2NMv5xbutBlQcC9cXtwC7_mcVysyybMdrAbkQS-U2KSXWJw85rxdes123AZ3C0miQKe7m7u7KcQOTqo_CsG2lWTV0yr2czTAL45vf96zMswv_Z1NwkzkaGuv33AhW26KVSbrcnXQI39V0ojxz_onAmOpBZijG2pi51DjQmWIoqcnYYSVV5yaOShA&sai=AMfl-YSta8YFn-c7nk5HCL87tuCHzLnLAe_oGKjLU-Q41Ikax3d-AtQDjAUCsncJkJwtuQtwZTogM7bJcYfh&sig=Cg0ArKJSzPVLtjmscthUEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 07:11:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H2 204 bulk Show response
trc.taboola.com/newscorpau-aud-heraldsun/log/3/ 0
106 B 82ms
81ms XHR
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/newscorpau-aud-heraldsun/log/3/bulk?route=AM%3AIL%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210506-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 58
pragma: no-cache
date: Wed, 12 May 2021 07:11:37 GMT
via: 1.1 varnish
server: nginx
x-timer: S1620803498.625067,VS0,VE58
x-served-by: cache-fra19136-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.heraldsun.com.au
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
DATA 200
OK truncated
/ Frame D477 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f416e7e6a79c9708cbf1d9fa967c39f37ab69286a79231fb3993ad355b4e1633

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 16AB 46 KB
13 KB 36ms
36ms Script
application/javascript 34.252.255.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025548&pubOrder=305536031&cb=1120252209&custom=homepage&custom3=168400391&adsafe_par&impId=4a7b9e9c-b2f1-11eb-b656-024bf4a6d028
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.255.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-255-244.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 9d886c09639abe65197c39a41a7466b384546740d3c0399e5639eaf07b8662fc

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:37 GMT
content-encoding: gzip
x-server-name: app36.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame D477 0
0 57ms
56ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss9AsxTIefPrb9JytOVM-PCc62DQXlADkXQBteGV_0AYlUbY2ibzYO0-PEKs3Tg_464VuAGLr7wLN8dnrAWFknSM2oCrVT6nnWHT_wMcFFq_fIQyAzK8S6lJhxLtYWtraanwif9IfXMQqSJTHqRK4No-c0E4EGafAH2hNDLy1vWEj3MUBQgVQPJpQ-qkKwRRC3V80sZxVa73PucePePMgWKjrV1A2vDL1frD67-gTeIMUumvpYwxnPUGKY_Mnb-UVa6HGZEXrJs5aiWn-7d-owWwmvdqfCgl_uIFtfUSrzzK8FpXQ&sai=AMfl-YTOYUhFHe9JHG1BqLJLMxWnB2LBpH-ZY_qjyEytU2JH24w-7LeTp1l_MPf-HKEGscHf7GFDMYiAFkCU&sig=Cg0ArKJSzEHTqSokMxYGEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 07:11:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 89A0 0
0 57ms
57ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssYsi46rNYTie1j1zdJMc1WKlsJr37PJ3kuDNHR8_kcpcrEfgE7BuBZqsMrxa-BWu-ZTPELeVEOPVGT6pFP1qVYi-LVw0QbYLZnxEdB-Y00_0_Oeht3dypP99Ua8JK_eqL7EFdBhA6h4V_LiRNWKOTHwVqD-KYYBlnsqOzwf-o63EeSEVaxRQg1wqF-v8ESbIPnooJJMWEEimI52SzbrMCsGy9JtI3TWeCrK8T3K6xQemEstNFbLO0_KkEAB9nQpMlyD2wnVv3ohJuxFA7uZUyYNifNsIO8A40JqiZMwJamoUIpJQ&sai=AMfl-YTn06wnxKofQIU3oKgBCFj0PURjvj7YNhYkrdY4RTdn2EwDNnUwwS0BDHL5n9Gev6VvYH8Jt7hZVD6o&sig=Cg0ArKJSzFXGcZfcbiVEEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 07:11:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 89A0 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 70840f3c5c4517f5d6f11736d0cf28114848de8297c64b489fe193c33e7eb3b8

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame B6D9 46 KB
13 KB 37ms
36ms Script
application/javascript 34.252.255.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234082178&pubOrder=305536031&cb=1089760220&custom=homepage&custom3=168400391&adsafe_par&impId=4a7b9e9d-b2f1-11eb-b656-024bf4a6d028
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.255.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-255-244.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2f939ce3a2e22065419e854180a0ecfca93facb96aab5bc93ae315b8046455a3

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:37 GMT
content-encoding: gzip
x-server-name: app10.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
DATA 200
OK truncated
/ Frame 7C50 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7afa0fda5f57c3fa3de612a0bb7416fc09d40193c83e46811a8991b99a5545f2

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame B48C 46 KB
13 KB 37ms
37ms Script
application/javascript 34.252.255.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092474&pubOrder=305536031&cb=1859492730&custom=homepage&custom3=168400391&adsafe_par&impId=4a7b9e9e-b2f1-11eb-b656-024bf4a6d028
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.255.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-255-244.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2cca2a2358b941a80ef2902f96031b3772c7632f36b8068d493c422ed6373b8f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:37 GMT
content-encoding: gzip
x-server-name: app03.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7C50 0
0 57ms
57ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuc1Gs9M2zUVC7UvuKSUnqEILxxSHsz588ZIYVRewCqrjhl9hF8RWJ9KcWmWDFh23KsEfL4ZpJXoo1Txos0WKvpjP1YGBQLtUQl9V8OyHhaynnvUQNy5cO5WVYVAtW9CXO-mYItC0wg96c7kra8gmBs8B6bud-fsu8U7ENWc4eaHN_4w9jpVIOEKlLEfoTXJi35HjlLh2ujjRGavV0UUOmtyQkhgMSwngbCOKuumKzk6GvQYGWQzkYEehObnsxYjLUK2-uebWRvOqmumuA8xo2Mzux0xFzbG_TVxj_rebNdEI4bdg&sai=AMfl-YS-7zRgoTUw1hVlETmgvedXyNiZ0UDh9MEKFl9lC2nzpi4bS9I9WCHe_Y_m2VULy3mRZ5vsAFygboTr&sig=Cg0ArKJSzDOl4hK4Zo2rEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 07:11:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame C8DF 0
214 B 101ms
25ms Image
text/plain 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=6404&puid=77209328200338166100765293161322666226&gdpr=0&gdpr_consent=
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 188 KB
53 KB 23ms
20ms Script
application/javascript 2600:9000:2190:d400:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:d400:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e9b1e9b290756c5ebc9849983de1f7d7db1685f76386ada579863f26897ec5f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: peRL4Yb0Ubr51vTPkyyXuScofZHOG6Uw
content-encoding: gzip
etag: W/"60cee9f8a6ab7076638a1b6a01bc9269"
last-modified: Wed, 28 Apr 2021 14:18:22 GMT
server: AmazonS3
age: 3187
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Wed, 12 May 2021 06:18:31 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: bZCgx3QGSqwlQGO6SXgas22EyMLoycH_rYADucDca0Pg-iqDCvcZng==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/ Frame 87DE 2 KB
1 KB 26ms
23ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/?random=1620803497743&cv=9&fst=1620803497743&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27ecd3aace31ee40182aec0f073901d1dc9c739f5493fea3e8c67e029f0d92fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 979
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/ Frame B3E3
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1620803497797&url=https%3A%2F%2Fwww.heraldsun.com.au%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26time%3D1620803497797%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1620803497797&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1620803497797&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&liSync=true&e_ipv6=AQIiAznFc2cNNgAAAXlfarHXo5Pgjo8PAr7hwL5Bhn8KQcGJX2wCe5l_t...

0
155 B

1337ms
118ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1620803497797&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&liSync=true&e_ipv6=AQIiAznFc2cNNgAAAXlfarHXo5Pgjo8PAr7hwL5Bhn8KQcGJX2wCe5l_t1G3KYSRMctHhZDu
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:39 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-edc2
content-type: application/javascript
content-length: 0
x-li-uuid: qVibFzJAfhaAYs8WDysAAA==

Redirect headers

date: Wed, 12 May 2021 07:11:38 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1620803497797&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&liSync=true&e_ipv6=AQIiAznFc2cNNgAAAXlfarHXo5Pgjo8PAr7hwL5Bhn8KQcGJX2wCe5l_t1G3KYSRMctHhZDu
x-li-proto: http/2
x-li-pop: prod-ech2
content-length: 0
x-li-uuid: zCM+xDFAfhZgNFpBCSsAAA==

GET
H2 200 main.gr.19.8.198.js Show response
static.adsafeprotected.com/ Frame 36F5 182 KB
58 KB 161ms
91ms Script
application/javascript 54.76.195.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.198.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025461&pubOrder=305536031&cb=680797797&custom=homepage&custom3=168400391&adsafe_par&impId=4a7b9e9a-b2f1-11eb-b656-024bf4a6d028
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.195.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: f3e6e25d787a95a0d90f41dc93958920a16c6498130914ee14e3bf72b09d34ec

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:37 GMT
content-encoding: gzip
last-modified: Fri, 07 May 2021 15:54:21 GMT
server: nginx/1.16.1
etag: W/"66c7ceb040197cc2f4530f680aec8772"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H/1.1 200
OK pixie
ib.adnxs.com/ Frame 0119 42 B
353 B 18ms
17ms Image
image/gif 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/pixie?e=PageView&pi=4332873b-84ca-4d4d-a575-ee974bcdf99a&it=1620803497807&v=0.0.15&u=https%3A%2F%2Fwww.heraldsun.com.au%2F&r=https%3A%2F%2Fwww.heraldsun.com.au%2F&st=1620803497807&et=1620803497808&if=1
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: nginx/1.17.9 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 07:11:37 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx/1.17.9
Connection: keep-alive
X-Proxy-Origin: 185.232.21.100; 185.232.21.100; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 10.2.80.148:80
Content-Length: 42
Content-Type: image/gif

GET
H2 200 main.gr.19.8.198.js Show response
static.adsafeprotected.com/ Frame C72C 182 KB
58 KB 132ms
80ms Script
application/javascript 54.76.195.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.198.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092441&pubOrder=305536031&cb=375719769&custom=homepage&custom3=168400391&adsafe_par&impId=4a7b9e9b-b2f1-11eb-b656-024bf4a6d028
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.195.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: f3e6e25d787a95a0d90f41dc93958920a16c6498130914ee14e3bf72b09d34ec

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:37 GMT
content-encoding: gzip
last-modified: Fri, 07 May 2021 15:54:21 GMT
server: nginx/1.16.1
etag: W/"66c7ceb040197cc2f4530f680aec8772"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 main.gr.19.8.198.js Show response
static.adsafeprotected.com/ Frame 16AB 182 KB
58 KB 131ms
92ms Script
application/javascript 54.76.195.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.198.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025548&pubOrder=305536031&cb=1120252209&custom=homepage&custom3=168400391&adsafe_par&impId=4a7b9e9c-b2f1-11eb-b656-024bf4a6d028
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.195.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: f3e6e25d787a95a0d90f41dc93958920a16c6498130914ee14e3bf72b09d34ec

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:37 GMT
content-encoding: gzip
last-modified: Fri, 07 May 2021 15:54:21 GMT
server: nginx/1.16.1
etag: W/"66c7ceb040197cc2f4530f680aec8772"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H3-29 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 3A1B 36 KB
14 KB 43ms
41ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-707564276

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

997f5bfb9f0c74974ec265633b71dd76c5f0224611dd26775db3cc823ec24947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14057
x-xss-protection: 0
server: cafe
etag: 15306424688967737279
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 12 May 2021 07:11:37 GMT

GET
H3-29 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame D68E 36 KB
14 KB 37ms
37ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-820018408

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

997f5bfb9f0c74974ec265633b71dd76c5f0224611dd26775db3cc823ec24947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14057
x-xss-protection: 0
server: cafe
etag: 15306424688967737279
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 12 May 2021 07:11:37 GMT

GET
H2 200 adsct
t.co/i/ Frame B09E 43 B
458 B 182ms
134ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o3flk&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2F

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_devel /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Wed, 12 May 2021 07:11:37 GMT
server: tsa_devel
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: fed74d8b7283ddd34c3f6309e5564975875e802b60b10004bd75630d97ac5c5b
x-transaction: 1f9165ab59b2b6e3
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 main.gr.19.8.198.js Show response
static.adsafeprotected.com/ Frame B6D9 182 KB
58 KB 64ms
52ms Script
application/javascript 54.76.195.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.198.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234082178&pubOrder=305536031&cb=1089760220&custom=homepage&custom3=168400391&adsafe_par&impId=4a7b9e9d-b2f1-11eb-b656-024bf4a6d028
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.195.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: f3e6e25d787a95a0d90f41dc93958920a16c6498130914ee14e3bf72b09d34ec

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:37 GMT
content-encoding: gzip
last-modified: Fri, 07 May 2021 15:54:21 GMT
server: nginx/1.16.1
etag: W/"66c7ceb040197cc2f4530f680aec8772"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 main.gr.19.8.198.js Show response
static.adsafeprotected.com/ Frame B48C 182 KB
58 KB 89ms
89ms Script
application/javascript 54.76.195.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.198.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092474&pubOrder=305536031&cb=1859492730&custom=homepage&custom3=168400391&adsafe_par&impId=4a7b9e9e-b2f1-11eb-b656-024bf4a6d028
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.195.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: f3e6e25d787a95a0d90f41dc93958920a16c6498130914ee14e3bf72b09d34ec

