www.heraldsun.com.au Open in urlscan Pro
104.79.88.36 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.heraldsun.news.com.au/common/story_page/0,5478,4859169%255e663,00.html
Effective URL:
https://www.heraldsun.com.au/?nk=4a3afa2cbb934f375faa4617058d5b4e-1608062471
Submission: On December 15 via api (December 15th 2020, 8:01:44 pm UTC) from CA

Summary HTTP 271 Redirects Links 55 Behaviour Indicators

Summary

This website contacted 65 IPs in 9 countries across 60 domains to perform 271 HTTP transactions. The main IP is 104.79.88.36, located in United States and belongs to AKAMAI-AS, US. The main domain is www.heraldsun.com.au.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on September 28th 2020. Valid for: a year.

This is the only time www.heraldsun.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2.16.186.40 2.16.186.40	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
55 89	104.79.88.36 104.79.88.36	16625 (AKAMAI-AS) (AKAMAI-AS)
13 31	104.75.88.206 104.75.88.206	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.114.217 151.101.114.217	54113 (FASTLY) (FASTLY)
11	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
17	104.75.88.116 104.75.88.116	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a04:fa87:fff... 2a04:fa87:fffd::c000:42d0	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2600:9000:210... 2600:9000:2104:4600:1e:c291:240:93a1	16509 (AMAZON-02) (AMAZON-02)
2	52.95.132.126 52.95.132.126	16509 (AMAZON-02) (AMAZON-02)
1	52.95.134.31 52.95.134.31	16509 (AMAZON-02) (AMAZON-02)
2	151.101.113.181 151.101.113.181	54113 (FASTLY) (FASTLY)
1 3	23.37.53.17 23.37.53.17	16625 (AKAMAI-AS) (AKAMAI-AS)
3	92.122.106.155 92.122.106.155	16625 (AKAMAI-AS) (AKAMAI-AS)
5	23.37.61.47 23.37.61.47	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.65.195 151.101.65.195	54113 (FASTLY) (FASTLY)
1	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
1	216.58.208.38 216.58.208.38	15169 (GOOGLE) (GOOGLE)
1	2600:9000:210... 2600:9000:2104:f200:18:1fcd:34e:d2a1	16509 (AMAZON-02) (AMAZON-02)
13	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
2 4	2600:9000:21f... 2600:9000:21f3:5e00:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:209... 2600:9000:2093:3a00:2:42d9:3100:93a1	16509 (AMAZON-02) (AMAZON-02)
1	99.86.7.20 99.86.7.20	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:206... 2600:9000:206f:b800:4:77d:a0c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	52.84.50.90 52.84.50.90	16509 (AMAZON-02) (AMAZON-02)
2	23.43.114.245 23.43.114.245	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.192.172.94 18.192.172.94	16509 (AMAZON-02) (AMAZON-02)
3 3	3.121.49.210 3.121.49.210	16509 (AMAZON-02) (AMAZON-02)
2 10	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	151.101.113.44 151.101.113.44	54113 (FASTLY) (FASTLY)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
2 7	185.33.221.14 185.33.221.14	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
17	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE)
2 2	54.216.86.107 54.216.86.107	16509 (AMAZON-02) (AMAZON-02)
1 2	72.251.249.9 72.251.249.9	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	35.161.43.127 35.161.43.127	16509 (AMAZON-02) (AMAZON-02)
1	185.86.138.142 185.86.138.142	201081 (SMARTADSE...) (SMARTADSERVER)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6 6	51.195.5.40 51.195.5.40	16276 (OVH) (OVH)
2 2	52.57.77.12 52.57.77.12	16509 (AMAZON-02) (AMAZON-02)
2 2	99.80.128.92 99.80.128.92	16509 (AMAZON-02) (AMAZON-02)
2 2	18.196.214.144 18.196.214.144	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1 1	172.105.199.172 172.105.199.172	63949 (LINODE-AP...) (LINODE-AP Linode)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
3 3	3.121.66.166 3.121.66.166	16509 (AMAZON-02) (AMAZON-02)
2	3.232.164.179 3.232.164.179	14618 (AMAZON-AES) (AMAZON-AES)
1 5	34.249.128.36 34.249.128.36	16509 (AMAZON-02) (AMAZON-02)
1	13.225.80.120 13.225.80.120	16509 (AMAZON-02) (AMAZON-02)
4	172.217.22.2 172.217.22.2	15169 (GOOGLE) (GOOGLE)
1	13.226.155.55 13.226.155.55	16509 (AMAZON-02) (AMAZON-02)
1	82.199.68.72 82.199.68.72	15830 (EQUINIX-C...) (EQUINIX-CONNECT-EMEA)
2	15.237.76.117 15.237.76.117	16509 (AMAZON-02) (AMAZON-02)
1 1	99.81.11.244 99.81.11.244	16509 (AMAZON-02) (AMAZON-02)
11	34.250.51.184 34.250.51.184	16509 (AMAZON-02) (AMAZON-02)
2	54.230.55.228 54.230.55.228	16509 (AMAZON-02) (AMAZON-02)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
2	2a02:26f0:10c... 2a02:26f0:10c:58e::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1	151.101.113.108 151.101.113.108	54113 (FASTLY) (FASTLY)
2 4	172.217.22.6 172.217.22.6	15169 (GOOGLE) (GOOGLE)
1	35.227.202.26 35.227.202.26	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:825::2001	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:81d::2001	15169 (GOOGLE) (GOOGLE)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
5	2a00:1450:400... 2a00:1450:4001:814::2004	15169 (GOOGLE) (GOOGLE)
2	34.251.61.210 34.251.61.210	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
10	2600:9000:218... 2600:9000:2182:c400:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	2a05:f500:10:... 2a05:f500:10:101::b93f:9105	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE)
19	34.233.208.188 34.233.208.188	14618 (AMAZON-AES) (AMAZON-AES)
1	52.214.20.184 52.214.20.184	16509 (AMAZON-02) (AMAZON-02)
271	65

1 2.16.186.40 (Ascension Island) 1 redirects

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-186-40.deploy.static.akamaitechnologies.com

www.heraldsun.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

89 104.79.88.36 (United States) 55 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-88-36.deploy.static.akamaitechnologies.com

www.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.heraldsun.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 104.75.88.206 (Netherlands) 13 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-206.deploy.static.akamaitechnologies.com

tags.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resourcesssl.newscdn.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.speedcurve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 104.75.88.116 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-116.deploy.static.akamaitechnologies.com

content.api.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mhr.talk.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffd::c000:42d0 (Ireland)

ASN2635 (AUTOMATTIC, US)

origin.go.heraldsun.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:4600:1e:c291:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

s1.rui.au.reastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.132.126 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-southeast-2.amazonaws.com

news-networkeditorial.s3-ap-southeast-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.95.134.31 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-2.amazonaws.com

s3-ap-southeast-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.113.181 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

widget.perfectmarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.37.53.17 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-53-17.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 92.122.106.155 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-106-155.deploy.static.akamaitechnologies.com

login.newscorpaustralia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.37.61.47 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-61-47.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.195 (United States)

ASN54113 (FASTLY, US)

ts2020-indies-client.web.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.208.38 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra15s12-in-f38.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:f200:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:21f3:5e00:1e:a43d:b640:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2093:3a00:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
seccdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.7.20 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-20.fra6.r.cloudfront.net

au.tags.newscgp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:b800:4:77d:a0c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.vidora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.84.50.90 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-50-90.ham50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.43.114.245 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-43-114-245.deploy.static.akamaitechnologies.com

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.192.172.94 (United States)

ASN16509 (AMAZON-02, US)

uconnect.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.121.49.210 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 141.226.228.48 (Netherlands) 2 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.148.27.140 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.33.221.14 (Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.216.86.107 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.9 (Amsterdam, Netherlands) 1 redirects

ASN29791 (VOXEL-DOT-NET, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.161.43.127 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)

www.storygize.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.142 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (Garden City, United States)

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 51.195.5.40 (France) 6 redirects

ASN16276 (OVH, FR)
PTR: p17.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.77.12 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.80.128.92 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-128-92.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.214.144 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.105.199.172 (Japan) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)

s.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.121.66.166 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.232.164.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.249.128.36 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-128-36.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
newscorpau.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.80.120 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-120.fra2.r.cloudfront.net

cdn.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.22.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s14-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.155.55 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-55.dus51.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.199.68.72 (Netherlands)

ASN15830 (EQUINIX-CONNECT-EMEA, GB)

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.237.76.117 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-76-117.eu-west-3.compute.amazonaws.com

metrics.heraldsun.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.11.244 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 34.250.51.184 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.230.55.228 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-55-228.ham50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:10c:58e::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.22.6 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s14-in-f6.1e100.net

8228261.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.202.26 (Mountain View, United States)

ASN15169 (GOOGLE, US)

au-gmtdmp.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

55ae6dbe066050f3c3f342566fa11ce0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:814::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.251.61.210 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-61-210.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:2182:c400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:10:101::b93f:9105 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 34.233.208.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.214.20.184 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-20-184.eu-west-1.compute.amazonaws.com

secure-dcr.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
90	heraldsun.com.au 53 redirects www.heraldsun.com.au origin.go.heraldsun.com.au metrics.heraldsun.com.au	3 MB
41	adsafeprotected.com cdn.adsafeprotected.com pixel.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	469 KB
24	googlesyndication.com pagead2.googlesyndication.com 55ae6dbe066050f3c3f342566fa11ce0.safeframe.googlesyndication.com tpc.googlesyndication.com	75 KB
24	doubleclick.net 3 redirects ad.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net 8228261.fls.doubleclick.net googleads.g.doubleclick.net	143 KB
24	news.com.au 16 redirects www.heraldsun.news.com.au www.news.com.au tags.news.com.au mhr.talk.news.com.au	207 KB
23	taboola.com 2 redirects cdn.taboola.com trc.taboola.com sync.taboola.com match.taboola.com sync-t1.taboola.com cds.taboola.com trc-events.taboola.com	149 KB
16	api.news content.api.news	189 KB
11	imrworldwide.com 2 redirects secure-gl.imrworldwide.com cdn-gl.imrworldwide.com seccdn-gl.imrworldwide.com secure-dcr.imrworldwide.com	72 KB
11	newscdn.com.au resourcesssl.newscdn.com.au	73 KB
8	adnxs.com 2 redirects ib.adnxs.com acdn.adnxs.com secure.adnxs.com	9 KB
6	googletagservices.com www.googletagservices.com	172 KB
6	google.com adservice.google.com www.google.com	1 KB
6	id5-sync.com 6 redirects id5-sync.com	9 KB
6	adsrvr.org 2 redirects match.adsrvr.org js.adsrvr.org insight.adsrvr.org	6 KB
5	demdex.net 1 redirects dpm.demdex.net newscorpau.demdex.net	6 KB
5	tiqcdn.com tags.tiqcdn.com	23 KB
3	google.de www.google.de	1 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	googleadservices.com www.googleadservices.com	36 KB
3	bidswitch.net 3 redirects x.bidswitch.net	1 KB
3	mfadsrvr.com 3 redirects rtb.mfadsrvr.com	2 KB
3	serving-sys.com secure-ds.serving-sys.com bs.serving-sys.com	21 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	61 KB
3	newscorpaustralia.com login.newscorpaustralia.com
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	amazonaws.com news-networkeditorial.s3-ap-southeast-2.amazonaws.com s3-ap-southeast-2.amazonaws.com	33 KB
2	googletagmanager.com www.googletagmanager.com	76 KB
2	licdn.com snap.licdn.com	3 KB
2	chartbeat.net ping.chartbeat.net	337 B
2	tapad.com 2 redirects pixel.tapad.com	601 B
2	creative-serving.com 2 redirects ads.creative-serving.com	1 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	998 B
2	360yield.com 2 redirects ice.360yield.com	1009 B
2	lijit.com 1 redirects ce.lijit.com	1018 B
2	contextweb.com 1 redirects bh.contextweb.com	755 B
2	vidora.com assets.vidora.com	4 KB
2	perfectmarket.com widget.perfectmarket.com	32 KB
1	twitter.com analytics.twitter.com	650 B
1	t.co t.co	448 B
1	google.nl adservice.google.nl	803 B
1	mookie1.com au-gmtdmp.mookie1.com	606 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	everesttech.net 1 redirects cm.everesttech.net	517 B
1	bttrack.com bttrack.com	380 B
1	appier.net 1 redirects s.c.appier.net	362 B
1	criteo.com 1 redirects dis.criteo.com	483 B
1	emxdgt.com e1.emxdgt.com	124 B
1	adkernel.com dsp.adkernel.com	233 B
1	smartadserver.com rtb-csync.smartadserver.com	697 B
1	storygize.net 1 redirects www.storygize.net	431 B
1	pubmatic.com simage2.pubmatic.com	885 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	tealiumiq.com uconnect.tealiumiq.com	455 B
1	newscgp.com au.tags.newscgp.com	48 KB
1	chartbeat.com static.chartbeat.com	23 KB
1	fontawesome.com use.fontawesome.com	13 KB
1	web.app ts2020-indies-client.web.app	3 KB
1	reastatic.net s1.rui.au.reastatic.net	9 KB
1	speedcurve.com cdn.speedcurve.com	7 KB
0	digitaleditions.com.au Failed heraldsun.digitaleditions.com.au Failed
271	60