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:37 GMT
content-encoding: gzip
last-modified: Fri, 07 May 2021 15:54:21 GMT
server: nginx/1.16.1
etag: W/"66c7ceb040197cc2f4530f680aec8772"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEGbwuUEVQcdgsJhQDgSM9hE&google_cver=1
dpm.demdex.net/ Frame C8DF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NzcyMDkzMjgyMDAzMzgxNjYxMDA3NjUyOTMxNjEzMjI2NjYyMjY=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEGbwuUEVQcdgsJhQDgSM9hE&google_cver=1?gdpr=0&gdpr_consent=

42 B
973 B

40ms
39ms

Image
image/gif

52.214.120.236
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEGbwuUEVQcdgsJhQDgSM9hE&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.214.120.236 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-214-120-236.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v006-0a365d8bd.edge-irl1.demdex.com 6.2.1.20210507120117-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 4EXVdlBKT4o=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:37 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEGbwuUEVQcdgsJhQDgSM9hE&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/859754747/ Frame 87DE 42 B
74 B 22ms
22ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/859754747/?random=1620803497743&cv=9&fst=1620802800000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=2517441250&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/859754747/ Frame 87DE 42 B
108 B 21ms
20ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/859754747/?random=1620803497743&cv=9&fst=1620802800000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=2517441250&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 dc_pre=CIC058XLw_ACFaHnuwgddvQMHg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9193483728087.191
adservice.google.com/ddm/fls/z/ Frame 1986 42 B
63 B 56ms
41ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CIC058XLw_ACFaHnuwgddvQMHg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9193483728087.191

Requested by

Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CIC058XLw_ACFaHnuwgddvQMHg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9193483728087.191?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8228261.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ls.html Show response
cdn-gl.imrworldwide.com/novms/html/ Frame 857A 12 KB
4 KB 14ms
13ms Document
text/html 2600:9000:2190:d400:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:d400:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

:method: GET
:authority: cdn-gl.imrworldwide.com
:scheme: https
:path: /novms/html/ls.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

content-type: text/html
last-modified: Wed, 28 Apr 2021 14:18:22 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: qVegwTBMlTpBRiATWIEjsovJ4qexekXG
server: AmazonS3
content-encoding: gzip
date: Wed, 12 May 2021 07:06:11 GMT
cache-control: max-age=86400
etag: W/"7fa83dfc7b78314b137e2eb13834daa7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: 8_D-ZUbxEdW1NX-oeMpKhlbgjb60Xi63BhSVkMSu_zNlES4FAx1HEQ==
age: 327

GET
H3-29 200 dc_pre=CKS158XLw_ACFdDmuwgd3RQApA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1856609321408.1736
adservice.google.com/ddm/fls/z/ Frame F06A 42 B
63 B 42ms
42ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKS158XLw_ACFdDmuwgd3RQApA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1856609321408.1736

Requested by

Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CKS158XLw_ACFdDmuwgd3RQApA;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1856609321408.1736?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8228261.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/ Frame 3A1B 2 KB
1 KB 72ms
69ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/?random=1620803497929&cv=9&fst=1620803497929&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa550&sendb=1&ig=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

6f4d16601160de9199cd798c53ec850bc9a4f1861749f9951a75757393be3ab8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1019
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/ Frame D68E 2 KB
1 KB 38ms
38ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/?random=1620803497934&cv=9&fst=1620803497934&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa550&sendb=1&ig=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

5eb441ddf15717dfd930b2fcf3fb431cb9cda5a2ecf2feb875902f96e8758947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1021
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gn
secure-dcr.imrworldwide.com/cgi-bin/ Frame 857A 44 B
530 B 105ms
35ms Image
image/gif 54.73.48.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&sessionId=xdyi6ybxuapcdzzigbvboajpbuuwp1620803497&c16=sdkv,bj.6.0.0&uoo=&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&c30=bldv,6.0.0.594&retry=0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.73.48.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:38 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 /
xdyi6ybxuapcdzzigbvboajpbuuwp1620803497.nuid.imrworldwide.com/ Frame 857A 35 B
347 B 45ms
6ms Image
image/gif 2600:9000:211e:4200:1d:667e:2a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xdyi6ybxuapcdzzigbvboajpbuuwp1620803497.nuid.imrworldwide.com/
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:4200:1d:667e:2a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 06:34:58 GMT
via: 1.1 3fdf3aacaef6ec40c4eedb85c8144da2.cloudfront.net (CloudFront)
last-modified: Tue, 11 Sep 2018 17:05:20 GMT
server: AmazonS3
age: 7784
etag: "c2196de8ba412c60c22ab491af7b1409"
x-cache: Hit from cloudfront
content-type: image/gif
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 35
x-amz-cf-id: KUiyqsP6igOXbhxu2s7oM3W6BoGwVA_7xXkSCaRS98DoJpIcs82I2w==

GET
H2 200 sca.17.5.5.js Show response
static.adsafeprotected.com/ Frame 8938 82 KB
21 KB 34ms
33ms Script
application/javascript 54.76.195.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.5.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.195.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:38 GMT
content-encoding: gzip
last-modified: Thu, 29 Apr 2021 15:29:23 GMT
server: nginx/1.16.1
age: 336128
etag: W/"5356fa8b6073c3eb408487be61ef7d77"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 39ms
38ms Image
image/gif 34.252.255.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=10x10|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234082178&pubOrder=305536031&cb=1089760220&custom=homepage&custom3=168400391&adsafe_par&impId=4a7b9e9d-b2f1-11eb-b656-024bf4a6d028&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:6b618280-764a-0f1e-1641-038be3006132,c:cnYCF1,sl:outOfView,em:true,fr:true,mn:app10ie,pt:1-5-15,wc:0.0.1600.1200,ac:795.10531.10.10,am:i,cc:795.10531.10.10,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:sxb8iEZ+11%7C12%7C13%7C141%7C151%7C161%7C17*.10507%7C171%7C181%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m,idMap:17*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:147,oid:4acf166c-b2f1-11eb-9834-0634eb268b40,v:19.8.198,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.255.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-255-244.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:38 GMT
x-server-name: app14.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1

200
OK

ibs:dpid=903&dpuuid=d2a7f5c6-c33e-4320-b3e0-6cf02f77c07e
dpm.demdex.net/ Frame C8DF
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://dpm.demdex.net/ibs:dpid=903&dpuuid=d2a7f5c6-c33e-4320-b3e0-6cf02f77c07e

42 B
973 B

44ms
44ms

Image
image/gif

52.214.120.236
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=903&dpuuid=d2a7f5c6-c33e-4320-b3e0-6cf02f77c07e

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.214.120.236 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-214-120-236.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v006-02a5ca202.edge-irl1.demdex.com 6.2.1.20210507120117-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: PEQ1ZKVBTPM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:38 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dpm.demdex.net/ibs:dpid=903&dpuuid=d2a7f5c6-c33e-4320-b3e0-6cf02f77c07e
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 189

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/820018408/ Frame D68E 42 B
74 B 22ms
22ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/820018408/?random=1620803497934&cv=9&fst=1620802800000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa550&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=4159683802&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.be/pagead/1p-user-list/820018408/ Frame D68E 42 B
108 B 43ms
22ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.be/pagead/1p-user-list/820018408/?random=1620803497934&cv=9&fst=1620802800000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa550&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=4159683802&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 273ms
90ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=6b618280-764a-0f1e-1641-038be3006132&tv=%7Bc:cnYCFS,pingTime:-2,time:199,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:189,beZ:191,mfA:302,cmA:304,inA:305,inZ:311,prA:311,prZ:326,si:336,poA:337,poZ:349,cmZ:349,mfZ:349,loA:375,loZ:378,ltA:387,ltZ:387%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:10,h:10,t:146%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:199,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:145,wc:0.0.1600.1200,ac:795.10531.10.10,am:i,cc:795.10531.10.10,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B80~0%5D,as:%5B80~10.10%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sxb8iEZ+11%7C12%7C13%7C141%7C151%7C161%7C17*.10507%7C171%7C181%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m,idMap:17*,rmeas:1,rend:0,renddet:IMG.us,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_3,google_ads_iframe_/5129/ndm.hwt/home_3__container__,ad-block-1000x50-1%5D,sinceFw:50,readyFired:true%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 07:11:38 GMT
X-Server-Name: dt34.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/707564276/ Frame 3A1B 42 B
74 B 20ms
19ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/707564276/?random=1620803497929&cv=9&fst=1620802800000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa550&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=689208425&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.be/pagead/1p-user-list/707564276/ Frame 3A1B 42 B
552 B 35ms
21ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.be/pagead/1p-user-list/707564276/?random=1620803497929&cv=9&fst=1620802800000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa550&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=689208425&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET 28fb22b
login.newscorpaustralia.com/akam/11/ Frame E99E 0
0

GET fbc6eb3f718ti1818f0a460e313428da5
login.newscorpaustralia.com/staticweb/ Frame E99E 0
0

GET
H2 200 sca.17.5.5.js Show response
static.adsafeprotected.com/ Frame 28C9 82 KB
21 KB 33ms
33ms Script
application/javascript 54.76.195.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.5.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.195.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:38 GMT
content-encoding: gzip
last-modified: Thu, 29 Apr 2021 15:29:23 GMT
server: nginx/1.16.1
age: 335221
etag: W/"5356fa8b6073c3eb408487be61ef7d77"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 42ms
42ms Image
image/gif 34.252.255.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092474&pubOrder=305536031&cb=1859492730&custom=homepage&custom3=168400391&adsafe_par&impId=4a7b9e9e-b2f1-11eb-b656-024bf4a6d028&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:1484569c-6983-091a-c2c7-18f7f71c864c,c:cnYCGr,sl:outOfView,em:true,fr:true,mn:app03ie,pt:1-5-15,wc:0.0.1600.1200,ac:800.3461.1.1,am:i,cc:800.3461.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:sxb8iFe+11%7C12%7C131%7C141%7C151%7C161%7C162%7C17*.10507%7C171%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l,idMap:17*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:220,oid:4ad24a28-b2f1-11eb-885c-0a6fa201f3de,v:19.8.198,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.255.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-255-244.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:38 GMT
x-server-name: app30.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 sca.17.5.5.js Show response
static.adsafeprotected.com/ Frame 6483 82 KB
21 KB 33ms
33ms Script
application/javascript 54.76.195.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.5.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.195.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:38 GMT
content-encoding: gzip
last-modified: Thu, 29 Apr 2021 15:29:23 GMT
server: nginx/1.16.1
age: 333487
etag: W/"5356fa8b6073c3eb408487be61ef7d77"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 34ms
34ms Image
image/gif 34.252.255.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025461&pubOrder=305536031&cb=680797797&custom=homepage&custom3=168400391&adsafe_par&impId=4a7b9e9a-b2f1-11eb-b656-024bf4a6d028&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:b3e60c8d-244f-8968-3864-018d9b24b41b,c:cnYCGJ,sl:outOfView,em:true,fr:true,mn:app14ie,pt:1-5-15,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:sxb8iE4+11%7C12%7C13*.10507%7C131%7C141%7C151%7C161%7C162%7C171%7C172%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l,idMap:13*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:310,oid:4abd148f-b2f1-11eb-8899-02c390e9b11a,v:19.8.198,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.255.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-255-244.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:38 GMT
x-server-name: app36.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 sca.17.5.5.js Show response
static.adsafeprotected.com/ Frame B84F 82 KB
21 KB 33ms
33ms Script
application/javascript 54.76.195.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.5.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.195.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:38 GMT
content-encoding: gzip
last-modified: Thu, 29 Apr 2021 15:29:23 GMT
server: nginx/1.16.1
age: 336432
etag: W/"5356fa8b6073c3eb408487be61ef7d77"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
215 B 38ms
34ms Image
image/gif 34.252.255.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092441&pubOrder=305536031&cb=375719769&custom=homepage&custom3=168400391&adsafe_par&impId=4a7b9e9b-b2f1-11eb-b656-024bf4a6d028&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:3a3d93f8-953e-8477-a013-c61d9b0f7d1a,c:cnYCH2,sl:outOfView,em:true,fr:true,mn:app25ie,pt:1-5-15,wc:0.0.1600.1200,ac:1273.479.1.1,am:i,cc:1273.479.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:sxb8iEg+11%7C12%7C131%7C132%7C14*.10507%7C141%7C151%7C161%7C162%7C171%7C172%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l,idMap:14*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:317,oid:4abd3bb3-b2f1-11eb-bb15-06a809c23df0,v:19.8.198,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.255.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-255-244.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:38 GMT
x-server-name: app10.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 sca.17.5.5.js Show response
static.adsafeprotected.com/ Frame 55D3 82 KB
21 KB 33ms
33ms Script
application/javascript 54.76.195.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.5.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.195.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:38 GMT
content-encoding: gzip
last-modified: Thu, 29 Apr 2021 15:29:23 GMT
server: nginx/1.16.1
age: 333922
etag: W/"5356fa8b6073c3eb408487be61ef7d77"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
215 B 47ms
46ms Image
image/gif 34.252.255.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025548&pubOrder=305536031&cb=1120252209&custom=homepage&custom3=168400391&adsafe_par&impId=4a7b9e9c-b2f1-11eb-b656-024bf4a6d028&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:da2f4caf-bb63-9290-726e-41c790a39ca6,c:cnYCHn,sl:outOfView,em:true,fr:true,mn:app36ie,pt:1-5-15,wc:0.0.1600.1200,ac:1274.9522.1.1,am:i,cc:1274.9522.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:sxb8iEy+11%7C12%7C131%7C132%7C141%7C142%7C15*.10507%7C151%7C161%7C162%7C171%7C172%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l,idMap:15*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:320,oid:4acad00a-b2f1-11eb-a7c6-06c3831123e5,v:19.8.198,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.255.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-255-244.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:38 GMT
x-server-name: app12.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 campaigns Show response
resourcesssl.newscdn.com.au/indies/ 2 KB
1 KB 26ms
24ms XHR
application/json 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22homepage%22,site:%22heraldsun.com.au%22,section:%22/home%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Requested by: Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: Google Frontend / Express
Resource Hash: 69994216d17a01b471e361346070a4857702ca459488f77ad13117e6bfdaa402

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 12 May 2021 07:11:38 GMT
content-encoding: gzip
etag: W/"6c5-2Cf+LK6zp75QKWlBlEfA0iWfoJI"
x-powered-by: Express
x-cache-hits: 0
content-length: 665
x-served-by: cache-ams21038-AMS
server: Google Frontend
x-timer: S1620619672.652958,VS0,VE266
x-i: true
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 848c72c44ecb139f48f84366f5c190d1
cache-control: private, max-age=420953
function-execution-id: lpkznunb5hwa
accept-ranges: bytes
x-orig-accept-language: en-US
x-country-code: DE
expires: Mon, 17 May 2021 04:07:31 GMT

OPTIONS
H2 204 campaigns
resourcesssl.newscdn.com.au/indies/ Frame 0
0 330ms
329ms Preflight
text/html 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22homepage%22,site:%22heraldsun.com.au%22,section:%22/home%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Protocol: H2
Server: 104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.heraldsun.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
content-type: text/html
function-execution-id: dt14dy01wy5f
server: Google Frontend
x-cloud-trace-context: 4926731639c568a2f93190699046ff96
x-country-code: DE
x-orig-accept-language: en-US
x-powered-by: Express
accept-ranges: bytes
x-served-by: cache-ams21065-AMS
x-cache-hits: 0
x-timer: S1620803498.177770,VS0,VE290
cache-control: private, max-age=604799
expires: Wed, 19 May 2021 07:11:37 GMT
date: Wed, 12 May 2021 07:11:38 GMT
x-i: true

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 257ms
91ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=6b618280-764a-0f1e-1641-038be3006132&tv=%7Bc:cnYCHC,pingTime:-2.1,time:307,type:a,env:%7Bar:self.0%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:10,h:10,t:146%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:307,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:145,wc:0.0.1600.1200,ac:795.10531.10.10,am:i,cc:795.10531.10.10,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B188~0%5D,as:%5B188~10.10%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sxb8iEZ+11%7C12%7C13%7C141%7C151%7C161%7C17*.10507%7C171%7C181%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m,idMap:17.1484569c-6983-091a-c2c7-18f7f71c864c.77_10507%7C17*,rmeas:1,rend:0,renddet:IMG.us,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_3,google_ads_iframe_/5129/ndm.hwt/home_3__container__,ad-block-1000x50-1%5D,sinceFw:50,readyFired:true%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 07:11:38 GMT
X-Server-Name: dt34.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 404
Not Found usersync.html
image5.pubmatic.com/AdServer/usersync/ Frame C8DF 0
0 91ms
34ms Image
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 233ms
94ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=1484569c-6983-091a-c2c7-18f7f71c864c&tv=%7Bc:cnYCIj,pingTime:-2,time:335,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:183,beZ:184,mfA:391,cmA:392,inA:392,inZ:394,prA:394,prZ:399,si:403,poA:403,poZ:408,cmZ:408,mfZ:408,loA:478,loZ:479,ltA:518,ltZ:518%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:219%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:335,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:219,wc:0.0.1600.1200,ac:800.3461.1.1,am:i,cc:800.3461.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B125~0%5D,as:%5B125~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sxb8iE4+11%7C12%7C13.10507%7C131%7C14.10507%7C141%7C15.10507%7C151%7C161%7C162%7C17*.10507%7C171%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l,idMap:17*,rmeas:1,rend:0,renddet:IMG.us,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_4,google_ads_iframe_/5129/ndm.hwt/home_4__container__,ad-block-728x90-2,newscorpau_ads-168%5D,sinceFw:115,readyFired:true%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 07:11:38 GMT
X-Server-Name: dt41.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 269ms
91ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=b3e60c8d-244f-8968-3864-018d9b24b41b&tv=%7Bc:cnYCIm,pingTime:-2,time:410,type:a,im:%7BpBlk:314,sf:0,pom:1,prf:%7BbeA:311,beZ:312,mfA:609,cmA:610,inA:610,inZ:611,prA:611,prZ:616,si:621,poA:621,bl:625,poZ:625,cmZ:625,mfZ:625,loA:686,loZ:687,ltA:721,ltZ:721%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:309%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:410,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:309,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B110~0%5D,as:%5B110~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sxb8iE4+11%7C12%7C13*.10507%7C131%7C14.10507%7C141%7C15.10507%7C151%7C161%7C162%7C17.10507%7C171%7C172%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l,idMap:13*,rmeas:1,rend:0,renddet:IMG.us,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_0,google_ads_iframe_/5129/ndm.hwt/home_0__container__,ad-block-728x90-1%5D,sinceFw:100,readyFired:true%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 07:11:38 GMT
X-Server-Name: dt59.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 271ms
92ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=3a3d93f8-953e-8477-a013-c61d9b0f7d1a&tv=%7Bc:cnYCIo,pingTime:-2,time:400,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:302,beZ:303,mfA:606,cmA:606,inA:606,inZ:608,prA:608,prZ:614,si:619,poA:619,poZ:626,cmZ:626,mfZ:626,loA:670,loZ:671,ltA:703,ltZ:703%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:316%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:401,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:316,wc:0.0.1600.1200,ac:1273.479.1.1,am:i,cc:1273.479.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B97~0%5D,as:%5B96~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sxb8iE4+11%7C12%7C13.10507%7C131%7C132%7C14*.10507%7C141%7C15.10507%7C151%7C161%7C162%7C17.10507%7C171%7C172%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l,idMap:14*,rmeas:1,rend:0,renddet:IMG.us,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_1,google_ads_iframe_/5129/ndm.hwt/home_1__container__,ad-block-300x250-1,newscorpau_multi_collection-3%5D,sinceFw:83,readyFired:true%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 07:11:38 GMT
X-Server-Name: dt59.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 269ms
92ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=da2f4caf-bb63-9290-726e-41c790a39ca6&tv=%7Bc:cnYCIt,pingTime:-2,time:387,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:194,beZ:195,mfA:501,cmA:502,inA:502,inZ:504,prA:504,prZ:510,si:513,poA:514,poZ:518,cmZ:518,mfZ:518,loA:558,loZ:559,ltA:580,ltZ:580%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:319%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:387,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:319,wc:0.0.1600.1200,ac:1274.9522.1.1,am:i,cc:1274.9522.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B79~0%5D,as:%5B79~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sxb8iE4+11%7C12%7C13.10507%7C131%7C132%7C14.10507%7C141%7C142%7C15*.10507%7C151%7C161%7C162%7C17.10507%7C171%7C172%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l,idMap:15*,rmeas:1,rend:0,renddet:IMG.us,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_2,google_ads_iframe_/5129/ndm.hwt/home_2__container__,ad-block-300x250-2,newscorpau_ads-19,group_3_col-22%5D,sinceFw:66,readyFired:true%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 07:11:38 GMT
X-Server-Name: dt32.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET 28fb22b
login.newscorpaustralia.com/akam/11/ Frame 6EF3 0
0

GET fbc6eb3f718ti1818f0a460e313428da5
login.newscorpaustralia.com/staticweb/ Frame 6EF3 0
0

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 218ms
149ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=1484569c-6983-091a-c2c7-18f7f71c864c&tv=%7Bc:cnYCJs,time:406,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:406,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:219,wc:0.0.1600.1200,ac:800.3461.1.1,am:i,cc:800.3461.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B197~0%5D,as:%5B197~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sxb8iE4+11%7C12%7C13.10507%7C131%7C14.10507%7C141%7C15.10507%7C151%7C161%7C162%7C17*.10507%7C171%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l,idMap:17*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 07:11:38 GMT
X-Server-Name: dt38.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 91ms
90ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=b3e60c8d-244f-8968-3864-018d9b24b41b&tv=%7Bc:cnYCJt,time:479,type:e,im:%7BpWait:12%7D,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:480,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:309,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B180~0%5D,as:%5B180~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sxb8iE4+11%7C12%7C13*.10507%7C131%7C14.10507%7C141%7C15.10507%7C151%7C161%7C162%7C17.10507%7C171%7C172%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l,idMap:13*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 07:11:38 GMT
X-Server-Name: dt34.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 91ms
91ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=3a3d93f8-953e-8477-a013-c61d9b0f7d1a&tv=%7Bc:cnYCJw,time:470,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:470,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:316,wc:0.0.1600.1200,ac:1273.479.1.1,am:i,cc:1273.479.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B166~0%5D,as:%5B165~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sxb8iE4+11%7C12%7C13.10507%7C131%7C132%7C14*.10507%7C141%7C15.10507%7C151%7C161%7C162%7C17.10507%7C171%7C172%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l,idMap:14*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 07:11:38 GMT
X-Server-Name: dt41.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 91ms
91ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=da2f4caf-bb63-9290-726e-41c790a39ca6&tv=%7Bc:cnYCJx,time:453,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:453,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:319,wc:0.0.1600.1200,ac:1274.9522.1.1,am:i,cc:1274.9522.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B145~0%5D,as:%5B145~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sxb8iE4+11%7C12%7C13.10507%7C131%7C132%7C14.10507%7C141%7C142%7C15*.10507%7C151%7C161%7C162%7C17.10507%7C171%7C172%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l,idMap:15*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 07:11:38 GMT
X-Server-Name: dt59.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1

200
OK

ibs:dpid=23728&dpuuid=YJt-qh1UV0GHEQhXaaDQKAAA%261120
dpm.demdex.net/ Frame C8DF
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YJt-qh1UV0GHEQhXaaDQKAAA%261120

42 B
973 B

54ms
53ms

Image
image/gif

52.214.120.236
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YJt-qh1UV0GHEQhXaaDQKAAA%261120

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.214.120.236 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-214-120-236.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v006-0c049be51.edge-irl1.demdex.com 6.2.1.20210507120117-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 6w88oQIrQV4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Wed, 12 May 2021 07:11:38 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YJt-qh1UV0GHEQhXaaDQKAAA%261120
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 264
Expires: Wed, 12 May 2021 07:11:38 GMT

GET
H/1.1

200
OK

ibs:dpid=30432&dpuuid=CI-f1de10fe76d2810a16b763d590e826e9
dpm.demdex.net/ Frame C8DF
Redirect Chain

https://dt.scanscout.com/ssframework/uid?UIAA=77209328200338166100765293161322666226&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-f1de10fe76d2810a16b763d590e826e9

42 B
973 B

39ms
38ms

Image
image/gif

52.214.120.236
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-f1de10fe76d2810a16b763d590e826e9

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.214.120.236 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-214-120-236.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v006-02a5ca202.edge-irl1.demdex.com 6.2.1.20210507120117-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 9xdtuYIMTz4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-f1de10fe76d2810a16b763d590e826e9
Date: Wed, 12 May 2021 07:11:38 GMT
useSecure: true
Server: nginx/1.10.3
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 92ms
90ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=6b618280-764a-0f1e-1641-038be3006132&tv=%7Bc:cnYCMm,pingTime:-10,time:601,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1620803498460%7C%7Ca09c8c57aea2f8789bc7d5e0e115cafb%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C7d1900b5eabc0816557075c020d79cba%7C%7C29a45b7ec3733694e2e3fdda755a11fa%7C%7Cd478ca9c205df6b5fc6b65344faaed03%7C%7Ce3ed5176f24832b997b0ef4fc63de331%7C%7Ce5e49db5bb83003b2fce30137c6d7dbf%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-%7D
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 07:11:38 GMT
X-Server-Name: dt59.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2

200

rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 54E7
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=f53e5f71-abf6-43f0-9997-4da962f9e8a3
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=f53e5f71-abf6-43f0-9997-4da962f9e8a3&tbid=96e73fb6-93b1-4bb5-9a00-02e5c6808771-tuct795052a&query=taboola_hm%3Df53e5f71-abf6-...