	Domain	Requested by
87	www.heraldsun.com.au	53 redirects www.heraldsun.com.au
20	tags.news.com.au	13 redirects tags.tiqcdn.com au.tags.newscgp.com
19	dt.adsafeprotected.com	www.heraldsun.com.au
18	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
16	content.api.news	www.heraldsun.com.au
13	securepubads.g.doubleclick.net	tags.tiqcdn.com securepubads.g.doubleclick.net www.heraldsun.com.au
11	pixel.adsafeprotected.com	cdn.adsafeprotected.com www.heraldsun.com.au
11	resourcesssl.newscdn.com.au	www.heraldsun.com.au ts2020-indies-client.web.app
10	static.adsafeprotected.com	pixel.adsafeprotected.com www.heraldsun.com.au
6	www.googletagservices.com	securepubads.g.doubleclick.net
6	id5-sync.com	6 redirects
6	sync.taboola.com	2 redirects www.heraldsun.com.au
6	cdn.taboola.com	www.heraldsun.com.au cdn.taboola.com
5	www.google.com	securepubads.g.doubleclick.net www.heraldsun.com.au
5	secure.adnxs.com	2 redirects www.heraldsun.com.au
5	pagead2.googlesyndication.com	ad.doubleclick.net securepubads.g.doubleclick.net www.heraldsun.com.au
5	cdn-gl.imrworldwide.com	www.heraldsun.com.au seccdn-gl.imrworldwide.com secure-gl.imrworldwide.com cdn-gl.imrworldwide.com
5	trc.taboola.com	cdn.taboola.com www.heraldsun.com.au
5	tags.tiqcdn.com	www.heraldsun.com.au tags.tiqcdn.com
4	8228261.fls.doubleclick.net	2 redirects www.heraldsun.com.au
4	dpm.demdex.net	1 redirects www.heraldsun.com.au tags.news.com.au
4	secure-gl.imrworldwide.com	2 redirects secure-gl.imrworldwide.com www.heraldsun.com.au
3	www.google.de	www.heraldsun.com.au
3	googleads.g.doubleclick.net	www.googleadservices.com
3	www.googleadservices.com	secure-ds.serving-sys.com www.googletagmanager.com
3	x.bidswitch.net	3 redirects
3	rtb.mfadsrvr.com	3 redirects
3	login.newscorpaustralia.com	www.heraldsun.com.au
3	sb.scorecardresearch.com	1 redirects cdn.taboola.com www.heraldsun.com.au
2	px.ads.linkedin.com	1 redirects www.heraldsun.com.au
2	insight.adsrvr.org	js.adsrvr.org
2	www.googletagmanager.com	secure-ds.serving-sys.com
2	snap.licdn.com	www.heraldsun.com.au snap.licdn.com
2	js.adsrvr.org	secure-ds.serving-sys.com
2	metrics.heraldsun.com.au	tags.news.com.au www.heraldsun.com.au
2	ping.chartbeat.net	www.heraldsun.com.au
2	trc-events.taboola.com	www.heraldsun.com.au
2	pixel.tapad.com	2 redirects
2	ads.creative-serving.com	2 redirects
2	sync.crwdcntrl.net	2 redirects
2	ice.360yield.com	2 redirects
2	sync-t1.taboola.com	www.heraldsun.com.au
2	ce.lijit.com	1 redirects www.heraldsun.com.au
2	match.adsrvr.org	2 redirects
2	cm.g.doubleclick.net	1 redirects www.heraldsun.com.au
2	ib.adnxs.com	www.heraldsun.com.au
2	bh.contextweb.com	1 redirects www.heraldsun.com.au
2	secure-ds.serving-sys.com	tags.tiqcdn.com secure-ds.serving-sys.com
2	assets.vidora.com	www.heraldsun.com.au assets.vidora.com
2	widget.perfectmarket.com	cdn.taboola.com widget.perfectmarket.com
2	news-networkeditorial.s3-ap-southeast-2.amazonaws.com	www.heraldsun.com.au
2	www.news.com.au	2 redirects
1	secure-dcr.imrworldwide.com	www.heraldsun.com.au
1	www.linkedin.com	1 redirects
1	analytics.twitter.com	static.ads-twitter.com
1	t.co	www.heraldsun.com.au
1	55ae6dbe066050f3c3f342566fa11ce0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.nl	securepubads.g.doubleclick.net
1	au-gmtdmp.mookie1.com	www.heraldsun.com.au
1	acdn.adnxs.com	www.heraldsun.com.au
1	static.ads-twitter.com	www.heraldsun.com.au
1	cm.everesttech.net	1 redirects
1	newscorpau.demdex.net	tags.news.com.au
1	bs.serving-sys.com	secure-ds.serving-sys.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	seccdn-gl.imrworldwide.com	tags.news.com.au
1	googleads4.g.doubleclick.net	ad.doubleclick.net
1	cdn.adsafeprotected.com	tags.news.com.au
1	cds.taboola.com	www.heraldsun.com.au
1	bttrack.com	www.heraldsun.com.au
1	s.c.appier.net	1 redirects
1	dis.criteo.com	1 redirects
1	e1.emxdgt.com	www.heraldsun.com.au
1	dsp.adkernel.com	www.heraldsun.com.au
1	rtb-csync.smartadserver.com	www.heraldsun.com.au
1	www.storygize.net	1 redirects
1	simage2.pubmatic.com	www.heraldsun.com.au
1	pixel.rubiconproject.com	www.heraldsun.com.au
1	match.taboola.com	www.heraldsun.com.au
1	uconnect.tealiumiq.com	www.heraldsun.com.au
1	static.hotjar.com	tags.tiqcdn.com
1	au.tags.newscgp.com	tags.tiqcdn.com
1	static.chartbeat.com	tags.tiqcdn.com
1	ad.doubleclick.net	tags.tiqcdn.com
1	use.fontawesome.com	cdn.taboola.com
1	ts2020-indies-client.web.app	www.heraldsun.com.au
1	mhr.talk.news.com.au	www.heraldsun.com.au
1	s3-ap-southeast-2.amazonaws.com	www.heraldsun.com.au
1	s1.rui.au.reastatic.net	www.heraldsun.com.au
1	origin.go.heraldsun.com.au	www.heraldsun.com.au
1	cdn.speedcurve.com	www.heraldsun.com.au
1	www.heraldsun.news.com.au	1 redirects
0	heraldsun.digitaleditions.com.au Failed	www.heraldsun.com.au
271	95

This site contains links to these domains. Also see Links.

Domain
www.plusrewards.com.au
myaccount.heraldsun.com.au
www.escape.com.au
supercoach.com.au
tips.com.au
supercoach.heraldsun.com.au
www.realestate.com.au
heraldsun.digitaleditions.com.au
www.facebook.com
www.twitter.com
www.instagram.com
heraldsun.com.au
myaccount.news.com.au
www.newsletters.news.com.au
www.mytributes.com.au
www.newscorpaustralia.com
www.newsphotos.com.au
www.newsconcierge.com.au
www.dailytelegraph.com.au
www.couriermail.com.au
www.adelaidenow.com.au
www.news.com.au
www.theaustralian.com.au
www.themercury.com.au
www.geelongadvertiser.com.au
www.cairnspost.com.au
www.goldcoastbulletin.com.au
www.townsvillebulletin.com.au
www.thechronicle.com.au
www.ntnews.com.au
www.weeklytimesnow.com.au
www.buysearchsell.com.au
leader.local.heraldsun.com.au
www.foxsports.com.au
www.foxtel.com.au
hipages.com.au
kayosports.com.au
www.punters.com.au
www.odds.com.au
www.racenet.com.au
apps.apple.com
play.google.com
preferences.news.com.au
vip.wordpress.com

Subject Issuer	Validity	Valid
news.com.au DigiCert SHA2 Secure Server CA	`2020-09-28` - `2021-09-28`	a year	crt.sh
*.speedcurve.com GlobalSign Atlas R3 DV TLS CA 2020	`2020-12-09` - `2022-01-10`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
origin.go.heraldsun.com.au Let's Encrypt Authority X3	`2020-11-02` - `2021-01-31`	3 months	crt.sh
s1.rui.au.reastatic.net Amazon	`2020-08-19` - `2021-09-18`	a year	crt.sh
*.s3-ap-southeast-2.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-07-30` - `2021-08-04`	a year	crt.sh
p.ssl.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-11-12` - `2021-02-22`	3 months	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2020-03-16` - `2021-06-15`	a year	crt.sh
web.app GTS CA 1O1	`2020-04-15` - `2021-04-14`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2020-06-01` - `2021-06-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.imrworldwide.com DigiCert SHA2 Secure Server CA	`2020-01-21` - `2021-02-24`	a year	crt.sh
au.tags.newscgp.com Amazon	`2020-02-08` - `2021-03-08`	a year	crt.sh
*.vidora.com Amazon	`2020-04-10` - `2021-05-10`	a year	crt.sh
*.hotjar.com Amazon	`2020-01-22` - `2021-02-22`	a year	crt.sh
secure-ds.serving-sys.com DigiCert SHA2 Secure Server CA	`2020-01-03` - `2021-04-03`	a year	crt.sh
*.tealiumiq.com Amazon	`2020-10-23` - `2021-11-22`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2020-05-07` - `2022-05-12`	2 years	crt.sh
*.smartadserver.com DigiCert Global CA G2	`2020-02-03` - `2022-02-03`	2 years	crt.sh
*.adkernel.com COMODO RSA Domain Validation Secure Server CA	`2017-11-17` - `2021-01-05`	3 years	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2020-05-18` - `2021-07-17`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2019-03-19` - `2021-04-13`	2 years	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
*.adsafeprotected.com Amazon	`2020-08-19` - `2021-09-18`	a year	crt.sh
bs.serving-sys.com Go Daddy Secure Certificate Authority - G2	`2020-01-07` - `2022-03-08`	2 years	crt.sh
metrics.heraldsun.com.au DigiCert SHA2 High Assurance Server CA	`2020-04-13` - `2021-07-15`	a year	crt.sh
fw.adsafeprotected.com Amazon	`2020-09-09` - `2021-10-09`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-29` - `2021-04-14`	5 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.mookie1.com DigiCert SHA2 Secure Server CA	`2020-02-21` - `2021-03-22`	a year	crt.sh
*.google.nl GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
static.adsafeprotected.com Amazon	`2020-10-03` - `2021-11-03`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-08-05` - `2021-02-05`	6 months	crt.sh
www.google.de GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
dt.adsafeprotected.com Amazon	`2020-05-20` - `2021-06-20`	a year	crt.sh
*.google.de GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh

This page contains 39 frames:

Primary Page: https://www.heraldsun.com.au/?nk=4a3afa2cbb934f375faa4617058d5b4e-1608062471
Frame ID: BFF5218C66C49FC83FB6AD2C96F3B013
Requests: 165 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=HCZjAabhY24jju_qBRNdoJhQfrhIG-oJ&nonce=2CnBxF8nEi11He3p-JddZ_6VFlS~rQOc&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
Frame ID: A0E837463D5C26B1C9246595D3AB4CA2
Requests: 1 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=S6jwSGVPT2Hv-cQURJID75arfU~DB3Cu&nonce=LtwD7KT0Q~0NdiaicBY2gf4T5dhi5UA.&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
Frame ID: 5A1153EACC31B18A12B585F4419372C8
Requests: 1 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=LhaT4Od.bVwFa3.SJOVUkt2eJvdCT_Cw&nonce=4orYjlNLEIEJymobtTLYtSzuOiv65wjK&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
Frame ID: 68B86BD73CD82FBC6CA24BEA358E08BF
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=59525ef0-3250-44c5-9735-a0c87a70b76a&tbid=a1b6216a-096c-41b9-b66e-5813b04bc646-tuct6d29b92&query=taboola_hm%3D59525ef0-3250-44c5-9735-a0c87a70b76a&isDirect=0
Frame ID: 2B7803B1774BA2DBDA33B8A023B4E303
Requests: 20 HTTP requests in this frame

Frame: https://secure-gl.imrworldwide.com/storageframe.html
Frame ID: F528705EC63C15DB827A40418BF408A0
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 4812EF514C1A1FCB78BF474B9A3C4D88
Requests: 1 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: FA1E19425E80F8513F114006DA8B4F91
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: D1D96A4B4F7254E2D223C92AAE523C99
Requests: 1 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: 79D1B691BA6975A592446751DBE34F5A
Requests: 1 HTTP requests in this frame

Frame: https://static.ads-twitter.com/uwt.js
Frame ID: F1F248FACEB582EFA531C7461EBEC069
Requests: 3 HTTP requests in this frame

Frame: https://snap.licdn.com/li.lms-analytics/insight.min.js
Frame ID: E02E5655BC2D74E68A329CE6D96A2B1F
Requests: 3 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Frame ID: 148649FDB954D7942BCC114CD7FE1C1A
Requests: 5 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: 756D2990FDECBCE94EDD4572B3EE7BCE
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/up/pixie.js
Frame ID: 600BDD3FA8AF9AD79C4A46C2E689BAF3
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CILptsnj0O0CFSaSdwod5mgM8w;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1080377071112.4772
Frame ID: 1175B471A89F6C24B1E5F7BD5D6E0F25
Requests: 1 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CJLstsnj0O0CFQiXdwod9ksP0A;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6462153067301.551
Frame ID: 94E1F744DDA21BEBFAF8990C50AE76FC
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-820018408
Frame ID: DCC63D27CDE143CF17C1C1CA601F27C5
Requests: 5 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/conversion.js
Frame ID: 2E7D1BB624F22DE1CE78C71BC753D56E
Requests: 4 HTTP requests in this frame

Frame: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296557&src.rand=[timestamp]
Frame ID: E31B293FBC4862C468ADC24826A3AE63
Requests: 1 HTTP requests in this frame