0
52 B

32ms
30ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=f53e5f71-abf6-43f0-9997-4da962f9e8a3&tbid=96e73fb6-93b1-4bb5-9a00-02e5c6808771-tuct795052a&query=taboola_hm%3Df53e5f71-abf6-43f0-9997-4da962f9e8a3&isDirect=0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:38 GMT
via: 1.1 varnish
server: nginx
x-timer: S1620803499.651955,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19136-FRA

Redirect headers

location: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=f53e5f71-abf6-43f0-9997-4da962f9e8a3&tbid=96e73fb6-93b1-4bb5-9a00-02e5c6808771-tuct795052a&query=taboola_hm%3Df53e5f71-abf6-43f0-9997-4da962f9e8a3&isDirect=0
tbl-x-upstream: 10.41.12.133:10213
date: Wed, 12 May 2021 07:11:38 GMT
server: nginx
x-fastly-to-nlb-rtt: 5597

GET
H2

200

sd
u.openx.net/w/1.0/ Frame 54E7
Redirect Chain

https://u.openx.net/w/1.0/sd?id=543998486&val=bee2bc59-7cee-4e0d-b107-5aa5de5f0f1c-tuct7950528&gdpr=0&gdpr_consent=
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=bee2bc59-7cee-4e0d-b107-5aa5de5f0f1c-tuct7950528&gdpr=0&gdpr_consent=

43 B
180 B

24ms
24ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=bee2bc59-7cee-4e0d-b107-5aa5de5f0f1c-tuct7950528&gdpr=0&gdpr_consent=
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:38 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=bee2bc59-7cee-4e0d-b107-5aa5de5f0f1c-tuct7950528&gdpr=0&gdpr_consent=
date: Wed, 12 May 2021 07:11:38 GMT
via: 1.1 google
server: OXGW/16.207.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame 54E7 42 B
233 B 263ms
87ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=281&r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fadkernelrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%7BUID%7D
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 07:11:38 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 54E7 0
239 B 106ms
25ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif

GET
H2

204

/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 54E7
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=HcPOjCNhE4Pf&ev=1&orig=trc&pid=562107

0
219 B

18ms
18ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=HcPOjCNhE4Pf&ev=1&orig=trc&pid=562107
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.22.181:10213
date: Wed, 12 May 2021 07:11:39 GMT
server: nginx
x-fastly-to-nlb-rtt: 11634

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=HcPOjCNhE4Pf&ev=1&orig=trc&pid=562107
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-stage-0
expires: -1

GET
H2

200

/
sync.taboola.com/sg/appnexus-network/1/rtb-h/ Frame 54E7
Redirect Chain

https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=3668228889875249141&orig=trc

0
227 B

21ms
19ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=3668228889875249141&orig=trc
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.12.133:10213
date: Wed, 12 May 2021 07:11:38 GMT
server: nginx
x-fastly-to-nlb-rtt: 3990

Redirect headers

Pragma: no-cache
Date: Wed, 12 May 2021 07:11:38 GMT
X-Proxy-Origin: 185.232.21.100; 185.232.21.100; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.75:80
AN-X-Request-Uuid: b1a0f98d-76f9-4508-add1-8c05510a0fdf
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=3668228889875249141&orig=trc
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 54E7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESED86X1tqJkRNtw3KvEPR7d4&google_cver=1

0
188 B

79ms
79ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESED86X1tqJkRNtw3KvEPR7d4&google_cver=1
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 57
date: Wed, 12 May 2021 07:11:38 GMT
via: 1.1 varnish
server: nginx
x-timer: S1620803499.542923,VS0,VE57
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19136-FRA

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESED86X1tqJkRNtw3KvEPR7d4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Pug
simage2.pubmatic.com/AdServer/ Frame 54E7 42 B
805 B 1101ms
22ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=bee2bc59-7cee-4e0d-b107-5aa5de5f0f1c-tuct7950528:$UID
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 07:11:37 GMT
X-lat: amspug006:0:353
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 54E7
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=c45d0d5a-5865-4a48-9d99-84fec7c265c3-tuct795052a

170 B
188 B

33ms
32ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=c45d0d5a-5865-4a48-9d99-84fec7c265c3-tuct795052a

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=c45d0d5a-5865-4a48-9d99-84fec7c265c3-tuct795052a
tbl-x-upstream: 10.40.0.134:10213
date: Wed, 12 May 2021 07:11:38 GMT
server: nginx
x-fastly-to-nlb-rtt: 3993

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 54E7
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=d2a7f5c6-c33e-4320-b3e0-6cf02f77c07e

0
226 B

80ms
80ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=d2a7f5c6-c33e-4320-b3e0-6cf02f77c07e
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 58
date: Wed, 12 May 2021 07:11:38 GMT
via: 1.1 varnish
server: nginx
x-timer: S1620803499.553123,VS0,VE58
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19136-FRA

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:38 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=d2a7f5c6-c33e-4320-b3e0-6cf02f77c07e
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame 54E7
Redirect Chain

https://ce.lijit.com/merge?pid=42&3pid=bee2bc59-7cee-4e0d-b107-5aa5de5f0f1c-tuct7950528&us_privacy=&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=42&3pid=bee2bc59-7cee-4e0d-b107-5aa5de5f0f1c-tuct7950528&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

0
433 B

19ms
19ms

Image
text/plain

72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=42&3pid=bee2bc59-7cee-4e0d-b107-5aa5de5f0f1c-tuct7950528&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 07:11:38 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 12 May 2021 07:11:38 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=42&3pid=bee2bc59-7cee-4e0d-b107-5aa5de5f0f1c-tuct7950528&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame 54E7 49 B
406 B 1259ms
99ms Image
image/gif 198.148.27.139
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=bee2bc59-7cee-4e0d-b107-5aa5de5f0f1c-tuct7950528

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-7c488d4f5b-bdsjx
expires: -1

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 54E7 43 B
697 B 3106ms
25ms Image
image/gif 185.86.138.142
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=bee2bc59-7cee-4e0d-b107-5aa5de5f0f1c-tuct7950528&gdpr=0&gdpr_consent=
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.142 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:41 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 204 put
e1.emxdgt.com/ Frame 54E7 0
59 B 3183ms
22ms Image
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d41&uid=bee2bc59-7cee-4e0d-b107-5aa5de5f0f1c-tuct7950528
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:41 GMT
content-length: 0
content-type: text/html

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 54E7
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=86a8e33f-0868-4506-9d52-1c5374203aa1

0
227 B

18ms
18ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=86a8e33f-0868-4506-9d52-1c5374203aa1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.195:10213
date: Wed, 12 May 2021 07:11:41 GMT
server: nginx
x-fastly-to-nlb-rtt: 10676

Redirect headers

pragma: no-cache
x-errorlevel: 0
server: Microsoft-IIS/10.0
date: Wed, 12 May 2021 07:11:41 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=86a8e33f-0868-4506-9d52-1c5374203aa1
cache-control: no-cache
server-processing-duration-in-ticks: 3392
content-type: text/html; charset=utf-8
content-length: 222
expires: Wed, 12 May 2021 00:00:00 GMT

GET
H/1.1

200

2.gif
id5-sync.com/cq/464/124/6/ Frame 54E7
Redirect Chain

https://id5-sync.com/s/464/9.gif?puid=bee2bc59-7cee-4e0d-b107-5aa5de5f0f1c-tuct7950528&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
https://id5-sync.com/c/464/464/7/1.gif?puid=bee2bc59-7cee-4e0d-b107-5aa5de5f0f1c-tuct7950528&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOFyYm-hwrjE9x7p68iKQJwPgV3LBYJYnhnTupow&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOFyYm-hwrjE9x7p68iKQJwPgV3LBYJYnhnTupow&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp...
https://id5-sync.com/cq/464/124/6/2.gif?puid=db430bc6-c940-41b2-8234-61b7681d8269&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=

43 B
1 KB

25ms
24ms

Image
image/gif

51.89.20.87
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/cq/464/124/6/2.gif?puid=db430bc6-c940-41b2-8234-61b7681d8269&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.20.87 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 07:11:40 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

location: https://id5-sync.com/cq/464/124/6/2.gif?puid=db430bc6-c940-41b2-8234-61b7681d8269&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
date: Wed, 12 May 2021 07:11:40 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

204

rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame 54E7
Redirect Chain

https://s.c.appier.net/taboola
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=_6OIoZRPD0SKa_Oarn-bYA

0
218 B

18ms
18ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=_6OIoZRPD0SKa_Oarn-bYA
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.12.133:10213
date: Wed, 12 May 2021 07:11:42 GMT
server: nginx
x-fastly-to-nlb-rtt: 9835

Redirect headers

location: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=_6OIoZRPD0SKa_Oarn-bYA
date: Wed, 12 May 2021 07:11:42 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 110
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 54E7 35 B
380 B 378ms
95ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName: Track001-dc3
Pragma: no-cache
Date: Wed, 12 May 2021 07:11:03 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 54E7
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dtaboola%26bsw_param%3D6bec7f16-db92-43cd-8f7e-74e30d7cdbb...
https://x.bidswitch.net/sync?dsp_id=80&user_id=acd2609b-7faa-4f00-acbd-c67dbc69579d&expires=30&ssp=taboola&bsw_param=6bec7f16-db92-43cd-8f7e-74e30d7cdbbd&gdpr=0&gdpr_consent=
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=6bec7f16-db92-43cd-8f7e-74e30d7cdbbd

0
227 B

21ms
18ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=6bec7f16-db92-43cd-8f7e-74e30d7cdbbd
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.14.127:10213
date: Wed, 12 May 2021 07:11:39 GMT
server: nginx
x-fastly-to-nlb-rtt: 6998

Redirect headers

location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=6bec7f16-db92-43cd-8f7e-74e30d7cdbbd
date: Wed, 12 May 2021 07:11:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 cds.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 22ms
22ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210506-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 916d29998baf302ea3c88e031e6f77370ef2aff02258f1b53557599099d27cdc

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: qAC_83v.ruQxT.EBjAF212Y3Xw1cEshk
content-encoding: gzip
etag: "fe3141b1cffc47b284c82d96b098b304"
age: 1635
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1181
x-amz-id-2: 7BQRL9iY7L8Tf3O0nB1ktVMpv9AnvetXSGu3BRR2WleFIbXVOXrz/PPn8YfxL0+rV1Xv+3FcIj0=
x-served-by: cache-fra19136-FRA
last-modified: Wed, 10 Mar 2021 13:27:13 GMT
server: AmazonS3
x-timer: S1620803499.511733,VS0,VE0
date: Wed, 12 May 2021 07:11:38 GMT
vary: Accept-Encoding
x-amz-request-id: R30ZXS631HAMHHHX
via: 1.1 varnish
cache-control: private, max-age=3600
accept-ranges: bytes
content-type: application/javascript
abp: 22
x-cache-hits: 10143

GET
H/1.1

200
OK

ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame C8DF
Redirect Chain

https://ps.eyeota.net/match?bid=6j5b2cv&uid=77209328200338166100765293161322666226&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

42 B
991 B

40ms
39ms

Image
image/gif

52.214.120.236
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.214.120.236 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-214-120-236.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v006-056d01fc5.edge-irl1.demdex.com 6.2.1.20210507120117-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-Error: 303,104
X-TID: YsbccbynQqc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date: Wed, 12 May 2021 07:11:39 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2 200 style.css
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/banner-update-indie/assets/ 969 B
738 B 36ms
34ms Stylesheet
text/css 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/banner-update-indie/assets/style.css

Requested by

Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-206.deploy.static.akamaitechnologies.com

Software

Resource Hash

5b6656e316c03a551cbdeb95f1aed0acdffeb7b3ce743144573475dd3b8133fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: "617866c501ae2baecee3c33975ca8125d4935302e86a88dedf91278f1aec543e"
last-modified: Mon, 26 Apr 2021 02:57:18 GMT
x-timer: S1619405863.141924,VS0,VE201
x-i: true
x-served-by: cache-ams21053-AMS
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=1686
date: Wed, 12 May 2021 07:11:38 GMT
x-cache-hits: 0
accept-ranges: bytes
content-length: 406
expires: Wed, 12 May 2021 07:39:44 GMT

GET
H2 200 main.js Show response
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/banner-update-indie/assets/ 3 KB
2 KB 36ms
35ms Script
text/javascript 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/banner-update-indie/assets/main.js

Requested by

Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-206.deploy.static.akamaitechnologies.com

Software

Resource Hash

386895aeac76b1c5ff9b99ceaf1129828535748e9dd0ff241e8f595ca13b6afb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: "799b8c406ecbbc260dc9ac71c011202326bd9a557b155ba1707af12579eded3c"
last-modified: Mon, 26 Apr 2021 02:57:18 GMT
x-timer: S1619405934.048430,VS0,VE1
x-i: true
x-served-by: cache-ams21030-AMS
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=1674
date: Wed, 12 May 2021 07:11:38 GMT
x-cache-hits: 1
accept-ranges: bytes
content-length: 1276
expires: Wed, 12 May 2021 07:39:32 GMT

GET
H2 200 / Show response
t1.taboola.com/ 2 B
181 B 3429ms
127ms XHR
text/html 141.226.124.218
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t1.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.218 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: a73fcf339640929207281fb8e038884806e2eb0840f2245694dbba1d5cc89e65