Frame: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Frame ID: 4E144131BFB0C3A3A25061D2C66230C9
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssMzooEdmk2bWuf4uWcFpf5IExkOy9Yj851g5ney20xRp4Ad4TcTOuJZo_zRLIihC6rgWB1dDlBcIWCgi0j0I4hB1tR-OI6S_UpuzHxC7Desx9qqYyzzBMl083GZlyrcqPRCw1Pp5Kbw-0BMdoKkvI1h_oICPAXAcOda3TsH18Xv63U6EmoIQ9Dqlf9aZ1VyJx_hCHJ8-R3pJQpZVIaxTHMeslATi5wM87GbabTQMHMtNON2Ofh3L4ws7xIPeMnpho6odVxkXcj&sig=Cg0ArKJSzPU5ew5sUmnpEAE&adurl=
Frame ID: 732B6C6B8C412FF6CCC3D3278FA29503
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvg5ZO4jxsU_B8Et0v3JNZ2H7PDr6C71Kbn7nLdXnvZAF97VtPzlJB6CwVjDE4QsOVJCFcmOfMdmnEwqERM_gfqpV-YYE6j-rVwjl-wIkinTuW7aTyDhsc__6L7Eg_5z4dP9TX4YBbnCI_7xrMi2qVSfkKB6suYu_tg0-3Lpbfa1rIhZfaGXVqq-WSH3LTfgV5V0G0Q3n2gDx3eWzcLcCI256q9rILltGBMGNgxRUbtI9Vo25Bv71hT90uvl0vAqAs9Y_xgqfPw&sig=Cg0ArKJSzCSKZVGG0U9bEAE&adurl=
Frame ID: DFFA517FCC4A8FE43F881ADABD380025
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv3l0SAs-t2JmGBrkLb2BBHeFa9oBlJkwoVCqsMVk-J4akHXvUrTQ92_0R_RyRtF9DnT2EY2wNb5VIroAwGpvrRoPzZAjSTcxsCy17EV18jMCbTg9kQEeng5TYBKr1SoiKLdX0VencwzlMMbbSqKuKV2H3kuT92R4gzWohPiNzHVVWhsVuwsAUBMX5Hk-8oWLYD4NAUMrL3RlVu0-WTL37zG-fbzZJ7BaA_RsU5f-lHNHcXk3Ab6G6c6qVBvqLD6_IND20_LHiA&sig=Cg0ArKJSzGoW-Lp9CuFuEAE&adurl=
Frame ID: 723C915B951C6F40E3C9C4CC53AF435A
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvswjThA7wXScX-GzEKwINl3umcVIurW6Jn9WUqNN3MMqECmSy3ajhDRytW6rAlMWMJpT77RVD6EEzisWJIuY5xBnUztlJherq2QfRozkzBAA5zwufQ77UDQFv6RRLt53SAr-9OUj7ohvjaPlGBrbBgscLqVCGC7P32SH6gOA7DV8kD_I1fkp-0MtGCjZMtIlzyWQB7pDNzC94CP5aRezRHMBm1PyJMy0Glkw_pm7zaraFgjofT7yNjQJ3FV4-YNt2piTeNMSej&sig=Cg0ArKJSzFetyfWob424EAE&adurl=
Frame ID: 0243D65F48956F7B3BC9D033FA8FE127
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst4A-Mv8e31qKr26lZ5Px94u9h7OgB0UbN2fqrKEUA6ib6is9p3-RF2zDfKz97Lc5ez4p2ZmZeVnbDI0vb-r-7rGGoGGZWjX1Oh1BexoVTJzM0XbG7dxi4H8WfIbCGHrlXaQb8KgKYFxmSpoqbMBgZaD3E5vmsTPSRUsxTLvEyNjxlPtQWl9LB5BldFTaIPPWGp2LiRx9prynBX2XzKIWCl-N2tKIYWrOml5VLeZR6a5X48GnZeZXJXzXXhG7Vz5CUIr8efKUn7&sig=Cg0ArKJSzOL8_Qketsh7EAE&adurl=
Frame ID: 40DD655FA8856684406A59A149A45D83
Requests: 7 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025548&pubOrder=305536031&cb=1566836915&custom=homepage&custom3=168400391&adsafe_par&impId=4f19a82b-3f10-11eb-8b24-0ab32f77e5b0
Frame ID: 0AEACA24716F80A5DDAA4E464E03FEB0
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025551&pubOrder=305536031&cb=573688561&custom=homepage&custom3=168400391&adsafe_par&impId=4f19a82a-3f10-11eb-8b24-0ab32f77e5b0
Frame ID: A68424106DF1D84944A40923F97AD471
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092042&pubOrder=305536031&cb=1383567697&custom=homepage&custom3=168400391&adsafe_par&impId=4f19a82c-3f10-11eb-8b24-0ab32f77e5b0
Frame ID: 1E985BA2A05151042635B8015E37EAD2
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234082439&pubOrder=305536031&cb=485181901&custom=homepage&custom3=168400391&adsafe_par&impId=4f19a82d-3f10-11eb-8b24-0ab32f77e5b0
Frame ID: 3D0E0190A41C6B6D23312D97F1C5195E
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025461&pubOrder=305536031&cb=456819254&custom=homepage&custom3=168400391&adsafe_par&impId=4f19a82e-3f10-11eb-8b24-0ab32f77e5b0
Frame ID: B8EBB4B72151BA9C580095BFF5E2B0F4
Requests: 2 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Frame ID: B54C30A82EF3F92FD033783571429F69
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Frame ID: 91ECA465359C5391380FFC06D72F786C
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.114.js
Frame ID: FD0F116563598A38227015B9205522F1
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.114.js
Frame ID: 978EFE8672092A1144DD67F57AC19DBE
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.114.js
Frame ID: 7B7D21524790B1B80FDBC1FAC0FB3148
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.114.js
Frame ID: 44C15E20FA58894C7D216271C42A72B3
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.114.js
Frame ID: 38A31DD89A0C0D605556B499452A8CB0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: D4E93BC8AE851E5C2341D3E1685856E4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.heraldsun.news.com.au/common/story_page/0,5478,4859169%255e663,00.html HTTP 301
http://www.news.com.au/heraldsun/common/story_page/0,5478,4859169%255e663,00.html HTTP 301
https://www.news.com.au/heraldsun/common/story_page/0,5478,4859169%255e663,00.html HTTP 301
https://www.heraldsun.com.au/ HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2f HTTP 302
https://www.heraldsun.com.au/ HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&160... HTTP 302
https://www.heraldsun.com.au/?nk=4a3afa2cbb934f375faa4617058d5b4e-1608062471 Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

271
Requests

100 %
HTTPS

20 %
IPv6

60
Domains

95
Subdomains

65
IPs

9
Countries

5377 kB
Transfer

8726 kB
Size

13
Cookies

55 Outgoing links

These are links going to different origins than the main page.

URL: https://www.plusrewards.com.au/heraldsun/offers
Title: Rewards

Search URL Search Domain Scan URL

URL: https://myaccount.heraldsun.com.au/s
Title: My account

Search URL Search Domain Scan URL

URL: https://www.escape.com.au/
Title: Travel

Search URL Search Domain Scan URL

URL: https://supercoach.com.au/
Title: SuperCoach

Search URL Search Domain Scan URL

URL: http://tips.com.au/afl/?source_code=HSWEB_TIP1271
Title: tips.com.au

Search URL Search Domain Scan URL

URL: https://supercoach.heraldsun.com.au/racing
Title: SuperCoach

Search URL Search Domain Scan URL

URL: https://supercoach.heraldsun.com.au/nrl
Title: SuperCoach

Search URL Search Domain Scan URL

URL: https://tips.com.au/nrl/
Title: tips.com.au

Search URL Search Domain Scan URL

URL: https://www.realestate.com.au/news/garry-lyon-nicky-brownless-sell-armadale-home-at-auction-for-huge-sum/?rsf=syn:news:nca:hs:spa

Search URL Search Domain Scan URL

URL: https://www.realestate.com.au/

Search URL Search Domain Scan URL

URL: https://www.escape.com.au/destinations/asia/bali/russian-influencer-causes-outrage-with-reckless-motorcycle-stunt-in-bali/news-story/47a620c7e1fb5a54e72b3dd1b8e558e5

Search URL Search Domain Scan URL

URL: https://www.escape.com.au/news/jetstar-launches-christmas-sale-with-some-29-airfare-deals/news-story/844a323bc855bd77ab7ec13eb57a2673
Title: Jetstar drops thousands of $29 flights

Search URL Search Domain Scan URL

URL: https://www.escape.com.au/experiences/lifestyle-and-culture/the-poolside-eateries-where-youll-find-us-this-summer/news-story/a14dc8b358992ed59c7a1acf2f999249
Title: ‘The most messed up chicken and chips’

Search URL Search Domain Scan URL

URL: https://heraldsun.digitaleditions.com.au/index.php
Title: Front pageRead today's paper as it was printed.

Search URL Search Domain Scan URL

URL: https://www.facebook.com/heraldsun

Search URL Search Domain Scan URL

URL: https://www.twitter.com/theheraldsun

Search URL Search Domain Scan URL

URL: https://www.instagram.com/heraldsunphoto

Search URL Search Domain Scan URL

URL: http://heraldsun.com.au/help-rss

Search URL Search Domain Scan URL

URL: https://myaccount.news.com.au/heraldsun/help/subscriptionTerms?pkgDef=HS_GCRACA_W52&hideRegistrationTnC=true
Title: Group/Corporate subscriptions

Search URL Search Domain Scan URL

URL: https://www.newsletters.news.com.au/heraldsun
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://www.mytributes.com.au/
Title: My Tributes

Search URL Search Domain Scan URL

URL: http://www.newscorpaustralia.com/careers
Title: Job Opportunities

Search URL Search Domain Scan URL

URL: https://myaccount.news.com.au/heraldsun/help/subscriptionTerms
Title: Subscription terms

Search URL Search Domain Scan URL

URL: https://myaccount.news.com.au/heraldsun/help/subscriptionTerms?pkgDef=HS_LAPP_17A_W04#subscribe
Title: App only subscription terms

Search URL Search Domain Scan URL

URL: http://www.newsphotos.com.au/C.aspx?VP3=CMS3&VF=Home
Title: Photo Sales

Search URL Search Domain Scan URL

URL: https://www.newsconcierge.com.au/
Title: Advertise with us

Search URL Search Domain Scan URL

URL: https://www.dailytelegraph.com.au/
Title: The Daily Telegraph

Search URL Search Domain Scan URL

URL: https://www.couriermail.com.au/
Title: Courier Mail

Search URL Search Domain Scan URL

URL: http://www.adelaidenow.com.au/
Title: The Advertiser

Search URL Search Domain Scan URL

URL: https://www.news.com.au/
Title: news.com.au

Search URL Search Domain Scan URL

URL: https://www.theaustralian.com.au/
Title: The Australian

Search URL Search Domain Scan URL

URL: https://www.themercury.com.au/
Title: The Mercury

Search URL Search Domain Scan URL

URL: https://www.geelongadvertiser.com.au/
Title: Geelong Advertiser

Search URL Search Domain Scan URL

URL: https://www.cairnspost.com.au/
Title: The Cairns Post

Search URL Search Domain Scan URL

URL: https://www.goldcoastbulletin.com.au/
Title: Gold Coast Bulletin

Search URL Search Domain Scan URL

URL: https://www.townsvillebulletin.com.au/
Title: Townsville Bulletin

Search URL Search Domain Scan URL

URL: https://www.thechronicle.com.au/
Title: The Chronicle

Search URL Search Domain Scan URL

URL: https://www.ntnews.com.au/
Title: NT News

Search URL Search Domain Scan URL

URL: https://www.weeklytimesnow.com.au/
Title: The Weekly Times

Search URL Search Domain Scan URL

URL: https://www.buysearchsell.com.au/
Title: Buy Search Sell

Search URL Search Domain Scan URL

URL: http://leader.local.heraldsun.com.au/
Title: Find Your Local

Search URL Search Domain Scan URL

URL: http://www.foxsports.com.au/
Title: Foxsports

Search URL Search Domain Scan URL

URL: https://www.foxtel.com.au/index.html
Title: Foxtel

Search URL Search Domain Scan URL

URL: https://hipages.com.au/
Title: Hipages

Search URL Search Domain Scan URL

URL: https://kayosports.com.au/
Title: Kayo

Search URL Search Domain Scan URL

URL: https://www.punters.com.au/
Title: Punters

Search URL Search Domain Scan URL

URL: https://www.odds.com.au/
Title: odds.com.au

Search URL Search Domain Scan URL

URL: https://www.racenet.com.au/
Title: racenet.com.au

Search URL Search Domain Scan URL

URL: https://apps.apple.com/au/app/herald-sun/id392582225

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.newscorp.heraldsun

Search URL Search Domain Scan URL

URL: https://preferences.news.com.au/##collect
Title: Find out more about our policy and your choices, including how to opt-out.

Search URL Search Domain Scan URL

URL: https://preferences.news.com.au/
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://preferences.news.com.au/##optout
Title: Relevant ads opt-out

Search URL Search Domain Scan URL

URL: https://preferences.news.com.au/cookies
Title: Cookie policy

Search URL Search Domain Scan URL

URL: https://vip.wordpress.com/
Title: WordPress.com VIP

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.heraldsun.news.com.au/common/story_page/0,5478,4859169%255e663,00.html HTTP 301
http://www.news.com.au/heraldsun/common/story_page/0,5478,4859169%255e663,00.html HTTP 301
https://www.news.com.au/heraldsun/common/story_page/0,5478,4859169%255e663,00.html HTTP 301
https://www.heraldsun.com.au/ HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2f HTTP 302
https://www.heraldsun.com.au/ HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&16080624701825613793 HTTP 302
https://www.heraldsun.com.au/?nk=4a3afa2cbb934f375faa4617058d5b4e-1608062471 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fwp-content%2fthemes%2fnewscorpau-news-dna%2fdist%2fimages%2flogos%2fheraldsun.svg HTTP 302
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg

Request Chain 20

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun-white.svg HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fwp-content%2fthemes%2fnewscorpau-news-dna%2fdist%2fimages%2flogos%2fheraldsun-white.svg HTTP 302
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun-white.svg

Request Chain 30

https://www.heraldsun.com.au/digitalprinteditions HTTP 301
https://idp.news.com.au/idp/services/generatetoken?target=HeraldSun&url=http%3A%2F%2Fheraldsun.digitaleditions.com.au%2F HTTP 0
http://heraldsun.digitaleditions.com.au/

Request Chain 31

https://www.heraldsun.com.au/tributes/ HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2ftributes%2f&1608062480675398490 HTTP 302
https://www.heraldsun.com.au/tributes/?nk=c3784698ad67debdabad605b729be7e5-1608062481

Request Chain 32

https://www.heraldsun.com.au/subscribe/news/1/?int_medium=display&int_source=site-link&int_campaign=acq_onsite_login&int_content=link&sourceCode=HSWEB_ONS538 HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fsubscribe%2fnews%2f1%2f%3fint_medium%3ddisplay%26int_source%3dsite-link%26int_campaign%3dacq_onsite_login%26int_content%3dlink%26sourceCode%3dHSWEB_ONS538&16080624801904746468 HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?int_medium=display&int_source=site-link&int_campaign=acq_onsite_login&int_content=link&sourceCode=HSWEB_ONS538&nk=8fd140a320ec877ebbf88aaa9107426e-1608062481

Request Chain 33

https://www.heraldsun.com.au/ HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&1608062480373505133 HTTP 302
https://www.heraldsun.com.au/?nk=5b20c07bdf2d2aa4df45d5cedb907556-1608062481

Request Chain 34

https://www.heraldsun.com.au/leader HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fleader&16080624801072922752 HTTP 302
https://www.heraldsun.com.au/leader?nk=86348729bc20108bda013f4bbf98f0fb-1608062481

Request Chain 35

https://www.heraldsun.com.au/news/victoria HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fvictoria HTTP 302
https://www.heraldsun.com.au/news/victoria HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fvictoria&1608062485559826381 HTTP 302
https://www.heraldsun.com.au/news/victoria?nk=27da5035f0223ac72943672a646942f5-1608062486

Request Chain 36

https://www.heraldsun.com.au/news/national HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fnational HTTP 302
https://www.heraldsun.com.au/news/national HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fnational&1608062485157486749 HTTP 302
https://www.heraldsun.com.au/news/national?nk=47742b7ae55aa4ee037efaa7b22aa8f2-1608062486

Request Chain 37

https://www.heraldsun.com.au/news/world HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fworld HTTP 302
https://www.heraldsun.com.au/news/world HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fworld&1608062486466283111 HTTP 302
https://www.heraldsun.com.au/news/world?nk=edee2fd90f59e54ccf2138cd2da6867c-1608062487

Request Chain 38

https://www.heraldsun.com.au/news/opinion HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fopinion HTTP 302
https://www.heraldsun.com.au/news/opinion HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fopinion&1608062485702153158 HTTP 302
https://www.heraldsun.com.au/news/opinion?nk=4d6a850fad4f3a48566ed2ffbea25b1e-1608062486

Request Chain 39

https://www.heraldsun.com.au/business HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fbusiness HTTP 302
https://www.heraldsun.com.au/business HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fbusiness&16080624851811668366 HTTP 302
https://www.heraldsun.com.au/business?nk=bb7e78417a49791e8e9cef0047791e21-1608062486

Request Chain 40

https://www.heraldsun.com.au/entertainment HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fentertainment HTTP 302
https://www.heraldsun.com.au/entertainment HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fentertainment&1608062485949476946 HTTP 302
https://www.heraldsun.com.au/entertainment?nk=edee2fd90f59e54ccf2138cd2da6867c-1608062486

Request Chain 41

https://www.heraldsun.com.au/lifestyle HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2flifestyle HTTP 302
https://www.heraldsun.com.au/lifestyle

Request Chain 42

https://www.heraldsun.com.au/sport HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fsport HTTP 302
https://www.heraldsun.com.au/sport

Request Chain 43

https://www.heraldsun.com.au/uncategorized/baby-killers-ridiculous-sentence/promo/3a10d2d8ebe9c7914ba58ecb6bc330c9 HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2funcategorized%2fbaby-killers-ridiculous-sentence%2fpromo%2f3a10d2d8ebe9c7914ba58ecb6bc330c9 HTTP 302
https://www.heraldsun.com.au/uncategorized/baby-killers-ridiculous-sentence/promo/3a10d2d8ebe9c7914ba58ecb6bc330c9

Request Chain 44

https://www.heraldsun.com.au/lifestyle/smart/how-the-crown-has-brought-dianas-fashion-back-in-focus/news-story/29f9e8a17c9ce0d684d6fddc6f3b2ffa HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Flifestyle%2Fsmart%2Fhow-the-crown-has-brought-dianas-fashion-back-in-focus%2Fnews-story%2F29f9e8a17c9ce0d684d6fddc6f3b2ffa&memtype=anonymous&mode=premium

Request Chain 45

https://www.heraldsun.com.au/business/school-banking-targets-loyalty-but-does-not-encourage-saving-asic/news-story/7befba77fa3b4991c5d9b1addc515e34 HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fbusiness%2Fschool-banking-targets-loyalty-but-does-not-encourage-saving-asic%2Fnews-story%2F7befba77fa3b4991c5d9b1addc515e34&memtype=anonymous&mode=premium

Request Chain 47

https://www.heraldsun.com.au/coronavirus/new-criteria-changes-wholl-get-covid19-vaccine-first/news-story/673af666e1eb8e6d4d0d8c72c2cdfb9f HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fnew-criteria-changes-wholl-get-covid19-vaccine-first%2Fnews-story%2F673af666e1eb8e6d4d0d8c72c2cdfb9f&memtype=anonymous&mode=premium

Request Chain 49

https://www.heraldsun.com.au/news/victoria/six-properties-to-make-way-for-suburban-rail-loop-train-yard-at-former-construction-tip-site/news-story/d1a89579b60f21a703a0aedbcb950f9b HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fvictoria%2Fsix-properties-to-make-way-for-suburban-rail-loop-train-yard-at-former-construction-tip-site%2Fnews-story%2Fd1a89579b60f21a703a0aedbcb950f9b&memtype=anonymous&mode=premium HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fsubscribe%2fnews%2f1%2f%3fsourceCode%3dHSWEB_WRE170_a%26dest%3dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fnews%252Fvictoria%252Fsix-properties-to-make-way-for-suburban-rail-loop-train-yard-at-former-construction-tip-site%252Fnews-story%252Fd1a89579b60f21a703a0aedbcb950f9b%26memtype%3danonymous%26mode%3dpremium HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fvictoria%2Fsix-properties-to-make-way-for-suburban-rail-loop-train-yard-at-former-construction-tip-site%2Fnews-story%2Fd1a89579b60f21a703a0aedbcb950f9b&memtype=anonymous&mode=premium

Request Chain 51

https://www.heraldsun.com.au/education/schools-hub/dunce-teachers-to-be-weeded-out-with-tough-test/news-story/70981f845b774d62bd0f3da3bd3f187b HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Feducation%2Fschools-hub%2Fdunce-teachers-to-be-weeded-out-with-tough-test%2Fnews-story%2F70981f845b774d62bd0f3da3bd3f187b&memtype=anonymous&mode=premium HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fsubscribe%2fnews%2f1%2f%3fsourceCode%3dHSWEB_WRE170_a%26dest%3dhttps%253A%252F%252Fwww.heraldsun.com.au%252Feducation%252Fschools-hub%252Fdunce-teachers-to-be-weeded-out-with-tough-test%252Fnews-story%252F70981f845b774d62bd0f3da3bd3f187b%26memtype%3danonymous%26mode%3dpremium HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Feducation%2Fschools-hub%2Fdunce-teachers-to-be-weeded-out-with-tough-test%2Fnews-story%2F70981f845b774d62bd0f3da3bd3f187b&memtype=anonymous&mode=premium

Request Chain 52

https://www.heraldsun.com.au/news/victoria/melbourne-suburbs-where-2020-homebuyers-have-spent-the-most-corelogic/news-story/4bd91cc6da693eed17dbf7832e18bb3b HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fvictoria%2Fmelbourne-suburbs-where-2020-homebuyers-have-spent-the-most-corelogic%2Fnews-story%2F4bd91cc6da693eed17dbf7832e18bb3b&memtype=anonymous&mode=premium HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fsubscribe%2fnews%2f1%2f%3fsourceCode%3dHSWEB_WRE170_a%26dest%3dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fnews%252Fvictoria%252Fmelbourne-suburbs-where-2020-homebuyers-have-spent-the-most-corelogic%252Fnews-story%252F4bd91cc6da693eed17dbf7832e18bb3b%26memtype%3danonymous%26mode%3dpremium&16080624951095530608 HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fvictoria%2Fmelbourne-suburbs-where-2020-homebuyers-have-spent-the-most-corelogic%2Fnews-story%2F4bd91cc6da693eed17dbf7832e18bb3b&memtype=anonymous&mode=premium&nk=a0ff3a0e9d8b6901ecb0757770654435-1608062496

Request Chain 53

https://www.heraldsun.com.au/entertainment/confidential HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fentertainment%2fconfidential HTTP 302
https://www.heraldsun.com.au/entertainment/confidential HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fentertainment%2fconfidential HTTP 302
https://www.heraldsun.com.au/entertainment/confidential HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fentertainment%2fconfidential&16080624951697004517 HTTP 302
https://www.heraldsun.com.au/entertainment/confidential?nk=2d74b03a24cd3369d801fd3028b64f9f-1608062496

Request Chain 54

https://www.heraldsun.com.au/entertainment/confidential/richmond-coach-damien-harwick-has-separated-from-his-wife-danielle/news-story/4e64d940189d4534ef1398e511cbfd50 HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fentertainment%2Fconfidential%2Frichmond-coach-damien-harwick-has-separated-from-his-wife-danielle%2Fnews-story%2F4e64d940189d4534ef1398e511cbfd50&memtype=anonymous&mode=premium

Request Chain 55

https://www.heraldsun.com.au/news/national/malka-leifer-can-be-extradited-to-australia-court-rules/news-story/c608fa2489819c44cc739fbfb500cc3d HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Fmalka-leifer-can-be-extradited-to-australia-court-rules%2Fnews-story%2Fc608fa2489819c44cc739fbfb500cc3d&memtype=anonymous&mode=premium

Request Chain 68

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1608062480805&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1608062480805&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9=&cs_ak_ss=1

Request Chain 82

https://secure-gl.imrworldwide.com/v60.js HTTP 301
https://cdn-gl.imrworldwide.com/v60.js

Request Chain 97

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=59525ef0-3250-44c5-9735-a0c87a70b76a HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=59525ef0-3250-44c5-9735-a0c87a70b76a&tbid=a1b6216a-096c-41b9-b66e-5813b04bc646-tuct6d29b92&query=taboola_hm%3D59525ef0-3250-44c5-9735-a0c87a70b76a&isDirect=0

Request Chain 99

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=PvMiHcsOifi9&ev=1&orig=trc&pid=562107

Request Chain 101

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEG9otnUjxFfg10EQNx0CIfw&google_cver=1

Request Chain 103

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=22be8c20-d11f-457f-85d5-0f6123606eab-tuct6d29b92

Request Chain 104

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=26ee1fe5-127a-4e43-82a1-10e74a08cbfe

Request Chain 105

https://ce.lijit.com/merge?pid=42&3pid=4ff041ca-6074-4e4f-91ee-2a4605a74413-tuct6d29b90&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=42&3pid=4ff041ca-6074-4e4f-91ee-2a4605a74413-tuct6d29b90&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

Request Chain 107

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=4ff041ca-6074-4e4f-91ee-2a4605a74413-tuct6d29b90 HTTP 302
https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301

Request Chain 111

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=a66f0645-04d0-48fa-b346-68538ecc49f4

Request Chain 112

https://id5-sync.com/s/464/9.gif?puid=4ff041ca-6074-4e4f-91ee-2a4605a74413-tuct6d29b90&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/464/464/7/1.gif?puid=4ff041ca-6074-4e4f-91ee-2a4605a74413-tuct6d29b90&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO6x11SAaag_9ONWFtyuslCz4bBOot4V0lR4BG0Q&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO6x11SAaag_9ONWFtyuslCz4bBOot4V0lR4BG0Q&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/464/124/6/2.gif?puid=621590fb-fffc-482f-bb1a-ae94b8f09bc9&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/19/5/3.gif?puid=3236e03bac54d15ecd7ff0c2707b559b&gdpr=1&gdpr_consent= HTTP 302
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/464/101/4/4.gif?puid=07d837ab-9b70-412d-935c-7ea1633829c9&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/108/3/5.gif?puid=51e7bb63-3f10-11eb-8cdd-aa1ed121fdfa&gdpr=1&gdpr_consent= HTTP 302
https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=

Request Chain 113

https://s.c.appier.net/taboola HTTP 302
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=w-NpVRHjDO2yAt25ExbZXw

Request Chain 116

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=c976ed1a-5168-481a-9d17-b1c058b25a0e HTTP 302
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=59525ef0-3250-44c5-9735-a0c87a70b76a&ssp=taboola HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c976ed1a-5168-481a-9d17-b1c058b25a0e

Request Chain 121

https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1608062481557 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1608062481557