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:41 GMT
last-modified: Sun, 24 Jan 2021 15:03:23 GMT
server: nginx
etag: "600d8c3b-2"
content-type: text/html
access-control-allow-origin: https://www.heraldsun.com.au
cache-control: no-store
accept-ranges: bytes
content-length: 2

GET
H2 200 / Show response
t2.taboola.com/ 2 B
181 B 3378ms
124ms XHR
text/html 141.226.124.223
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t2.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.223 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 20af2e45e35866cd1f34e50fd5eafda74d788071bf14617e65e375692704c7a7

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:41 GMT
last-modified: Thu, 21 Jan 2021 15:59:07 GMT
server: nginx
etag: "6009a4cb-2"
content-type: text/html
access-control-allow-origin: https://www.heraldsun.com.au
cache-control: no-store
accept-ranges: bytes
content-length: 2

GET
H2 200 / Show response
t3.taboola.com/ 2 B
181 B 3409ms
123ms XHR
text/html 141.226.124.237
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t3.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.237 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: f86b4d3007fdc5613ee00f8c1609018729705ec43596566fed698b647f3d5a68

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:41 GMT
last-modified: Thu, 21 Jan 2021 15:59:28 GMT
server: nginx
etag: "6009a4e0-2"
content-type: text/html
access-control-allow-origin: https://www.heraldsun.com.au
cache-control: no-store
accept-ranges: bytes
content-length: 2

GET
H2 200 / Show response
t4.taboola.com/ 2 B
181 B 3381ms
123ms XHR
text/html 141.226.124.218
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t4.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.218 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: a73fcf339640929207281fb8e038884806e2eb0840f2245694dbba1d5cc89e65

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:41 GMT
last-modified: Sun, 24 Jan 2021 15:03:16 GMT
server: nginx
etag: "600d8c34-2"
content-type: text/html
access-control-allow-origin: https://www.heraldsun.com.au
cache-control: no-store
accept-ranges: bytes
content-length: 2

GET
H2 200 / Show response
t5.taboola.com/ 2 B
181 B 3449ms
125ms XHR
text/html 141.226.124.225
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t5.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.225 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 6f4b6612125fb3a0daecd2799dfd6c9c299424fd920f9b308110a2c1fbd8f443

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:41 GMT
last-modified: Sun, 24 Jan 2021 15:03:16 GMT
server: nginx
etag: "600d8c34-2"
content-type: text/html
access-control-allow-origin: https://www.heraldsun.com.au
cache-control: no-store
accept-ranges: bytes
content-length: 2

GET
H2 200 / Show response
t6.taboola.com/ 2 B
181 B 842ms
113ms XHR
text/html 141.226.124.212
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t6.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.212 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 8527a891e224136950ff32ca212b45bc93f69fbb801c3b1ebedac52775f99e61

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:39 GMT
last-modified: Thu, 21 Jan 2021 15:58:49 GMT
server: nginx
etag: "6009a4b9-2"
content-type: text/html
access-control-allow-origin: https://www.heraldsun.com.au
cache-control: no-store
accept-ranges: bytes
content-length: 2

GET
H2 200 / Show response
t7.taboola.com/ 2 B
181 B 3386ms
123ms XHR
text/html 141.226.124.210
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t7.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.210 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 6b51d431df5d7f141cbececcf79edf3dd861c3b4069f0b11661a3eefacbba918

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:41 GMT
last-modified: Sun, 24 Jan 2021 15:03:16 GMT
server: nginx
etag: "600d8c34-2"
content-type: text/html
access-control-allow-origin: https://www.heraldsun.com.au
cache-control: no-store
accept-ranges: bytes
content-length: 2

GET
H2 200 / Show response
t8.taboola.com/ 2 B
181 B 3442ms
124ms XHR
text/html 141.226.124.205
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t8.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.205 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 2215f50cb99824ed2786a5d12df72b5dbc304b85f28cd5b873b645cccc3b7411

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:41 GMT
last-modified: Sun, 24 Jan 2021 15:03:16 GMT
server: nginx
etag: "600d8c34-2"
content-type: text/html
access-control-allow-origin: https://www.heraldsun.com.au
cache-control: no-store
accept-ranges: bytes
content-length: 2

GET
H2 200 / Show response
pips.taboola.com/ 64 B
245 B 32ms
6ms XHR
text/plain 2a04:4e42:62::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:62::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: b8d54469be918f4a8dee30d099dc5bcce1eb96307d53c68e6e4fac7f1e7b1783

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:38 GMT
via: 1.1 varnish
server: Varnish
x-served-by: cache-hhn11577-HHN
access-control-allow-methods: GET
access-control-allow-origin: https://www.heraldsun.com.au
cache-control: no-store
x-cache: HIT
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame F0BC 0
181 B 1121ms
41ms Document
text/html 34.254.108.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.108.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TDID=d2a7f5c6-c33e-4320-b3e0-6cf02f77c07e; TDCPM=CAESEgoDYWFtEgsIwN_d-ebHyjkQBRgFIAEoAjILCJqauab9x8o5EAU4AQ..
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

date: Wed, 12 May 2021 07:11:39 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 adsct Show response
analytics.twitter.com/i/ Frame B09E 31 B
662 B 181ms
131ms Script
application/javascript 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o3flk&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_devel /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
pragma: no-cache
last-modified: Wed, 12 May 2021 07:11:39 GMT
server: tsa_devel
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: fa1f3375c33212f829c2864a58eab1fbab3843f790983ef1f9b858afdb3ffacc
x-transaction: 5ad4abf532b3b3fa
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 7532 0
182 B 1101ms
33ms Document
text/html 34.254.108.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.108.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TDID=d2a7f5c6-c33e-4320-b3e0-6cf02f77c07e; TDCPM=CAESEgoDYWFtEgsIwN_d-ebHyjkQBRgBIAEoAjILCPTEyqn9x8o5EAU4AVoHMDU0ZjMyb2AC
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

date: Wed, 12 May 2021 07:11:39 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame C8DF
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=adobe&id=77209328200338166100765293161322666226
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=77209328200338166100765293161322666226

0
337 B

104ms
34ms

Image
text/plain

34.246.207.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=77209328200338166100765293161322666226
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.207.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:40 GMT
cache-control: private, no-cache, no-store
x-request-time: D=30 t=1620803500
x-served-by: beacon-n014-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=77209328200338166100765293161322666226
date: Wed, 12 May 2021 07:11:39 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a002-ash-prod.krxd.net

GET
H/1.1

200
OK

ibs:dpid=134096&dpuuid=nYcz1y9999O7NJ%2BQ
dpm.demdex.net/ Frame C8DF
Redirect Chain

https://tags.bluekai.com/site/43981?id=77209328200338166100765293161322666226&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=nYcz1y9999O7NJ%2BQ

42 B
973 B

39ms
39ms

Image
image/gif

52.214.120.236
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=134096&dpuuid=nYcz1y9999O7NJ%2BQ

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.214.120.236 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-214-120-236.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v006-072575e92.edge-irl1.demdex.com 6.2.1.20210507120117-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: +x0q818gSRo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=134096&dpuuid=nYcz1y9999O7NJ%2BQ
Date: Wed, 12 May 2021 07:11:38 GMT
Connection: keep-alive
Content-Length: 0
BK-Server: ad02
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame C8DF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUp0LXFRQUFBTGI3ekJOZw==

170 B
188 B

32ms
31ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUp0LXFRQUFBTGI3ekJOZw==

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:38 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1620803499.967730,VS0,VE0
x-served-by: cache-hhn4069-HHN
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUp0LXFRQUFBTGI3ekJOZw==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame C8DF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YJt-qQAAALb7zBNg&expires=90

0
239 B

27ms
26ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YJt-qQAAALb7zBNg&expires=90
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:38 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1620803499.967780,VS0,VE0
x-served-by: cache-hhn4069-HHN
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YJt-qQAAALb7zBNg&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 91ms
90ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=da2f4caf-bb63-9290-726e-41c790a39ca6&tv=%7Bc:cnYCUW,pingTime:-10,time:1160,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1620803498460%7C%7Ca09c8c57aea2f8789bc7d5e0e115cafb%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C7d1900b5eabc0816557075c020d79cba%7C%7C29a45b7ec3733694e2e3fdda755a11fa%7C%7Cd478ca9c205df6b5fc6b65344faaed03%7C%7Ce3ed5176f24832b997b0ef4fc63de331%7C%7Ce5e49db5bb83003b2fce30137c6d7dbf%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-,sca:%7Bspg:6b618280-764a-0f1e-1641-038be3006132%7D%7D
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 07:11:39 GMT
X-Server-Name: dt59.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C8DF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YJt-qQAAALb7zBNg

43 B
1003 B

89ms
32ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YJt-qQAAALb7zBNg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 07:11:39 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 12 May 2021 07:11:39 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:39 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1620803499.028395,VS0,VE0
x-served-by: cache-hhn4069-HHN
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YJt-qQAAALb7zBNg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 95ms
91ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=3a3d93f8-953e-8477-a013-c61d9b0f7d1a&tv=%7Bc:cnYCWV,pingTime:-10,time:1301,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1620803498460%7C%7Ca09c8c57aea2f8789bc7d5e0e115cafb%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C7d1900b5eabc0816557075c020d79cba%7C%7C29a45b7ec3733694e2e3fdda755a11fa%7C%7Cd478ca9c205df6b5fc6b65344faaed03%7C%7Ce3ed5176f24832b997b0ef4fc63de331%7C%7Ce5e49db5bb83003b2fce30137c6d7dbf%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-,sca:%7Bspg:6b618280-764a-0f1e-1641-038be3006132%7D%7D
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 07:11:39 GMT
X-Server-Name: dt59.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame C8DF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=YJt-qQAAALb7zBNg

43 B
1 KB

33ms
32ms

Image
image/gif

185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=158&code=YJt-qQAAALb7zBNg

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 07:11:39 GMT
X-Proxy-Origin: 185.232.21.100; 185.232.21.100; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.39:80
AN-X-Request-Uuid: d68e16a8-a754-4718-8e74-e368da34d47f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:39 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1620803499.131989,VS0,VE0
x-served-by: cache-hhn4069-HHN
x-cache: HIT
location: https://ib.adnxs.com/setuid?entity=158&code=YJt-qQAAALb7zBNg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 93ms
92ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=1484569c-6983-091a-c2c7-18f7f71c864c&tv=%7Bc:cnYCY2,pingTime:-10,time:1310,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1620803498460%7C%7Ca09c8c57aea2f8789bc7d5e0e115cafb%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C7d1900b5eabc0816557075c020d79cba%7C%7C29a45b7ec3733694e2e3fdda755a11fa%7C%7Cd478ca9c205df6b5fc6b65344faaed03%7C%7Ce3ed5176f24832b997b0ef4fc63de331%7C%7Ce5e49db5bb83003b2fce30137c6d7dbf%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-,sca:%7Bspg:6b618280-764a-0f1e-1641-038be3006132%7D%7D
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 07:11:39 GMT
X-Server-Name: dt59.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame C8DF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YJt-qQAAALb7zBNg

43 B
106 B

26ms
24ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=YJt-qQAAALb7zBNg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:39 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:39 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1620803499.236532,VS0,VE0
x-served-by: cache-hhn4069-HHN
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=YJt-qQAAALb7zBNg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 91ms
90ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=b3e60c8d-244f-8968-3864-018d9b24b41b&tv=%7Bc:cnYD0i,time:1522,type:e,env:%7Bnr_p:1,nr_publ1:1,nr_grpm1:1%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1522,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:309,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1222~0%5D,as:%5B1222~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:236,fm:sxb8iE4+11%7C12%7C13*.10507%7C131%7C14.10507%7C141%7C15.10507%7C151%7C161%7C162%7C17.10507%7C171%7C172%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l,idMap:13*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 07:11:39 GMT
X-Server-Name: dt59.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame C8DF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJt-qQAAALb7zBNg

1 B
809 B

100ms
24ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJt-qQAAALb7zBNg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 07:11:39 GMT
X-lat: lhrpug011:0:541
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:39 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1620803499.348947,VS0,VE0
x-served-by: cache-hhn4069-HHN
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJt-qQAAALb7zBNg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 97ms
91ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=3a3d93f8-953e-8477-a013-c61d9b0f7d1a&tv=%7Bc:cnYD0y,time:1526,type:e,env:%7Bnr_p:1,nr_publ1:1,nr_grpm1:1%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1526,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:316,wc:0.0.1600.1200,ac:1273.479.1.1,am:i,cc:1273.479.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1222~0%5D,as:%5B1221~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:255,fm:sxb8iE4+11%7C12%7C13.10507%7C131%7C132%7C14*.10507%7C141%7C15.10507%7C151%7C161%7C162%7C17.10507%7C171%7C172%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l,idMap:14*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 07:11:39 GMT
X-Server-Name: dt59.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame C8DF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YJt-qQAAALb7zBNg&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YJt-qQAAALb7zBNg&img=1&__user_check__=1&sync_id=4bed1ca8-b2f1-11eb-96f9-1bbe6fc50406