Request Chain 127

https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1608062481909&ci=newscorp&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&sr=1600x1200&id=lstrg-ccd9ea9330f76cb1e9f4a36f97ef6df0&tz=1 HTTP 302
https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1608062481909&ci=newscorp&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&sr=1600x1200&id=lstrg-ccd9ea9330f76cb1e9f4a36f97ef6df0&tz=1&ja=1

Request Chain 139

https://cm.everesttech.net/cm/dd?d_uuid=58555027313566200433690474862434481875 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=X9kWFAAAAD0RIR-H

Request Chain 157

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1080377071112.4772 HTTP 302
https://8228261.fls.doubleclick.net/activityi;dc_pre=CILptsnj0O0CFSaSdwod5mgM8w;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1080377071112.4772

Request Chain 158

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6462153067301.551 HTTP 302
https://8228261.fls.doubleclick.net/activityi;dc_pre=CJLstsnj0O0CFQiXdwod9ksP0A;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6462153067301.551

Request Chain 162

https://secure.adnxs.com/px?id=879166&seg=9702347&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2

Request Chain 163

https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1

Request Chain 227

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&time=1608062485950 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252F%26time%3D1608062485950%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&time=1608062485950&liSync=true

271 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.heraldsun.com.au/
Redirect Chain

http://www.heraldsun.news.com.au/common/story_page/0,5478,4859169%255e663,00.html
http://www.news.com.au/heraldsun/common/story_page/0,5478,4859169%255e663,00.html
https://www.news.com.au/heraldsun/common/story_page/0,5478,4859169%255e663,00.html
https://www.heraldsun.com.au/
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2f
https://www.heraldsun.com.au/
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&16080624701825613793
https://www.heraldsun.com.au/?nk=4a3afa2cbb934f375faa4617058d5b4e-1608062471

332 KB
59 KB

7563ms
7563ms

Document
text/html

104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/?nk=4a3afa2cbb934f375faa4617058d5b4e-1608062471

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

df9f327b5f87a3230f07980bc89cd2d1740f86efac49422c807f325c8d58d700

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

:method: GET
:authority: www.heraldsun.com.au
:scheme: https
:path: /?nk=4a3afa2cbb934f375faa4617058d5b4e-1608062471
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: n_regis=123456789
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: nginx
content-type: text/html; charset=UTF-8
set-cookie: AWSALB=u47ORODcDFTbBUzqm9j3ytoDJ3PX2Ki7g6n2WXiuewx9jwvHytNoa0SZj2CyQ+P2I1yMxEQMO07kJqMkDozlsio53u7wY0bfd03bM1oElH3GShFjZhZFcDL02FFP; Expires=Tue, 22 Dec 2020 20:01:12 GMT; Path=/ AWSALBCORS=u47ORODcDFTbBUzqm9j3ytoDJ3PX2Ki7g6n2WXiuewx9jwvHytNoa0SZj2CyQ+P2I1yMxEQMO07kJqMkDozlsio53u7wY0bfd03bM1oElH3GShFjZhZFcDL02FFP; Expires=Tue, 22 Dec 2020 20:01:12 GMT; Path=/; SameSite=None; Secure
x-powered-by: WordPress VIP <https://wpvip.com>
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
vary: User-Agent Accept-Encoding
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2f%3fnk%3d4a3afa2cbb934f375faa4617058d5b4e-1608062471&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=&session=4a3afa2cbb934f375faa4617058d5b4e
x-arrrg5: BlaizeHappened
x-rq: bom2 119 100 3097
x-xss-protection: 1
x-content-type-options: nosniff
host-header: a9130478a60e5f9135f765b23f26593b
content-encoding: gzip
expires: Tue, 15 Dec 2020 20:01:19 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 15 Dec 2020 20:01:19 GMT

Redirect headers

server: AkamaiGHost
content-length: 154
content-type: text/html
location: https://www.heraldsun.com.au/?nk=4a3afa2cbb934f375faa4617058d5b4e-1608062471
set-cookie: nk=4a3afa2cbb934f375faa4617058d5b4e; expires=Fri, 15 Dec 2023 20:01:11 GMT; path=/; domain=news.com.au; SameSite=None; Secure;
mime-version: 1.0
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
vary: Accept-Encoding
etag: "05563c72b22b39afb384f19701c03047:1600838589.100191"
expires: Tue, 15 Dec 2020 20:01:11 GMT
cache-control: max-age=0, no-cache
pragma: no-cache
date: Tue, 15 Dec 2020 20:01:11 GMT

GET
H2 200 css-metro-desktop-lazy.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 1 B
594 B 240ms
239ms Stylesheet
text/css 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4a3afa2cbb934f375faa4617058d5b4e-1608062471

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-rq: ewr4 114 53 3167
last-modified: Fri, 06 Nov 2020 23:21:49 GMT
server: nginx
etag: "5fa5da8d-1"
vary: User-Agent
content-type: text/css
expires: Tue, 15 Dec 2020 20:02:14 GMT
cache-control: max-age=55
date: Tue, 15 Dec 2020 20:01:19 GMT
is-https: true
content-length: 1
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 lux.js Show response
cdn.speedcurve.com/js/ 21 KB
7 KB 430ms
120ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.speedcurve.com/js/lux.js?id=338391603

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4a3afa2cbb934f375faa4617058d5b4e-1608062471

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

ef024a5f6a6afe4d445fd60002ff33e71b80ca52cbaab97153e31ab62b40d379

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
content-encoding: gzip
age: 2140
x-cache: HIT
content-length: 6883
x-served-by: cache-hhn4058-HHN
access-control-allow-origin: *
last-modified: Tue, 15 Dec 2020 19:25:39 GMT
server: Apache
x-timer: S1608062480.991328,VS0,VE0
date: Tue, 15 Dec 2020 20:01:19 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Tue, 22 Dec 2020 19:25:39 GMT
cache-control: max-age=604800
x-ua-compatible: IE=edge
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 14

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/ 216 KB
33 KB 364ms
113ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4a3afa2cbb934f375faa4617058d5b4e-1608062471
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d30c304b532eefb574ab0b37a9c46d7e6cd847ed4c4a932abba999250626c2a

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 5FJ1ynyZf3yeompF6CHoND9h3CtYjuwb
content-encoding: gzip
etag: "3cd2618ae05ee1ba6e54a171b46d995c"
age: 22009
x-cache: HIT
content-length: 33407
x-amz-id-2: f3HGsQc8si9roPo5LQ4aWEJtw2so5wR7JLoh/NXHg+4IoInCNmpQA1ztbD8+ewGB+3oeuaHUK9s=
x-served-by: cache-fra19163-FRA
last-modified: Tue, 15 Dec 2020 13:43:48 GMT
server: AmazonS3
x-timer: S1608062480.945591,VS0,VE2
date: Tue, 15 Dec 2020 20:01:19 GMT
vary: Accept-Encoding
x-amz-request-id: 5C82301FF867A721
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 24
x-cache-hits: 1

GET
H2

200

heraldsun.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/
Redirect Chain

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fwp-content%2fthemes%2fnewscorpau-news-dna%2fdist%2fimages%2flogos%2fheraldsun.svg
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg

8 KB
4 KB

145ms
145ms

Image
image/svg+xml

104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

5e7b471a7b5dcd0107a7a7d6e057c7a6377f258a3bf28087ce83711e0ae4826a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:20 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 3055
x-rq: bom2 116 215 3090
last-modified: Fri, 06 Nov 2020 23:30:15 GMT
server: nginx
etag: W/"5fa5dc87-1f69"
vary: User-Agent
content-type: image/svg+xml
cache-control: max-age=1916099
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Thu, 07 Jan 2021 00:16:19 GMT

Redirect headers

pragma: no-cache
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: AkamaiNetStorage
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
etag: "8222bdfdf08f1a28312e7d161218ff2d:1551324797"
vary: User-Agent
content-type: text/html
location: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg
cache-control: max-age=0, no-cache, no-store
date: Tue, 15 Dec 2020 20:01:20 GMT
is-https: true
content-length: 154
expires: Tue, 15 Dec 2020 20:01:20 GMT

GET
H2 200 charter_bold_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 12 KB
12 KB 400ms
109ms Font
binary/octet-stream 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold_italic.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4a3afa2cbb934f375faa4617058d5b4e-1608062471
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:20 GMT
last-modified: Fri, 25 Sep 2020 03:04:51 GMT
server: AmazonS3
x-amz-request-id: EE3D21683166F96F
etag: "da48b0752549dabb4675d82412c9cd2d"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=383274
accept-ranges: bytes
content-length: 12440
x-amz-id-2: BGzA4H6MhiNFsVMRHnDid7w0RneCV9f+L69FdEMmbqtC5J6BXqShCVeo7uP6Jum7BVtWfb2VAeI=
expires: Sun, 20 Dec 2020 06:29:14 GMT

GET
H2 200 source-sans-pro-regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 16 KB
16 KB 437ms
146ms Font
binary/octet-stream 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-regular.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4a3afa2cbb934f375faa4617058d5b4e-1608062471
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:20 GMT
last-modified: Tue, 01 Sep 2020 04:31:33 GMT
server: AmazonS3
x-amz-request-id: 34B4778288C88CAA
etag: "899c8f78ce650d4009d42443897aa723"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=221721
accept-ranges: bytes
content-length: 16112
x-amz-id-2: 0V9i/JC3jV0uO9z1+RHGizGZNe8ea4s0M3lvOab3o97ikLfxhLYoNjWrU3t9GbdAE8O37bCHHcA=
expires: Fri, 18 Dec 2020 09:36:41 GMT

GET
H2 200 source-sans-pro-600.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 16 KB
16 KB 531ms
240ms Font
binary/octet-stream 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-600.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4a3afa2cbb934f375faa4617058d5b4e-1608062471
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:20 GMT
last-modified: Tue, 22 Sep 2020 06:30:09 GMT
server: AmazonS3
x-amz-request-id: B9F079BFD69B8BC1
etag: "c85615b296302af51e683eecb5e371d4"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=325819
accept-ranges: bytes
content-length: 15948
x-amz-id-2: DPCyCCKT0juTREQMOkBTQL82bK8sJ1cHlMUrULDEc9V9ZluCRM4RuSFSdOhDVMhG9DNYyK1s4MM=
expires: Sat, 19 Dec 2020 14:31:39 GMT

GET
H2 200 6c667bc6f5120b89ed37824d678ac2be
content.api.news/v3/images/bin/ 31 KB
32 KB 2942ms
2368ms Image
image/jpeg 104.75.88.116
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/6c667bc6f5120b89ed37824d678ac2be?width=650
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.116 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-116.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 08d947fb68ecdb4afd04c4f6a981249860bb7bf35fde3869331d972e8f88ad87

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: 6c667bc6f5120b89ed37824d678ac2be
date: Tue, 15 Dec 2020 20:01:22 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 71b27731a27b8c12ee5d9c76f6f75ed3-6c667bc6f5120b89ed37824d678ac2be-650
x-serial: 1778
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5180316
last-modified: Tue, 15 Dec 2020 19:00:36 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 32156
expires: Sat, 13 Feb 2021 18:59:58 GMT

GET
H2 200 d0ef09499ff20d3f80016db60025cfe0
content.api.news/v3/images/bin/ 5 KB
6 KB 1100ms
526ms Image
image/jpeg 104.75.88.116
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/d0ef09499ff20d3f80016db60025cfe0?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.116 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-116.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: bcbae4ba04442de51d06061a1a40872e3d7af82d29090aa9ca2d72fbdbeb9c96

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: d0ef09499ff20d3f80016db60025cfe0
date: Tue, 15 Dec 2020 20:01:20 GMT
last-modified: Tue, 15 Dec 2020 19:01:21 GMT
server: Akamai Image Manager
etag: 3a3bd3f4e9be011d6374318050e3ae13-d0ef09499ff20d3f80016db60025cfe0-150
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5180410
access-control-allow-headers: x-newsapi-api-key
content-length: 5591
expires: Sat, 13 Feb 2021 19:01:30 GMT

GET
H2 200 bc421fe4c0a8f71aeaee403327995e1b
content.api.news/v3/images/bin/ 4 KB
4 KB 1156ms
583ms Image
image/jpeg 104.75.88.116
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/bc421fe4c0a8f71aeaee403327995e1b?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.116 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-116.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: be81ff2807633df188cd24c7f88668cc85cdb35b5b2b3c82ab273ccccb461b3e

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: bc421fe4c0a8f71aeaee403327995e1b
date: Tue, 15 Dec 2020 20:01:20 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 3baf3ab42005e92f997d582b96d0dc8c-bc421fe4c0a8f71aeaee403327995e1b-150
x-serial: 509
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5180213
last-modified: Tue, 15 Dec 2020 19:01:19 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 4002
expires: Sat, 13 Feb 2021 18:58:13 GMT

GET
H2 200 fb4935806e825231c6d81220d07342e8
content.api.news/v3/images/bin/ 3 KB
4 KB 1016ms
443ms Image
image/jpeg 104.75.88.116
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/fb4935806e825231c6d81220d07342e8?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.116 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-116.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 91998f86762c6801e681955069145c72b2ab0be30fa2808dd67ff49271ffde9e

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: fb4935806e825231c6d81220d07342e8
date: Tue, 15 Dec 2020 20:01:20 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 9e8634d9a5e8bfce0a79e08cd78d7dbe-fb4935806e825231c6d81220d07342e8-150
x-serial: 242
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5180324
last-modified: Tue, 15 Dec 2020 19:01:22 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 3478
expires: Sat, 13 Feb 2021 19:00:04 GMT

GET
H2 200 c3b5fc469625deca0d4e4f6f499e1bac
content.api.news/v3/images/bin/ 5 KB
5 KB 1162ms
589ms Image
image/jpeg 104.75.88.116
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/c3b5fc469625deca0d4e4f6f499e1bac?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.116 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-116.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 366511e5937957af7cf3e351417a86382e70c0f9ccfbe93fae436a12587d3daa

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: c3b5fc469625deca0d4e4f6f499e1bac
date: Tue, 15 Dec 2020 20:01:20 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 123101b9fba8f7e8a96f8af858c528e1-c3b5fc469625deca0d4e4f6f499e1bac-150
x-serial: 1629
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5180383
last-modified: Tue, 15 Dec 2020 19:01:20 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 4654
expires: Sat, 13 Feb 2021 19:01:03 GMT

GET
H2 200 44acdd7a835db485ed1cea1f2c2a9739
content.api.news/v3/images/bin/ 30 KB
30 KB 1115ms
542ms Image
image/jpeg 104.75.88.116
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/44acdd7a835db485ed1cea1f2c2a9739?width=650
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.116 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-116.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 8d10588aaf62cd5ed5f7214a97d66914ef0f80b2cfc5de7f08c067160a04d82b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: 44acdd7a835db485ed1cea1f2c2a9739
date: Tue, 15 Dec 2020 20:01:20 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 8812fc4cc6b44d4afc5ef5dd6e6cb602-44acdd7a835db485ed1cea1f2c2a9739-650
x-serial: 1473
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5136869
last-modified: Tue, 15 Dec 2020 06:57:06 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 30262
expires: Sat, 13 Feb 2021 06:55:49 GMT

GET
H2 200 05603d7fd283eeae18b8f7a62cbe4b2b
content.api.news/v3/images/bin/ 35 KB
35 KB 977ms
443ms Image
image/jpeg 104.75.88.116
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/05603d7fd283eeae18b8f7a62cbe4b2b?width=650
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.116 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-116.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 3a6722838646b533c42f31ecd9fe6f1b4e1cc328332dd661f4312de23a638cb6

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: 05603d7fd283eeae18b8f7a62cbe4b2b
date: Tue, 15 Dec 2020 20:01:20 GMT
last-modified: Tue, 15 Dec 2020 09:45:29 GMT
server: Akamai Image Manager
etag: 1179cb1bf9c0663840cda3c11f259c51-05603d7fd283eeae18b8f7a62cbe4b2b-650
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5147056
access-control-allow-headers: x-newsapi-api-key
content-length: 35630
expires: Sat, 13 Feb 2021 09:45:36 GMT

GET
H2 200 Dog_in_boot_1920x1080.jpg
origin.go.heraldsun.com.au/wp-content/uploads/2020/12/ 2 MB
2 MB 84ms
11ms Image
image/jpeg 2a04:fa87:fffd::c000:42d0
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://origin.go.heraldsun.com.au/wp-content/uploads/2020/12/Dog_in_boot_1920x1080.jpg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:42d0 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: d42605a78277db9f4d4b35ac625ec962a9698bd859d5341aa995ab195aa54d27

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:19 GMT
x-rq: ams8 109 28 443
last-modified: Mon, 14 Dec 2020 06:35:43 GMT
server: nginx
etag: "7dd2f9414560940d"
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2525653
expires: Tue, 14 Dec 2021 06:39:37 GMT

GET
H2 200 rea-logo-v4.png
s1.rui.au.reastatic.net/rui-static/img/ 8 KB
9 KB 186ms
49ms Image
image/png 2600:9000:2104:4600:1e:c291:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.rui.au.reastatic.net/rui-static/img/rea-logo-v4.png
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:4600:1e:c291:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d1bcc188f481bacf1d9ab4df424b1e041f10f45c85183d38bd2c079f0566dbda

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 12:32:13 GMT
via: 1.1 a31e887359e681523a84a0d401a4fe7c.cloudfront.net (CloudFront)
last-modified: Fri, 11 Aug 2017 05:25:43 GMT
server: AmazonS3
age: 2532546
etag: "7fb1763135890cdfa60dcb405cd51572"
x-cache: Hit from cloudfront
x-amz-version-id: itrxET0Vrz4We1UVf0nZMlYhOyBF2D8w
cache-control: max-age=20221025
x-amz-replication-status: COMPLETED
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-type: image/png
content-length: 8533
x-amz-cf-id: li5-lny8hmk7wUG6jiqiwAKkKMunyDMzObS64olqY9J1oZ57DvIbAw==

GET
H2 200 charter_bold.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 11 KB
12 KB 544ms
333ms Font
binary/octet-stream 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4a3afa2cbb934f375faa4617058d5b4e-1608062471
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:20 GMT
last-modified: Fri, 25 Sep 2020 03:04:51 GMT
server: AmazonS3
x-amz-request-id: 03A09A05F9B00284
etag: "c4ced7adf03d84494a6c1da275896d38"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=389415
accept-ranges: bytes
content-length: 11472
x-amz-id-2: 7SgQOtE5DXd+yw+muGSpBKQgUFNdC0N34VLuVoyrpGsNX+GQQMChOOxitD5N1YsghRlU3RgeUFw=
expires: Sun, 20 Dec 2020 08:11:35 GMT

GET
H/1.1 200
OK games.svg
news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/ 4 KB
5 KB 1575ms
406ms Image
image/svg+xml 52.95.132.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/games.svg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.126 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: e04775740ec8b9db7622970f707a9bf458ebb5385fc1d6a414312447f8e71ab7

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Dec 2020 20:01:22 GMT
Last-Modified: Thu, 05 Nov 2020 03:40:33 GMT
Server: AmazonS3
x-amz-request-id: B294DA52E8A55FEB
ETag: "2fa79b1c302fa407df95b287a47e01bc"
Content-Type: image/svg+xml
x-amz-version-id: mY_fhaFXa9wAEjGJ51huxNeB77eQfnyv
Accept-Ranges: bytes
Content-Length: 4533
x-amz-id-2: Uyg7GXHfKpQWblOgQFolTvSrbns/Qy+xdD7ntpPS7YxSKmkSeQ6Z/6evVgXTJ/pPgp0YvjXdvG8=

GET
H/1.1 200
OK sudoku.svg
news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/ 5 KB
5 KB 1577ms
408ms Image
image/svg+xml 52.95.132.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/sudoku.svg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.126 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: ef5fa8602198232e4f3704cf1dc886cb295af0f9906b0c9d63777b5f49852b84

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Dec 2020 20:01:22 GMT
Last-Modified: Thu, 05 Nov 2020 03:40:33 GMT
Server: AmazonS3
x-amz-request-id: 7E0485ACB18F813C
ETag: "f980b48900de5e5e318ca4e3530b2d75"
Content-Type: image/svg+xml
x-amz-version-id: EnoeaZvtrAcNuP4vk_X8AB6oSBROL97r
Accept-Ranges: bytes
Content-Length: 5207
x-amz-id-2: o2w+lhHrerS9HDJGS+06cz3+gJeuEDH0+MkEQo/WtWerJrb13xFFYrO6Mfds4rASDP3YTlWK9JM=

GET
H/1.1 200
OK NCHRS_thumb.jpg
s3-ap-southeast-2.amazonaws.com/t3-resources/prod/publications/smedia/NEWSCORPTITLES/ 22 KB
23 KB 1567ms
399ms Image
image/jpeg 52.95.134.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-ap-southeast-2.amazonaws.com/t3-resources/prod/publications/smedia/NEWSCORPTITLES/NCHRS_thumb.jpg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.134.31 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 02f6334ab84d1d5aa554abe6d5f688814588478bfd9d0698f6ff414d6ff6831a

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Dec 2020 20:01:22 GMT
Last-Modified: Tue, 15 Dec 2020 16:01:16 GMT
Server: AmazonS3
x-amz-request-id: AECF44A0CD0E6157
ETag: "ea7d208dd9a2c2b88410ce5bd372142e"
Content-Type: image/jpeg
x-amz-version-id: cDyY4v4S_CSWOr1KrjcrJwo00mc2OOCB
Accept-Ranges: bytes
Content-Length: 22853
x-amz-id-2: g7aEg7ixvF0eu9qP/mzI9zU64fMANl1I6cvK4qwNi1eOQjRWs+kZGL5PmixL9umhI2HGJYU+eCY=

GET
H2

200

heraldsun-white.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/
Redirect Chain

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun-white.svg
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fwp-content%2fthemes%2fnewscorpau-news-dna%2fdist%2fimages%2flogos%2fheraldsun-white.svg
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun-white.svg

8 KB
3 KB

130ms
129ms

Image
image/svg+xml

104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun-white.svg

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:20 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 2891
x-rq: ewr4 116 149 3106
last-modified: Fri, 04 Dec 2020 16:00:47 GMT
server: nginx
etag: W/"5fca5d2f-1e5e"
vary: User-Agent
content-type: image/svg+xml
cache-control: max-age=1916592
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Thu, 07 Jan 2021 00:24:32 GMT

Redirect headers

pragma: no-cache
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: AkamaiNetStorage
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
etag: "8222bdfdf08f1a28312e7d161218ff2d:1551324797"
vary: User-Agent
content-type: text/html
location: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun-white.svg
cache-control: max-age=0, no-cache, no-store
date: Tue, 15 Dec 2020 20:01:20 GMT
is-https: true
content-length: 154
expires: Tue, 15 Dec 2020 20:01:20 GMT

GET
H2 200 js-critical-desktop.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 6 KB
3 KB 266ms
265ms Script
application/x-javascript 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

f487dd5f3296946a50218dc22720a9ed1b777b3e1f793c9f8d434cf4ba27764a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:20 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 2509
x-rq: bom2 113 43 3167
last-modified: Tue, 15 Dec 2020 02:56:48 GMT
server: nginx
etag: W/"5fd825f0-17c3"
vary: User-Agent
content-type: application/x-javascript
cache-control: max-age=1
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Tue, 15 Dec 2020 20:01:21 GMT

GET
H2 200 title-arrow.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 540 B
859 B 120ms
119ms Image
image/svg+xml 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow.svg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4a3afa2cbb934f375faa4617058d5b4e-1608062471
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:19 GMT
last-modified: Wed, 16 Sep 2020 23:56:43 GMT
server: AmazonS3
x-amz-request-id: 4R7K4V2MCP8N6R9R
etag: "4d7595f832e4962b83a9428c3723233b"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=96499
accept-ranges: bytes
content-length: 540
x-amz-id-2: yFp+J8podmJKYyKRfQ/R6sCdmNKmc7oSxu2WJJo8l7sTrFyLYOhTILB0ssSzjaQiADalzLa82Ug=
expires: Wed, 16 Dec 2020 22:49:38 GMT

GET
H2 200 title-arrow-white.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 535 B
855 B 106ms
105ms Image
image/svg+xml 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow-white.svg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4a3afa2cbb934f375faa4617058d5b4e-1608062471
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:20 GMT
last-modified: Thu, 17 Sep 2020 00:28:25 GMT
server: AmazonS3
x-amz-request-id: BX6X5G9GEK1G9M4M
etag: "b0f5ec7455ded53e84de4fee006a5110"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=69656
accept-ranges: bytes
content-length: 535
x-amz-id-2: DaJA+c3KcMZ/NSCnfYFtodFhl20AOf2rAAm9dMwdtqM4FPtgkxYVKxyt+50eW/YJb1+mPpYz97g=
expires: Wed, 16 Dec 2020 15:22:16 GMT

GET
H2 200 charter_regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 11 KB
11 KB 382ms
298ms Font
binary/octet-stream 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_regular.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4a3afa2cbb934f375faa4617058d5b4e-1608062471
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:20 GMT
last-modified: Fri, 25 Sep 2020 03:04:51 GMT
server: AmazonS3
x-amz-request-id: 4N2W2Y6HDY8Z3Q2W
etag: "29e85ea235248e0a7761df4fe6643e1a"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=505298
accept-ranges: bytes
content-length: 11372
x-amz-id-2: Z1HhaEEhR+4SW45rFV+SZJ/QiklrgDUhrbvWmFxzzpa1Kifm2MvbbI9Ateo09sYRHNLYlfgsmGM=
expires: Mon, 21 Dec 2020 16:22:58 GMT

GET
H2 200 rampart.js Show response
www.heraldsun.com.au/remote/identity/rampart/latest/ 248 KB
78 KB 300ms
299ms Script
application/x-javascript 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

27ad1c0be127da20f7b68c8e868d9a1fa6ade3308786d297a24a5651faa32a38

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: AkamaiNetStorage
etag: "f1b190419095215938ba092e3e98262e:1606882430.472598"
vary: User-Agent, Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1369
date: Tue, 15 Dec 2020 20:01:20 GMT
is-https: true
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Tue, 15 Dec 2020 20:24:09 GMT

GET
H2 200 js-metro-desktop-lazy.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 45 KB
14 KB 291ms
291ms Script
application/x-javascript 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

83745d91266512d4c6766c97ebedb0a01c044da97cce822ff4af6eb3a3123312

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:20 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 14197
x-rq: bur8 113 43 3167
last-modified: Tue, 15 Dec 2020 02:56:48 GMT
server: nginx
etag: W/"5fd825f0-b347"
vary: User-Agent
content-type: application/x-javascript
cache-control: max-age=9
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Tue, 15 Dec 2020 20:01:29 GMT

GET
H2 200 load.js Show response
widget.perfectmarket.com/newscorpau-aud-heraldsun/ 3 KB
2 KB 575ms
293ms Script
application/javascript 151.101.113.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/newscorpau-aud-heraldsun/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c6b30be9e2ecab19294bbf313c1b95df4ef35c8299bbabfd6e4ec67d95a12376