43 B
549 B

28ms
28ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YJt-qQAAALb7zBNg&img=1&__user_check__=1&sync_id=4bed1ca8-b2f1-11eb-96f9-1bbe6fc50406
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.126 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 07:11:39 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 100
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Wed, 12 May 2021 07:11:39 GMT
Server: nginx
Location: /partner?adv_id=6409&uid=YJt-qQAAALb7zBNg&img=1&__user_check__=1&sync_id=4bed1ca8-b2f1-11eb-96f9-1bbe6fc50406
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 71
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 93ms
92ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=b3e60c8d-244f-8968-3864-018d9b24b41b&tv=%7Bc:cnYD2v,pingTime:-10,time:1659,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1620803498460%7C%7Ca09c8c57aea2f8789bc7d5e0e115cafb%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C7d1900b5eabc0816557075c020d79cba%7C%7C29a45b7ec3733694e2e3fdda755a11fa%7C%7Cd478ca9c205df6b5fc6b65344faaed03%7C%7Ce3ed5176f24832b997b0ef4fc63de331%7C%7Ce5e49db5bb83003b2fce30137c6d7dbf%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-,sca:%7Bspg:6b618280-764a-0f1e-1641-038be3006132%7D%7D
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 07:11:39 GMT
X-Server-Name: dt59.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2

200

b.php
www.facebook.com/fr/ Frame C8DF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YJt-qQAAALb7zBNg&t=2592000&o=0

43 B
498 B

37ms
37ms

Image
image/gif

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=YJt-qQAAALb7zBNg&t=2592000&o=0

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
x-fb-debug: RyWhfONG56QsmhpDEq4lzSEFmlsrNDOJfjcafEOpJ5L6vyq6e3rZBi4CS28kI/dt9ARnrKc/dHBEnUAEX7UFvQ==
content-encoding: br
x-content-type-options: nosniff
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 12 May 2021 00:11:39 PDT
strict-transport-security: max-age=15552000; preload
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
expires: Wed, 12 May 2021 00:11:39 PDT

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:39 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1620803500.550386,VS0,VE0
x-served-by: cache-hhn4069-HHN
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=YJt-qQAAALb7zBNg&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

ibs:dpid=147592
dpm.demdex.net/ Frame C8DF
Redirect Chain

https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=147592?dpuuid=96e73fb6-93b1-4bb5-9a00-02e5c6808771-tuct795052a

42 B
973 B

38ms
37ms

Image
image/gif

52.214.120.236
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=147592?dpuuid=96e73fb6-93b1-4bb5-9a00-02e5c6808771-tuct795052a

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.214.120.236 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-214-120-236.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v006-0843aeb0a.edge-irl1.demdex.com 6.2.1.20210507120117-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: MObke6FdTbQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

x-vcl-time-ms: 58
date: Wed, 12 May 2021 07:11:39 GMT
via: 1.1 varnish
server: nginx
x-timer: S1620803500.669823,VS0,VE58
x-cache: MISS
location: https://dpm.demdex.net/ibs:dpid=147592?dpuuid=96e73fb6-93b1-4bb5-9a00-02e5c6808771-tuct795052a
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19136-FRA

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame C8DF
Redirect Chain

https://sync.1rx.io/usersync/adobe/0?dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync/adobe/0?zcc=1&dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D&cb=1620803500802
https://sync.targeting.unrulymedia.com/csync/RX-e376c224-6f1f-4dd4-9139-8564124e4754-003?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3DRX-e376c224-6f1f-4dd4-9139-8564124e4754-003
https://dpm.demdex.net/ibs:dpid=461447&dpuuid=RX-e376c224-6f1f-4dd4-9139-8564124e4754-003
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=461447&dpuuid=RX-e376c224-6f1f-4dd4-9139-8564124e4754-003

42 B
973 B

39ms
39ms

Image
image/gif

52.214.120.236
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=461447&dpuuid=RX-e376c224-6f1f-4dd4-9139-8564124e4754-003

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.214.120.236 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-214-120-236.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v006-05f42a986.edge-irl1.demdex.com 6.2.1.20210507120117-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: irQH3U8jSmY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v006-087d9057b.edge-irl1.demdex.com 6.2.1.20210507120117-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: nIzYb+CySmU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=461447&dpuuid=RX-e376c224-6f1f-4dd4-9139-8564124e4754-003
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 28ms
28ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021051001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061038

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b9c0f93732d4933b8525720969eccd3212ebe2d8c9b3239484857d30c3b9ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 07:11:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7679
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 17ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061038

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:11:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Wed, 12 May 2021 07:11:39 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 14DF 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Tue, 11 May 2021 21:18:12 GMT
expires: Wed, 11 May 2022 21:18:12 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 35608
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js Show response
pagead2.googlesyndication.com/bg/ Frame 14DF 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5546f9e074ab70995f0edefafb361236f1d83da768a83e72b23587d9a4c63f3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 05:50:50 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 4850
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5687
x-xss-protection: 0
expires: Thu, 12 May 2022 05:50:50 GMT

GET
H2 200 fd2e5afc06a6b6384c3e193656c78e92
content.api.news/v3/images/bin/ 12 KB
12 KB 91ms
90ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/fd2e5afc06a6b6384c3e193656c78e92?width=320
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: afa6f8dec7a3ce6389fcd27714f0490212f1ecc68c8a92128fa71e0de15cfb65

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag: fd2e5afc06a6b6384c3e193656c78e92
date: Wed, 12 May 2021 07:11:40 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 65f75e01eafb12b283e324a55cfd4299-fd2e5afc06a6b6384c3e193656c78e92-320
x-serial: 1935
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5178867
last-modified: Wed, 12 May 2021 05:46:21 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 12176
expires: Sun, 11 Jul 2021 05:46:07 GMT

GET
H2 200 8ceb18cab3ab5a4c85e14b898f0b2fbb
content.api.news/v3/images/bin/ 9 KB
9 KB 1585ms
1584ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/8ceb18cab3ab5a4c85e14b898f0b2fbb?width=320
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 845778fe52a0990567399ba016aa34727e5d3a8e19490a6bedb0160429c09bf5

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag: 8ceb18cab3ab5a4c85e14b898f0b2fbb
date: Wed, 12 May 2021 07:11:41 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: e8ab8eeed4c1856b5465aaf0c0710206-8ceb18cab3ab5a4c85e14b898f0b2fbb-320
x-serial: 718
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5173486
last-modified: Wed, 12 May 2021 04:17:07 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 8734
expires: Sun, 11 Jul 2021 04:16:27 GMT

GET
H2 200 aa4845e5e60bc597b3820b8838604051
content.api.news/v3/images/bin/ 10 KB
10 KB 92ms
92ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/aa4845e5e60bc597b3820b8838604051?width=320
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 87241cab218e0eaa67805288316124ad9ea9eec25d73982bcc07177f67785cd6

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag: aa4845e5e60bc597b3820b8838604051
date: Wed, 12 May 2021 07:11:40 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: fddf317eb53440091d99a9061354cefe-aa4845e5e60bc597b3820b8838604051-320
x-serial: 841
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5173704
last-modified: Wed, 12 May 2021 04:19:45 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 10211
expires: Sun, 11 Jul 2021 04:20:04 GMT

GET
H2 200 510356ded085f54815dfc229e53be564
content.api.news/v3/images/bin/ 16 KB
16 KB 1471ms
1470ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/510356ded085f54815dfc229e53be564?width=320
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 613b8674030a109f73d3372f17c18c211ad38614fd273a4d2e198eb75272a056

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

edge-cache-tag: 510356ded085f54815dfc229e53be564
date: Wed, 12 May 2021 07:11:41 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: e0428b48c48e6d506cac0f4bf0edc088-510356ded085f54815dfc229e53be564-320
x-serial: 1897
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5157861
last-modified: Tue, 11 May 2021 23:56:36 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 16002
expires: Sat, 10 Jul 2021 23:56:02 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 43ms
41ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021051001&jk=2666602544625747&bg=!EhGlEVXNAAY59bwoOfU7ACkAdvg8WsL5T63CQ3W4TyloLjr2JnBS6QgyP71uz6OBJq_0uzSqyJ44cgIAAAB5UgAAABBoAQeZAkbuA5sdXQ1KPqnhLDPRYNV98IYa1vvBSzKB-LIe-g4lDzNYLGCYdUbL8EfApXPei0_KC_xNlct3VX9d1hJeMVPyl3G0ymSqL_95Wwka0ZP3GwF1ydaO5WnPimNiW3FCpxdSweplsF2mw-DQPbghAVaK9gz4cKinuRJgQri-cb4MRyl6rVc6Hwf93vPz8E8H2mCH7bAW-EoKmh5tDNt4-NCjR3bRphRXgcjHrEX-di4zi9rmCfq5a8NVYbHiGTZ5bsG-OisfLLAdWDETblL4bAV8vA6oOwTxiPAcB3BJdgjuVBPrqnyckO75OAo-lPAgxdA-pVzjqtW8vr2LjP8fj1aBdG-pKzCou9975hY3vlWo_O1qzi-BQmvDfHR6O_L5C8ZBs3maj9iUSuwgDPOxQO3IcizbBGuF4IA4uClybCTKhrKo2VnD8tdKb7Lz6YWSg85T8jy-3fdE4UjaJNz9WE1qge34okHhhbbYxh6uIelI3sXtE8uf8gS6DZ2nwJZ1sZx7JI3YAR6QqonhzF_4hBRR9BibHXmxNY-06CBsyEENNrCu-m4lamhJ5zRBUUUjlTRXSfbC4BsAldz6ALxV-gLur8Y-v10uVuQZXnW7OsRuD5Ax3V0fEbXxF1G9UDADGNzAgUHo6H0w4UFaCM_rYwLFcCW6Wo7r5x72hNxycW2F6fhkqrBa_uiGXptrnkl2-GqGAKvQjFGUdXsj-VOHhK3hN18qj1O3Lup5GtjF7uOUPeLe970PJg55IU_vlIK7YnGVuz_vcS4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gn
secure-dcr.imrworldwide.com/cgi-bin/ 44 B
529 B 36ms
35ms Image
image/gif 54.73.48.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_b04_homepage_S&asn=homepage&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&devmodel=&manuf=&sysname=&sysversion=&sessionId=xdyi6ybxuapcdzzigbvboajpbuuwp1620803497&prv=1&c6=vc,b04&ca=NA&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&c32=segA,NA&c33=segB,NA&c34=segC,DSK-OTT-WinPhn-OtherBrowser&c15=apn,heraldsun&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,999&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16208034979079488&c30=bldv,6.0.0.594&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&devtypid=&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1620803497211&c3=st,c&c64=starttm,1620803499&adid=1620803497211&c58=isLive,false&c59=sesid,&c61=createtm,1620803499&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&c66=mediaurl,&c62=sendTime,1620803499&rnd=277504
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.73.48.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:40 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 204
No Content / Show response
cds.taboola.com/ 0
155 B 274ms
92ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=bee2bc59-7cee-4e0d-b107-5aa5de5f0f1c-tuct7950528&dnid=1a1f2d1a2114120d&uad=88fe5298c7fea4f29eb9f5eecd3ca68f39c1a33001a95f1237681695a706b75d
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 12 May 2021 07:11:42 GMT
Cache-Control: no-store
Server: nginx
Connection: close

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 92ms
91ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=b3e60c8d-244f-8968-3864-018d9b24b41b&tv=%7Bc:cnYE2M,time:5520,type:e,env:%7Bnr_p:5%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:5520,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:309,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B5220~0%5D,as:%5B5220~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:477,fm:sxb8iE4+11%7C12%7C13*.10507%7C131%7C14.10507%7C141%7C15.10507%7C151%7C161%7C162%7C17.10507%7C171%7C172%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l,idMap:13*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 07:11:43 GMT
X-Server-Name: dt59.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 91ms
90ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=3a3d93f8-953e-8477-a013-c61d9b0f7d1a&tv=%7Bc:cnYE2R,time:5513,type:e,env:%7Bnr_p:5%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:5513,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:316,wc:0.0.1600.1200,ac:1273.479.1.1,am:i,cc:1273.479.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B5209~0%5D,as:%5B5208~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:529,fm:sxb8iE4+11%7C12%7C13.10507%7C131%7C132%7C14*.10507%7C141%7C15.10507%7C151%7C161%7C162%7C17.10507%7C171%7C172%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l,idMap:14*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 07:11:43 GMT
X-Server-Name: dt59.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 101ms
100ms Image
image/gif 35.173.41.90
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2F&u=CAbPehmkNwoulF-L&d=heraldsun.com.au&g=36976&g0=home%2Chomepage%2Cno_video&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=11223&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=4025&t=LJlzIdhYZYDl8nHWxbqq_Tp-ZK&V=126&tz=-120&_acct=anon&sn=2&sv=ClmK5oBwt8_2B9rZcRCsNLl0CjbmNH&sd=1&im=06030402&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.41.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-41-90.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 07:11:51 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/akam/11/28fb22b

Domain: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/staticweb/fbc6eb3f718ti1818f0a460e313428da5

Domain: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/akam/11/28fb22b

Domain: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/staticweb/fbc6eb3f718ti1818f0a460e313428da5

Domain: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/akam/11/28fb22b

Domain: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/staticweb/fbc6eb3f718ti1818f0a460e313428da5

Domain: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/akam/11/28fb22b

Domain: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/staticweb/fbc6eb3f718ti1818f0a460e313428da5