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 7clDTlv1b9nqXkJZmi.ciVRIswky16L3
content-encoding: gzip
etag: "1a868d280f9424f5d82876d6cf0c46b9"
age: 0
x-cache: HIT, MISS
content-length: 1123
x-amz-id-2: N7yWKBmoAO62xj5Jk4J8zAgVgReWlcT/gqq80/qj1psg+zSnkkGIJ/rCneqI1ybcpGBAb3XlqH8=
x-served-by: cache-sna10724-LGB, cache-hhn4061-HHN
last-modified: Tue, 07 Apr 2020 10:39:09 GMT
server: AmazonS3
x-timer: S1608062481.513681,VS0,VE163
date: Tue, 15 Dec 2020 20:01:20 GMT
vary: Accept-Encoding,,
x-amz-request-id: 4503864EE7C2CBBE
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 0

GET
H2 200 impl.20201214-6-RELEASE.js Show response
cdn.taboola.com/libtrc/ 450 KB
104 KB 146ms
145ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20201214-6-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 3d46904b944d38dac0fe78cc6c3aad567ac826a9079ce9522147ef1c7feb158b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 2sVTA33cfaRgn0Prw5U.XCwVzohq6ybg
content-encoding: br
etag: "10bdb5807bdff4c42c4587c2d03bb5d3"
age: 1766
x-cache: HIT
content-length: 106007
x-amz-id-2: 27Bxf87SsWW7Z9R2qIVMcSYoU0fVZAPqLVzYq0lJPpRmTgRaLODbtW20Sr2c9AfJpfGjJ+b9K5M=
x-served-by: cache-fra19163-FRA
last-modified: Mon, 14 Dec 2020 11:30:09 GMT
server: AmazonS3-br
x-timer: S1608062480.226433,VS0,VE0
date: Tue, 15 Dec 2020 20:01:20 GMT
vary: Accept-Encoding
x-amz-request-id: 51DADEDDBF5F4FEB
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 22
x-cache-hits: 10786

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 445ms
171ms Script
application/x-javascript 23.37.53.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.17 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Dec 2020 20:01:20 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Wed, 16 Dec 2020 20:01:20 GMT

GET

/
heraldsun.digitaleditions.com.au/
Redirect Chain

https://www.heraldsun.com.au/digitalprinteditions
https://idp.news.com.au/idp/services/generatetoken?target=HeraldSun&url=http%3A%2F%2Fheraldsun.digitaleditions.com.au%2F
http://heraldsun.digitaleditions.com.au/

0
0

GET
H2

200

/
www.heraldsun.com.au/tributes/
Redirect Chain

https://www.heraldsun.com.au/tributes/
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2ftributes%2f&1608062480675398490
https://www.heraldsun.com.au/tributes/?nk=c3784698ad67debdabad605b729be7e5-1608062481

0
31 KB

2403ms
2402ms

Other
text/html

104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/tributes/?nk=c3784698ad67debdabad605b729be7e5-1608062481

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx/1.12.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
etag: "9f876e6d1a480ed0a6a4564c986df270"
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-subscribed: False
is-https: true
x-forwarded-proto: https
x-device: desktop
x-ua-compatible: IE=edge,chrome=1
x-arrrg5: BlaizeHappened
server: nginx/1.12.1
date: Tue, 15 Dec 2020 20:01:23 GMT
vary: User-Agent, Accept-Encoding
x-varnish: 83427635 81495193
access-control-allow-origin: http://heraldsun.finda.production.apnarm.net.au
cache-control: max-age=265
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2ftributes%2f%3fnk%3dc3784698ad67debdabad605b729be7e5-1608062481&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=&session=c3784698ad67debdabad605b729be7e5
content-length: 30172
content-type: text/html; charset=utf-8
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Tue, 15 Dec 2020 20:05:48 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:21 GMT
server: AkamaiGHost
mime-version: 1.0
etag: "05563c72b22b39afb384f19701c03047:1600838589.100191"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
location: https://www.heraldsun.com.au/tributes/?nk=c3784698ad67debdabad605b729be7e5-1608062481
cache-control: max-age=0, no-cache
content-type: text/html
content-length: 154
expires: Tue, 15 Dec 2020 20:01:21 GMT

GET
H2

200

/
www.heraldsun.com.au/subscribe/news/1/
Redirect Chain

https://www.heraldsun.com.au/subscribe/news/1/?int_medium=display&int_source=site-link&int_campaign=acq_onsite_login&int_content=link&sourceCode=HSWEB_ONS538
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fsubscribe%2fnews%2f1%2f%3fint_medium%3ddisplay%26int_source%3dsite-link%26int_campaign%3dacq_onsite_...
https://www.heraldsun.com.au/subscribe/news/1/?int_medium=display&int_source=site-link&int_campaign=acq_onsite_login&int_content=link&sourceCode=HSWEB_ONS538&nk=8fd140a320ec877ebbf88aaa9107426e-160...

0
1 KB

280ms
278ms

Other
text/html

104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/subscribe/news/1/?int_medium=display&int_source=site-link&int_campaign=acq_onsite_login&int_content=link&sourceCode=HSWEB_ONS538&nk=8fd140a320ec877ebbf88aaa9107426e-1608062481

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date: Tue, 15 Dec 2020 20:01:21 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=2336
is-https: true
ssl: yes
content-length: 912
expires: Tue, 15 Dec 2020 20:40:17 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:21 GMT
server: AkamaiGHost
mime-version: 1.0
etag: "05563c72b22b39afb384f19701c03047:1600838589.100191"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
location: https://www.heraldsun.com.au/subscribe/news/1/?int_medium=display&int_source=site-link&int_campaign=acq_onsite_login&int_content=link&sourceCode=HSWEB_ONS538&nk=8fd140a320ec877ebbf88aaa9107426e-1608062481
cache-control: max-age=0, no-cache
content-type: text/html
content-length: 154
expires: Tue, 15 Dec 2020 20:01:21 GMT

GET
H2

200

/
www.heraldsun.com.au/
Redirect Chain

https://www.heraldsun.com.au/
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&1608062480373505133
https://www.heraldsun.com.au/?nk=5b20c07bdf2d2aa4df45d5cedb907556-1608062481

0
59 KB

2339ms
2338ms

Other
text/html

104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/?nk=5b20c07bdf2d2aa4df45d5cedb907556-1608062481

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: bom2 119 100 3097
server: nginx
date: Tue, 15 Dec 2020 20:01:23 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Tue, 15 Dec 2020 20:01:23 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2f%3fnk%3d5b20c07bdf2d2aa4df45d5cedb907556-1608062481&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=&session=5b20c07bdf2d2aa4df45d5cedb907556
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Redirect headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:21 GMT
server: AkamaiGHost
mime-version: 1.0
etag: "05563c72b22b39afb384f19701c03047:1600838589.100191"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
location: https://www.heraldsun.com.au/?nk=5b20c07bdf2d2aa4df45d5cedb907556-1608062481
cache-control: max-age=0, no-cache
content-type: text/html
content-length: 154
expires: Tue, 15 Dec 2020 20:01:21 GMT

GET
H2

200

leader
www.heraldsun.com.au/
Redirect Chain

https://www.heraldsun.com.au/leader
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fleader&16080624801072922752
https://www.heraldsun.com.au/leader?nk=86348729bc20108bda013f4bbf98f0fb-1608062481

0
65 KB

2367ms
2366ms

Other
text/html

104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/leader?nk=86348729bc20108bda013f4bbf98f0fb-1608062481

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: bom2 119 89 3095
server: nginx
date: Tue, 15 Dec 2020 20:01:23 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Tue, 15 Dec 2020 20:01:23 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fleader%3fnk%3d86348729bc20108bda013f4bbf98f0fb-1608062481&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=leader&session=86348729bc20108bda013f4bbf98f0fb
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Redirect headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:21 GMT
server: AkamaiGHost
mime-version: 1.0
etag: "05563c72b22b39afb384f19701c03047:1600838589.100191"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
location: https://www.heraldsun.com.au/leader?nk=86348729bc20108bda013f4bbf98f0fb-1608062481
cache-control: max-age=0, no-cache
content-type: text/html
content-length: 154
expires: Tue, 15 Dec 2020 20:01:21 GMT

GET
H2

200

victoria
www.heraldsun.com.au/news/
Redirect Chain

https://www.heraldsun.com.au/news/victoria
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fvictoria
https://www.heraldsun.com.au/news/victoria
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fvictoria&1608062485559826381
https://www.heraldsun.com.au/news/victoria?nk=27da5035f0223ac72943672a646942f5-1608062486

0
48 KB

2502ms
2500ms

Other
text/html

104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/news/victoria?nk=27da5035f0223ac72943672a646942f5-1608062486

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: bom2 113 203 3271
server: nginx
date: Tue, 15 Dec 2020 20:01:28 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Tue, 15 Dec 2020 20:01:28 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fvictoria%3fnk%3d27da5035f0223ac72943672a646942f5-1608062486&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=victoria&session=27da5035f0223ac72943672a646942f5
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Redirect headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:26 GMT
server: AkamaiGHost
mime-version: 1.0
etag: "05563c72b22b39afb384f19701c03047:1600838589.100191"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
location: https://www.heraldsun.com.au/news/victoria?nk=27da5035f0223ac72943672a646942f5-1608062486
cache-control: max-age=0, no-cache
content-type: text/html
content-length: 154
expires: Tue, 15 Dec 2020 20:01:26 GMT

GET
H2

200

national
www.heraldsun.com.au/news/
Redirect Chain

https://www.heraldsun.com.au/news/national
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fnational
https://www.heraldsun.com.au/news/national
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fnational&1608062485157486749
https://www.heraldsun.com.au/news/national?nk=47742b7ae55aa4ee037efaa7b22aa8f2-1608062486

0
52 KB

2418ms
2415ms

Other
text/html

104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/news/national?nk=47742b7ae55aa4ee037efaa7b22aa8f2-1608062486

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: bom2 119 85 3122
server: nginx
date: Tue, 15 Dec 2020 20:01:28 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Tue, 15 Dec 2020 20:01:28 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fnational%3fnk%3d47742b7ae55aa4ee037efaa7b22aa8f2-1608062486&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=national&session=47742b7ae55aa4ee037efaa7b22aa8f2
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Redirect headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:26 GMT
server: AkamaiGHost
mime-version: 1.0
etag: "05563c72b22b39afb384f19701c03047:1600838589.100191"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
location: https://www.heraldsun.com.au/news/national?nk=47742b7ae55aa4ee037efaa7b22aa8f2-1608062486
cache-control: max-age=0, no-cache
content-type: text/html
content-length: 154
expires: Tue, 15 Dec 2020 20:01:26 GMT

GET
H2

200

world
www.heraldsun.com.au/news/
Redirect Chain

https://www.heraldsun.com.au/news/world
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fworld
https://www.heraldsun.com.au/news/world
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fworld&1608062486466283111
https://www.heraldsun.com.au/news/world?nk=edee2fd90f59e54ccf2138cd2da6867c-1608062487

0
52 KB

2619ms
2619ms

Other
text/html

104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/news/world?nk=edee2fd90f59e54ccf2138cd2da6867c-1608062487

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: bom2 113 245 3125
server: nginx
date: Tue, 15 Dec 2020 20:01:30 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Tue, 15 Dec 2020 20:01:30 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fworld%3fnk%3dedee2fd90f59e54ccf2138cd2da6867c-1608062487&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=world&session=edee2fd90f59e54ccf2138cd2da6867c
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Redirect headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:27 GMT
server: AkamaiGHost
mime-version: 1.0
etag: "05563c72b22b39afb384f19701c03047:1600838589.100191"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
location: https://www.heraldsun.com.au/news/world?nk=edee2fd90f59e54ccf2138cd2da6867c-1608062487
cache-control: max-age=0, no-cache
content-type: text/html
content-length: 154
expires: Tue, 15 Dec 2020 20:01:27 GMT

GET
H2

200

opinion
www.heraldsun.com.au/news/
Redirect Chain

https://www.heraldsun.com.au/news/opinion
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fopinion
https://www.heraldsun.com.au/news/opinion
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fopinion&1608062485702153158
https://www.heraldsun.com.au/news/opinion?nk=4d6a850fad4f3a48566ed2ffbea25b1e-1608062486

0
56 KB

2390ms
2388ms

Other
text/html

104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/news/opinion?nk=4d6a850fad4f3a48566ed2ffbea25b1e-1608062486

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: bom2 116 88 3188
server: nginx
date: Tue, 15 Dec 2020 20:01:28 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Tue, 15 Dec 2020 20:01:28 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fopinion%3fnk%3d4d6a850fad4f3a48566ed2ffbea25b1e-1608062486&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=opinion&session=4d6a850fad4f3a48566ed2ffbea25b1e
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Redirect headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:26 GMT
server: AkamaiGHost
mime-version: 1.0
etag: "05563c72b22b39afb384f19701c03047:1600838589.100191"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
location: https://www.heraldsun.com.au/news/opinion?nk=4d6a850fad4f3a48566ed2ffbea25b1e-1608062486
cache-control: max-age=0, no-cache
content-type: text/html
content-length: 154
expires: Tue, 15 Dec 2020 20:01:26 GMT

GET
H2

200

business
www.heraldsun.com.au/
Redirect Chain

https://www.heraldsun.com.au/business
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fbusiness
https://www.heraldsun.com.au/business
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fbusiness&16080624851811668366
https://www.heraldsun.com.au/business?nk=bb7e78417a49791e8e9cef0047791e21-1608062486

0
50 KB

2400ms
2399ms

Other
text/html

104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/business?nk=bb7e78417a49791e8e9cef0047791e21-1608062486