Verdicts & Comments Add Verdict or Comment

283 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.demdex.net/	1970-01-19 22:32:35	Name: dextp Value: 358-1-1620803497394\|470-1-1620803497587\|481-1-1620803497733\|771-1-1620803497881\|903-1-1620803498045\|19566-1-1620803498200\|23728-1-1620803498306\|30432-1-1620803498407\|30064-1-1620803498514\|66757-1-1620803498615\|134096-1-1620803498715\|144230-1-1620803498816\|144231-1-1620803498917\|144232-1-1620803499020\|144233-1-1620803499124\|144234-1-1620803499228\|144235-1-1620803499339\|144236-1-1620803499442\|144237-1-1620803499543\|147592-1-1620803499654\|461447-1-1620803499757
.demdex.net/	1970-01-19 22:32:35	Name: demdex Value: 77209328200338166100765293161322666226
.adsrvr.org/	1970-01-20 02:58:59	Name: TDCPM Value: CAESEgoDYWFtEgsIwN_d-ebHyjkQBRgBIAEoAjILCPTEyqn9x8o5EAU4AVoHMDU0ZjMyb2AC
.heraldsun.com.au/	1969-12-31 23:59:59	Name: tp Value: 11223
.heraldsun.com.au/	1969-12-31 23:59:59	Name: s_ppv Value: https%253A%2F%2Fwww.heraldsun.com.au%2F%2C11%2C11%2C1200
www.heraldsun.com.au/	1970-01-19 19:40:59	Name: vidoraUserId Value: j0215kjrr646p7rmu4rob53re0nims
www.heraldsun.com.au/	1970-01-23 09:49:23	Name: _ncg_marketingCloudVisitorId Value: 77233371614180867120762888821079476712
www.heraldsun.com.au/	1970-01-19 18:23:28	Name: AWSALBCORS Value: +8m7wUNEeEOLaAcX0ndtLaAAeK/AD12A2qHaPu5V89/ZGS/kjkfHYgvuR9Hoytn1EoeDvPBFC7pzyZkSemK31obHHuV2NdXo6cWfeNxE5/rQXLwWQ2I3WLW0k2AP
www.heraldsun.com.au/	1970-01-19 18:23:28	Name: AWSALB Value: +8m7wUNEeEOLaAcX0ndtLaAAeK/AD12A2qHaPu5V89/ZGS/kjkfHYgvuR9Hoytn1EoeDvPBFC7pzyZkSemK31obHHuV2NdXo6cWfeNxE5/rQXLwWQ2I3WLW0k2AP
.heraldsun.com.au/	1970-01-19 18:13:25	Name: _ncg_sp_ses.ff50 Value: *
.heraldsun.com.au/	1970-01-19 18:13:25	Name: s_gdslv_s Value: First%20Visit
.heraldsun.com.au/	1970-01-20 02:58:59	Name: utag_main Value: v_id:01795f6aaa6900587825914d828800072001d06a00b08$_sn:1$_se:1$_ss:1$_st:1620805296554$ses_id:1620803496554%3Bexp-session$_pn:1%3Bexp-session
.heraldsun.com.au/	1970-01-20 20:30:11	Name: s_gdslv Value: 1620803497337
.heraldsun.com.au/	1970-01-19 18:56:35	Name: s_nr Value: 1620803497337-New
.doubleclick.net/	1970-01-20 03:34:59	Name: IDE Value: AHWqTUm-YZJO1J-vQrbu-HtXNmaC-5h2qCKuhcZbm68rSnButKmfB2vcro0-s1GLS80
.imrworldwide.com/	1970-01-20 03:34:59	Name: IMRID Value: 4b047d60-b2f1-11eb-9e8b-1ffe0067ff9f
www.heraldsun.com.au/	1970-01-19 18:13:25	Name: _cb_svref Value: null
.heraldsun.com.au/	1970-01-20 11:44:35	Name: s_ecid Value: MCMID%7C77233371614180867120762888821079476712
.heraldsun.com.au/	1969-12-31 23:59:59	Name: AMCVS_5FE61C8B533204850A490D4D%40AdobeOrg Value: 1
.imrworldwide.com/	1970-01-20 03:34:59	Name: SSCVER Value: v1
.heraldsun.com.au/	1970-01-20 11:44:35	Name: _ncg_sp_id.ff50 Value: 1efca002-38f2-4752-9f61-694fc6cf20fa.1620803497.1.1620803497.1620803497.1e5e7cdb-0631-4bc6-bc8f-ea8ebfc0e43d
www.heraldsun.com.au/	1970-01-20 02:58:59	Name: trc_cookie_storage Value: newscorpau-aud-heraldsun%253Asession-data%3Dv2_82dc2a61b522fe42f9d7eb11b55f0a91_bee2bc59-7cee-4e0d-b107-5aa5de5f0f1c-tuct7950528_1620803496_1620803496_CIi3jgYQgPNHGN3SqvuVLyABKAEwFjjqxgdA4IYQSP7m2QNQ____________AVgAYABosa_ptcr9986tAQ%7Ctaboola%2520global%253Alocal-storage-keys%3D%255B%2522newscorpau-aud-heraldsun%253Asession-data%2522%252C%2522taboola%2520global%253Auser-id%2522%255D%7Ctaboola%2520global%253Auser-id%3Dbee2bc59-7cee-4e0d-b107-5aa5de5f0f1c-tuct7950528
.heraldsun.com.au/	1970-01-20 02:58:59	Name: nc_eu Value: y
www.heraldsun.com.au/	1970-01-20 03:42:11	Name: _chartbeat2 Value: .1620803496733.1620803496733.1.ClmK5oBwt8_2B9rZcRCsNLl0CjbmNH.1
www.heraldsun.com.au/	1970-01-20 03:42:11	Name: _cb Value: CAbPehmkNwoulF-L
www.heraldsun.com.au/	1970-01-19 18:58:01	Name: ad_site_view_t Value: 2021-5-12
www.heraldsun.com.au/	1970-01-19 18:13:25	Name: _tb_t_ppg Value: https%3A//www.heraldsun.com.au/
.heraldsun.com.au/	1969-12-31 23:59:59	Name: s_cc Value: true
.heraldsun.com.au/	1970-01-19 18:13:25	Name: s_ppn Value: no%20value
www.heraldsun.com.au/	1970-01-19 18:13:25	Name: _tb_sess_r Value:
www.heraldsun.com.au/	1970-01-20 03:42:11	Name: _cb_ls Value: 1
.heraldsun.com.au/	1970-01-20 20:30:11	Name: nk Value: cadeda36c756ad14e35322721241c57b
.heraldsun.com.au/	1969-12-31 23:59:59	Name: n_regis Value: 123456789
.adsrvr.org/	1970-01-20 02:58:59	Name: TDID Value: d2a7f5c6-c33e-4320-b3e0-6cf02f77c07e
www.heraldsun.com.au/	1970-01-19 18:58:01	Name: ad_site_view Value: 1
.heraldsun.com.au/	1970-01-20 11:44:35	Name: AMCV_5FE61C8B533204850A490D4D%40AdobeOrg Value: -637568504%7CMCIDTS%7C18760%7CMCMID%7C77233371614180867120762888821079476712%7CMCAAMLH-1621408297%7C6%7CMCAAMB-1621408297%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCCIDH%7C-547111192%7CMCOPTOUT-1620810697s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18767%7CvVersion%7C5.1.1
www.heraldsun.com.au/	1970-01-19 18:13:25	Name: lux_uid Value: 162080349614505323

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.taboola.com/libtrc/impl.20210506-7-RELEASE.js(Line 3) Message: Exit TRCRBox.loadScriptCallback(retry=0): no items in response - thumbnails-midrail-native
console-api	log	URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js(Line 18) Message: UTRACK loaded (from tealium)
console-api	log	URL: https://tags.news.com.au/prod/tad/tad.js(Line 6) Message: AD CORE ERROR: TypeError: Cannot read property 'disc.segments' of null
console-api	log	URL: https://tags.news.com.au/prod/tad/tad.js(Line 6) Message: AD CORE ERROR: 18 function(e,a){var d=e.localStorage;d["disc.segments"]&&(a.ad_audi_segs=d["disc.segments"].split(",")\|\|[])}
console-api	log	URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js(Line 3) Message: vidora-client 1.3.4 4a354580d3cf929b5a8a7d86ed03be7f4218d021
console-api	log	URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js(Line 1) Message: %c Vidora API finished initializing! background: #222; color: #b9da52
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.5.5.js(Line 32) Message: a: 0.001953125 ms

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8228261.fls.doubleclick.net
acdn.adnxs.com
ad.doubleclick.net
adservice.google.be
adservice.google.com
analytics.twitter.com
assets.vidora.com
au-gmtdmp.mookie1.com
au.tags.newscgp.com
b7cb491d6e56c9ea1a104c2aa3acc6b1.safeframe.googlesyndication.com
beacon.krxd.net
bh.contextweb.com
bs.serving-sys.com
bttrack.com
cdn-gl.imrworldwide.com
cdn.adsafeprotected.com
cdn.speedcurve.com
cdn.taboola.com
cds.taboola.com
ce.lijit.com
cm.everesttech.net
cm.g.doubleclick.net
content.api.news
d.turn.com
dis.criteo.com
dpm.demdex.net
dsp.adkernel.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
dt.scanscout.com
e1.emxdgt.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
ice.360yield.com
id5-sync.com
image2.pubmatic.com
image5.pubmatic.com
insight.adsrvr.org
js.adsrvr.org
login.newscorpaustralia.com
match.adsrvr.org
match.taboola.com
metrics.heraldsun.com.au
mhr.talk.news.com.au
news-networkeditorial.s3-ap-southeast-2.amazonaws.com
newscorpau.demdex.net
origin.go.heraldsun.com.au
pagead2.googlesyndication.com
ping.chartbeat.net
pips.taboola.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
ps.eyeota.net
px.ads.linkedin.com
px4.ads.linkedin.com
resourcesssl.newscdn.com.au
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
s.c.appier.net
s1.rui.au.reastatic.net
s3-ap-southeast-2.amazonaws.com
sb.scorecardresearch.com
script.crazyegg.com
seccdn-gl.imrworldwide.com
secure-dcr.imrworldwide.com
secure-ds.serving-sys.com
secure-gl.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
snap.licdn.com
ssum.casalemedia.com
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
sync.search.spotxchange.com
sync.taboola.com
sync.targeting.unrulymedia.com
t.co
t1.taboola.com
t2.taboola.com
t3.taboola.com
t4.taboola.com
t5.taboola.com
t6.taboola.com
t7.taboola.com
t8.taboola.com
tags.bluekai.com
tags.news.com.au
tags.tiqcdn.com
token.rubiconproject.com
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
ts2020-indies-client.web.app
u.openx.net
us-u.openx.net
use.fontawesome.com
usermatch.krxd.net
widget.perfectmarket.com
www.facebook.com
www.google.be
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.heraldsun.com.au
www.linkedin.com
x.bidswitch.net
xdyi6ybxuapcdzzigbvboajpbuuwp1620803497.nuid.imrworldwide.com
login.newscorpaustralia.com
104.109.77.38
104.111.230.77
104.111.247.190
104.244.36.20
104.244.42.3
104.244.42.5
104.75.88.206
108.174.10.14
13.224.95.70
13.224.95.82
13.226.89.119
141.226.124.205
141.226.124.210
141.226.124.212
141.226.124.218
141.226.124.223
141.226.124.225
141.226.124.237
141.226.224.32
141.226.228.48
142.250.181.226
142.250.184.194
142.250.185.102
142.250.186.162
15.237.76.117
151.101.1.195
151.101.113.108
151.101.114.49
151.101.12.157
151.101.13.181
151.101.13.44
151.101.14.217
172.105.221.29
172.217.23.102
174.137.133.49
178.250.0.163
18.156.12.32
18.184.216.10
18.195.155.181
185.29.132.144
185.33.220.244
185.64.189.110
185.64.190.80
185.86.138.142
185.94.180.126
192.132.33.46
198.148.27.139
199.127.207.190
2.18.233.169
2.18.233.180
2.18.233.28
2.18.234.21
2001:678:cb4:bbbb::13
213.19.147.44
213.19.147.45
23.111.9.35
23.45.99.241
2600:9000:2057:7400:1e:c291:240:93a1
2600:9000:211e:4200:1d:667e:2a40:93a1
2600:9000:211e:4400:4:77d:a0c0:93a1
2600:9000:2127:4800:18:1fcd:34e:d2a1
2600:9000:2190:b000:1e:a43d:b640:93a1
2600:9000:2190:d400:2:42d9:3100:93a1
2606:4700::6813:9408
2620:119:50e6:101::6cae:b05
2620:1ec:21::14
2a00:1450:4001:808::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2001
2a00:1450:4001:813::2001
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a02:26f0:6c00:2b0::25ea
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:62::300
2a04:fa87:fffd::c000:42d0
34.246.207.243
34.252.255.244
34.253.145.149
34.254.108.170
34.98.64.218
35.157.13.124
35.172.143.213
35.173.41.90
35.227.202.26
51.89.20.87
52.214.120.236
52.51.173.153
52.58.206.142
52.95.129.39
52.95.132.238
54.73.48.96
54.76.195.29
65.9.97.117
69.173.144.139
69.173.144.165
72.251.249.13
76.223.111.131
82.199.68.73
025a5d71ab0df0454be8a58f5f2e8af19545da2d24fac6fc318f6ab6db26ad40
03cce1892cbfca0c35fe3b1f64307db1269f452bc8eb983a654d68166bfb57c0
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f
07e67598714a0c4563e38e21462f805842803eea1954787eb593acafbe8e9740
07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bf331af93dd676680e91868aff8d7a710935725117c7dad225f1c0849ed9de6
0e3de2e14d9c8708fe42cbb220f1c4d52b720493b1503aa266fac9361b64ac31
10fe77bc0b1fdb744ee733cf86d6250c647a0578357eff24c58354cba6475084
1361168ace2c477919dc5f047b5b092b922dae7d53c6de3e222192a68554f059
1647e28020eaa5351a43d1583a9714bfeedddd6390c1bf4ab3b50f763ac81be5
16b4a4ca69ec6dfb7b8026e86ffc3012f6ae6fa4fe4b788dd3e30f710cf85824
18e7327d41d6ea58a4134c84551eee4573018d6b23814db33fcc5ba9aefcca11
19353d2b4d79956569a1ac629398c8f6ec8275a06279d37b926738e500e39edb
1cc6c7bca002c0669955b203a629edf60067e4884a0aee73b74c5a2466cb7506
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971
1d7a0d33c9d6f9632f3d1602dd71f19c1cf41812a84df94948fbfdfac6733cc0
1e582affc78aced83a75e63769cc88004accab09cd2d7cbca2abe75b10629dd1
203e6a61b58046221bbf6ade2ba5b3f050244ab0f76e87326bbcc1e9cde86862
20a2413b2bfbf52ba4a59325d71c78518725b704650f13fb54391ec9721ab302
20af2e45e35866cd1f34e50fd5eafda74d788071bf14617e65e375692704c7a7
20c8fbf2079f97df7a525f83bf8e0ce70a2fe15d5eff77cbfc77d0c118cc9eee
2215f50cb99824ed2786a5d12df72b5dbc304b85f28cd5b873b645cccc3b7411
27ecd3aace31ee40182aec0f073901d1dc9c739f5493fea3e8c67e029f0d92fb
2a87453753b5611e7806718ec99a837dc8068d9eb20b4b6b3bb0d38ee2bd84d4
2cca2a2358b941a80ef2902f96031b3772c7632f36b8068d493c422ed6373b8f
2d73e6fc5c61e17b7539da439f8a6903ffd613270b379c9a54a96124ce1b99c4
2f939ce3a2e22065419e854180a0ecfca93facb96aab5bc93ae315b8046455a3
30b1fe94e9d7aa344eb1ae6d9ffe65577065da354de4026427d170eaed63d462
362b504c9576a6183fb4e247d952af0559f0866381ed108db2bd2256a0391252
37060f4252bad65de29fefc25769e0c60e5e3d28c396cf099ead3363410a94f5
386895aeac76b1c5ff9b99ceaf1129828535748e9dd0ff241e8f595ca13b6afb
3883ff2a5b46193da5464f5ae5fb94169d1361cfecedbd187439d459dc669f31
3b27f022aa501b26e80948155fc3c5ff4967af37488a92ee8975d8cd0cfe9072
4379b5695f319d7ad15e6c86346e9117f0b4f4a8d4bcbab18aa840fd9e6d900a
456c9968631595fb205de9b07a9df842f910bacb7ce2017acf52a28a292c8145
4578c19c9c34c57fbb97b3547a613cc2435655f96bf40f4e1146f317ef1af1dc
4754c1f1fb712883286295c92774dddebef215996cfdfab9fd972d265473f025
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e81f02c9a78bae8b3940218b2087759c48baf93e05933672a5535ccb5d032db
4e9b1e9b290756c5ebc9849983de1f7d7db1685f76386ada579863f26897ec5f
4ef9a18aef9847638b3b4344a0b2ebed14e84fb0aeb8ce29292af06826a2580a
54138d578ed166d5381db70b3dd14a16830233553b6e4213402bae2fdb0564b4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5546f9e074ab70995f0edefafb361236f1d83da768a83e72b23587d9a4c63f3f
560ff2564fbf2bef305cf0e9533c4db2671c96297d978fd31ac0310727fe455f
59587e68ed187fdfda4f5f89b3e97a64690a13463dfefc1141eaea03bebdc1eb
59bf4920a322377c761eec2dba5b7de57b64267e82b0d3a7e9fafcfd4a954e34
5b2f2fcf0ac38b6a43bbe5b2178b91430f634a859a28d634699eab95d80b93d8
5b6656e316c03a551cbdeb95f1aed0acdffeb7b3ce743144573475dd3b8133fe
5b73abfc521affc9876fa9b927b78bd50e2df1c1ce087a19e9e8e5234e661196
5d630b02705945f83750220e2544986af8ae2699aa1a60cc543dc14f0214888d
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048
5e828421e3580ceb86fd1d4181550cecc2e82c9cbc203db8e4dbdd92fff0d387
5eb441ddf15717dfd930b2fcf3fb431cb9cda5a2ecf2feb875902f96e8758947
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
5fdc9cb116e3a6cb2363710075fbff64f49b72356d6130f60e39070501c571a7
613b8674030a109f73d3372f17c18c211ad38614fd273a4d2e198eb75272a056
627f624619aff030ba3563ff816f50a9183c8875698ef101ae4da41346ea3b18
63df23aa8bd4d44c5696ef1e1efd1db5ea25d377f224ac63d76a4962d30ebff3
64fec8b95316fb6347be8cf9f9e41fa800511b22fcbb1a8a0f5400f7e99e19e5
6581cc3761e513e0d4a1f7521497d72320954438f1e4fe23fbe21ebf50ef4aa4
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
69994216d17a01b471e361346070a4857702ca459488f77ad13117e6bfdaa402
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b51d431df5d7f141cbececcf79edf3dd861c3b4069f0b11661a3eefacbba918
6c0489619b42dc28c6d135cf946eaea95f6206229dedbad28a2636d3525fdb3e
6d90199995b493e006d03ef62d624e59120a272ed586ff1496bd7a5c38ccb3fe
6f4b6612125fb3a0daecd2799dfd6c9c299424fd920f9b308110a2c1fbd8f443
6f4d16601160de9199cd798c53ec850bc9a4f1861749f9951a75757393be3ab8
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8
70388ac2332eff6268b2ac7fd191a8adbff652aa469728de9baa38e4fa279d58
70840f3c5c4517f5d6f11736d0cf28114848de8297c64b489fe193c33e7eb3b8
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
75481bc06d1b02e50fd1cc921a7838e3af6caa9b8c0745b50182ebf29f195e20
7ac6aea4c5148c81355de9ff2078352dd22b8db8578ee768cada8ee3f0402cd0
7afa0fda5f57c3fa3de612a0bb7416fc09d40193c83e46811a8991b99a5545f2
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7fd1737f4343dbfc7a9b915eaf41e30b6f114d254d7043d13b4faa370a36589c
81e0d45f0dcb9d0ec79698b55a4bfd792677100c1b5f7b30aa37164e0d0412aa
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
845778fe52a0990567399ba016aa34727e5d3a8e19490a6bedb0160429c09bf5
8527a891e224136950ff32ca212b45bc93f69fbb801c3b1ebedac52775f99e61
87241cab218e0eaa67805288316124ad9ea9eec25d73982bcc07177f67785cd6
88d8195bc544f718e4dd7714178dcdf22fade25c9b9ab39931da25ca68be9835
89868194e8809928df37974211d2477ad0723d6aee71386fb438b3e939eb5bce
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8add9975d90befa00fd949bddf38c8fbde9e000837058684bd26366e71b3ddfb
8fd2af202707c96310e0292a8de3921a98a09a86f1f85c1a935428de5eae2011
916d29998baf302ea3c88e031e6f77370ef2aff02258f1b53557599099d27cdc
919a09d45286a3828a624e7dae7c7ee6b964ba70339274d8e333c5aaaf9c9ec9
9226d4356a634847c237e53ada616a91563fb53b8d91898fb01ee7c71783d1d0
927ef2ee82c092d3937ec63ad2934f347986c0a8f7b06e051032ee7ffcee24f2
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
997f5bfb9f0c74974ec265633b71dd76c5f0224611dd26775db3cc823ec24947
9a2c0fa57655ccdccf8f7279e06d01c8bd1a2629c867273a353cf1716be25c2f
9c96c025f6aa0b8edff6538d533ddd012d17e860c8fa47140314e81886ce22e0
9d886c09639abe65197c39a41a7466b384546740d3c0399e5639eaf07b8662fc
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a32b0e5a439d26202a415cc099b0b08d0e0da9c5b6aa4ff3b4df382fcf0daf78
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73fcf339640929207281fb8e038884806e2eb0840f2245694dbba1d5cc89e65
a775a321926dd172d2420992ca2f6998e6651abd8a621ac48295328ae0781bf3
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3
aeff34d9a1c253a230b7436d1f8798f9d4d096c0dd88ac2983997dce9ef88508
afa6f8dec7a3ce6389fcd27714f0490212f1ecc68c8a92128fa71e0de15cfb65
b0bb476ab6ddfe80bd87b6d009225c4f48d7219eb1a98d7ec8bce715166da8ab
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b19865c2e8366fc6cef8f869b9447b23243e4917d73591e554f1b697a1f8da9a
b45566ffc79a66f6161ab9531c93acf8de3c7f658b105804d2cd65660c680438
b8d54469be918f4a8dee30d099dc5bcce1eb96307d53c68e6e4fac7f1e7b1783
bc85203de09a4e1807b97412a6bf9ee54e99adce107a4e84836f81a549c9ff76
bea52b91b6dbf31fcf8408d0044f09af2e60861ef77139eb9b8449aa0054dc27
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c22af5507e2e33b84ad021ed87d66c818b155a0773a6b3c227308aedce57a8e4
c3eb14d4f7c6874388ced16b4c1b37e0293302271784d79fc89a43e8c14591f4
c4b9c0f93732d4933b8525720969eccd3212ebe2d8c9b3239484857d30c3b9ce
c4cb581c31ea68d21fc17e28e4709478223167a86cc72077c69c752dd739e501
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6b30be9e2ecab19294bbf313c1b95df4ef35c8299bbabfd6e4ec67d95a12376
c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9
c90eae5c92821e1331128c9346a7665710813be0bad539e27f94720fcadd970e
cde5b55cdee3cfdda04c7d7ccd70375ec40bfa0a72e68e4cb6bac23b0fb280e0
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d1bcc188f481bacf1d9ab4df424b1e041f10f45c85183d38bd2c079f0566dbda
d5ba954163b526260314b95b75779981e8bc6645c4b3a7bd40cede3ba2799c80
d89cae39e3494214df2bb6ad32c4a9d8db99fbb2bd8b3b47a6668e0298a52b7d
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0
da4c81ef1f258a59c89e07f6599b86b9716185e7d670448c7ecaa9efe733a439
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e04775740ec8b9db7622970f707a9bf458ebb5385fc1d6a414312447f8e71ab7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e59cc7b10ad8ed8d3236b6b4290b50b4225fd347be0670332cc6aea9bc38e1aa
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596
ee0a7fdd5b315817774fc9f3c302bb1470236e0e177fe8ef8334c2f6f75afc1d
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
efcd038fff3becbe148fefb893ed26081fd0d8e7293fcd49d470c13fcd522e02
f12c71c547a1e7c42b63d1cb8c5c22284a86eb44d1e63fe18656311f2804ba0a
f2f6d277e9a00330022be2b7ef4441ed84127e2359bfe7f7800c10f294e81917
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
f3e6e25d787a95a0d90f41dc93958920a16c6498130914ee14e3bf72b09d34ec
f416e7e6a79c9708cbf1d9fa967c39f37ab69286a79231fb3993ad355b4e1633
f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d
f6f9b28ce46bc46d6dc12b7a3e09437e46b159144cf7ea835cfd4702cad05ad8
f86b4d3007fdc5613ee00f8c1609018729705ec43596566fed698b647f3d5a68
fb2cb737a3db9426e955b9ae803f952b73786fa129fbed049e59ef40fce288c9
fcbfa0bfa5bc18cbe33f268d50084e411d98744856e0c22ba9ab22996acbd595
fd2670107a9400b251489bda13b8e30d285d989ca5bd3728ca646c86977ece1b

www.heraldsun.com.au Open in urlscan Pro 2.18.233.28 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

297 Requests

96 %HTTPS

24 %IPv6

66 Domains

116 Subdomains

87 IPs

9 Countries

2855 kBTransfer

7490 kBSize

37 Cookies

56 Outgoing links

Page URL History

Redirected requests

297 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.heraldsun.com.au Open in urlscan Pro
2.18.233.28 Public Scan

Screenshot
Live screenshot

Full Image

297
Requests

96 %
HTTPS

24 %
IPv6

66
Domains

116
Subdomains

87
IPs

9
Countries

2855 kB
Transfer

7490 kB
Size

37
Cookies

297 HTTP transactions
0 data transactions