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
content-length: 50160
x-xss-protection: 1
pragma: no-cache
x-rq: bom2 113 203 3271
server: nginx
date: Tue, 15 Dec 2020 20:01:28 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Tue, 15 Dec 2020 20:01:28 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fbusiness%3fnk%3dbb7e78417a49791e8e9cef0047791e21-1608062486&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=business&session=bb7e78417a49791e8e9cef0047791e21
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Redirect headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:26 GMT
server: AkamaiGHost
mime-version: 1.0
etag: "05563c72b22b39afb384f19701c03047:1600838589.100191"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
location: https://www.heraldsun.com.au/business?nk=bb7e78417a49791e8e9cef0047791e21-1608062486
cache-control: max-age=0, no-cache
content-type: text/html
content-length: 154
expires: Tue, 15 Dec 2020 20:01:26 GMT

GET
H2

200

entertainment
www.heraldsun.com.au/
Redirect Chain

https://www.heraldsun.com.au/entertainment
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fentertainment
https://www.heraldsun.com.au/entertainment
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fentertainment&1608062485949476946
https://www.heraldsun.com.au/entertainment?nk=edee2fd90f59e54ccf2138cd2da6867c-1608062486

0
51 KB

2373ms
2372ms

Other
text/html

104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/entertainment?nk=edee2fd90f59e54ccf2138cd2da6867c-1608062486

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: bom2 118 215 3096
server: nginx
date: Tue, 15 Dec 2020 20:01:28 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Tue, 15 Dec 2020 20:01:28 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fentertainment%3fnk%3dedee2fd90f59e54ccf2138cd2da6867c-1608062486&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=entertainment&session=edee2fd90f59e54ccf2138cd2da6867c
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Redirect headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:26 GMT
server: AkamaiGHost
mime-version: 1.0
etag: "05563c72b22b39afb384f19701c03047:1600838589.100191"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
location: https://www.heraldsun.com.au/entertainment?nk=edee2fd90f59e54ccf2138cd2da6867c-1608062486
cache-control: max-age=0, no-cache
content-type: text/html
content-length: 154
expires: Tue, 15 Dec 2020 20:01:26 GMT

GET
H2

200

lifestyle
www.heraldsun.com.au/
Redirect Chain

https://www.heraldsun.com.au/lifestyle
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2flifestyle
https://www.heraldsun.com.au/lifestyle

0
48 KB

2193ms
2193ms

Other
text/html

104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/lifestyle

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: bom2 112 120 3185
server: nginx
date: Tue, 15 Dec 2020 20:01:33 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Tue, 15 Dec 2020 20:01:33 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2flifestyle&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=lifestyle&session=edee2fd90f59e54ccf2138cd2da6867c
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Redirect headers

pragma: no-cache
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: AkamaiNetStorage
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
etag: "8222bdfdf08f1a28312e7d161218ff2d:1551324797"
vary: User-Agent
content-type: text/html
location: https://www.heraldsun.com.au/lifestyle
cache-control: max-age=0, no-cache, no-store
date: Tue, 15 Dec 2020 20:01:31 GMT
is-https: true
content-length: 154
expires: Tue, 15 Dec 2020 20:01:31 GMT

GET
H2

200

sport
www.heraldsun.com.au/
Redirect Chain

https://www.heraldsun.com.au/sport
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fsport
https://www.heraldsun.com.au/sport

0
65 KB

3177ms
3176ms

Other
text/html

104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/sport

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: bom2 119 85 3122
server: nginx
date: Tue, 15 Dec 2020 20:01:33 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Tue, 15 Dec 2020 20:01:33 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fsport&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=sport&session=edee2fd90f59e54ccf2138cd2da6867c
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Redirect headers

pragma: no-cache
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: AkamaiNetStorage
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
etag: "8222bdfdf08f1a28312e7d161218ff2d:1551324797"
vary: User-Agent
content-type: text/html
location: https://www.heraldsun.com.au/sport
cache-control: max-age=0, no-cache, no-store
date: Tue, 15 Dec 2020 20:01:30 GMT
is-https: true
content-length: 154
expires: Tue, 15 Dec 2020 20:01:30 GMT

GET
H2

404

3a10d2d8ebe9c7914ba58ecb6bc330c9
www.heraldsun.com.au/uncategorized/baby-killers-ridiculous-sentence/promo/
Redirect Chain

https://www.heraldsun.com.au/uncategorized/baby-killers-ridiculous-sentence/promo/3a10d2d8ebe9c7914ba58ecb6bc330c9
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2funcategorized%2fbaby-killers-ridiculous-sentence%2fpromo%2f3a10d2d8ebe9c7914ba58ecb6bc330c9
https://www.heraldsun.com.au/uncategorized/baby-killers-ridiculous-sentence/promo/3a10d2d8ebe9c7914ba58ecb6bc330c9

0
0

2128ms
2127ms

Other
text/html

104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/uncategorized/baby-killers-ridiculous-sentence/promo/3a10d2d8ebe9c7914ba58ecb6bc330c9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-type-options: nosniff
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
content-length: 0
x-xss-protection: 1
x-rq: bom2 112 216 3099
server: nginx
date: Tue, 15 Dec 2020 20:01:32 GMT
vary: User-Agent
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
cache-control: max-age=5
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2funcategorized%2fbaby-killers-ridiculous-sentence%2fpromo%2f3a10d2d8ebe9c7914ba58ecb6bc330c9&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=3a10d2d8ebe9c7914ba58ecb6bc330c9&session=edee2fd90f59e54ccf2138cd2da6867c
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Tue, 15 Dec 2020 20:01:37 GMT

Redirect headers

pragma: no-cache
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: AkamaiNetStorage
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
etag: "8222bdfdf08f1a28312e7d161218ff2d:1551324797"
vary: User-Agent
content-type: text/html
location: https://www.heraldsun.com.au/uncategorized/baby-killers-ridiculous-sentence/promo/3a10d2d8ebe9c7914ba58ecb6bc330c9
cache-control: max-age=0, no-cache, no-store
date: Tue, 15 Dec 2020 20:01:30 GMT
is-https: true
content-length: 154
expires: Tue, 15 Dec 2020 20:01:30 GMT

GET
H2

200

/
www.heraldsun.com.au/subscribe/news/1/
Redirect Chain

https://www.heraldsun.com.au/lifestyle/smart/how-the-crown-has-brought-dianas-fashion-back-in-focus/news-story/29f9e8a17c9ce0d684d6fddc6f3b2ffa
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Flifestyle%2Fsmart%2Fhow-the-crown-has-brought-dianas-fashion-back-in-focus%2Fnews-...

0
1 KB

243ms
242ms

Other
text/html

104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Flifestyle%2Fsmart%2Fhow-the-crown-has-brought-dianas-fashion-back-in-focus%2Fnews-story%2F29f9e8a17c9ce0d684d6fddc6f3b2ffa&memtype=anonymous&mode=premium

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date: Tue, 15 Dec 2020 20:01:31 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=3564
is-https: true
ssl: yes
content-length: 912
expires: Tue, 15 Dec 2020 21:00:55 GMT

Redirect headers

date: Tue, 15 Dec 2020 20:01:30 GMT
server: AkamaiGHost
x-arrrg5: BlaizeHappened
vary: User-Agent
location: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Flifestyle%2Fsmart%2Fhow-the-crown-has-brought-dianas-fashion-back-in-focus%2Fnews-story%2F29f9e8a17c9ce0d684d6fddc6f3b2ffa&memtype=anonymous&mode=premium
expires: Tue, 15 Dec 2020 20:01:30 GMT
cache-control: max-age=0
is-https: true
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2flifestyle%2fsmart%2fhow-the-crown-has-brought-dianas-fashion-back-in-focus%2fnews-story%2f29f9e8a17c9ce0d684d6fddc6f3b2ffa&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=29f9e8a17c9ce0d684d6fddc6f3b2ffa&session=47742b7ae55aa4ee037efaa7b22aa8f2
content-length: 0
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2

200

/
www.heraldsun.com.au/subscribe/news/1/
Redirect Chain

https://www.heraldsun.com.au/business/school-banking-targets-loyalty-but-does-not-encourage-saving-asic/news-story/7befba77fa3b4991c5d9b1addc515e34
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fbusiness%2Fschool-banking-targets-loyalty-but-does-not-encourage-saving-asic%2Fnew...

0
1 KB

259ms
258ms

Other
text/html

104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fbusiness%2Fschool-banking-targets-loyalty-but-does-not-encourage-saving-asic%2Fnews-story%2F7befba77fa3b4991c5d9b1addc515e34&memtype=anonymous&mode=premium

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date: Tue, 15 Dec 2020 20:01:30 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=3034
is-https: true
ssl: yes
content-length: 912
expires: Tue, 15 Dec 2020 20:52:04 GMT

Redirect headers

date: Tue, 15 Dec 2020 20:01:29 GMT
server: AkamaiGHost
x-arrrg5: BlaizeHappened
vary: User-Agent
location: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fbusiness%2Fschool-banking-targets-loyalty-but-does-not-encourage-saving-asic%2Fnews-story%2F7befba77fa3b4991c5d9b1addc515e34&memtype=anonymous&mode=premium
expires: Tue, 15 Dec 2020 20:01:29 GMT
cache-control: max-age=0
is-https: true
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fbusiness%2fschool-banking-targets-loyalty-but-does-not-encourage-saving-asic%2fnews-story%2f7befba77fa3b4991c5d9b1addc515e34&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=7befba77fa3b4991c5d9b1addc515e34&session=27da5035f0223ac72943672a646942f5
content-length: 0
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 coronavirus
www.heraldsun.com.au/ 0
47 KB 2256ms
2255ms Other
text/html 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/coronavirus

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: bom2 114 53 3172
server: nginx
date: Tue, 15 Dec 2020 20:01:32 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Tue, 15 Dec 2020 20:01:32 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fcoronavirus&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=coronavirus&session=edee2fd90f59e54ccf2138cd2da6867c
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2

200

/
www.heraldsun.com.au/subscribe/news/1/
Redirect Chain

https://www.heraldsun.com.au/coronavirus/new-criteria-changes-wholl-get-covid19-vaccine-first/news-story/673af666e1eb8e6d4d0d8c72c2cdfb9f
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fnew-criteria-changes-wholl-get-covid19-vaccine-first%2Fnews-story%2F...

0
1 KB

256ms
256ms

Other
text/html

104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fnew-criteria-changes-wholl-get-covid19-vaccine-first%2Fnews-story%2F673af666e1eb8e6d4d0d8c72c2cdfb9f&memtype=anonymous&mode=premium

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date: Tue, 15 Dec 2020 20:01:32 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=1994
is-https: true
ssl: yes
content-length: 912
expires: Tue, 15 Dec 2020 20:34:46 GMT

Redirect headers

date: Tue, 15 Dec 2020 20:01:32 GMT
server: AkamaiGHost
x-arrrg5: BlaizeHappened
vary: User-Agent
location: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fnew-criteria-changes-wholl-get-covid19-vaccine-first%2Fnews-story%2F673af666e1eb8e6d4d0d8c72c2cdfb9f&memtype=anonymous&mode=premium
expires: Tue, 15 Dec 2020 20:01:32 GMT
cache-control: max-age=0
is-https: true
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fcoronavirus%2fnew-criteria-changes-wholl-get-covid19-vaccine-first%2fnews-story%2f673af666e1eb8e6d4d0d8c72c2cdfb9f&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=673af666e1eb8e6d4d0d8c72c2cdfb9f&session=edee2fd90f59e54ccf2138cd2da6867c
content-length: 0
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 dd2f8b737366ed1e036d8ea5e474140c
www.heraldsun.com.au/coronavirus/melbourne-traffic-congestion-is-expected-to-worsen-as-commuters-ditch-public-transport/news-story/ 0
41 KB 2177ms
2176ms Other
text/html 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/coronavirus/melbourne-traffic-congestion-is-expected-to-worsen-as-commuters-ditch-public-transport/news-story/dd2f8b737366ed1e036d8ea5e474140c

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
content-length: 40202
x-xss-protection: 1
pragma: no-cache
x-rq: bom2 116 149 3114
server: nginx
date: Tue, 15 Dec 2020 20:01:33 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Tue, 15 Dec 2020 20:01:33 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fcoronavirus%2fmelbourne-traffic-congestion-is-expected-to-worsen-as-commuters-ditch-public-transport%2fnews-story%2fdd2f8b737366ed1e036d8ea5e474140c&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=dd2f8b737366ed1e036d8ea5e474140c&session=edee2fd90f59e54ccf2138cd2da6867c
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2

200

/
www.heraldsun.com.au/subscribe/news/1/
Redirect Chain

https://www.heraldsun.com.au/news/victoria/six-properties-to-make-way-for-suburban-rail-loop-train-yard-at-former-construction-tip-site/news-story/d1a89579b60f21a703a0aedbcb950f9b
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fvictoria%2Fsix-properties-to-make-way-for-suburban-rail-loop-train-yard-at-...
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fsubscribe%2fnews%2f1%2f%3fsourceCode%3dHSWEB_WRE170_a%26dest%3dhttps%253A%252F%252Fwww.heraldsun.com.a...
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fvictoria%2Fsix-properties-to-make-way-for-suburban-rail-loop-train-yard-at-...

0
1 KB

250ms
250ms

Other
text/html

104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fvictoria%2Fsix-properties-to-make-way-for-suburban-rail-loop-train-yard-at-former-construction-tip-site%2Fnews-story%2Fd1a89579b60f21a703a0aedbcb950f9b&memtype=anonymous&mode=premium

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date: Tue, 15 Dec 2020 20:01:34 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=2082
is-https: true
ssl: yes
content-length: 912
expires: Tue, 15 Dec 2020 20:36:16 GMT

Redirect headers

pragma: no-cache
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: AkamaiNetStorage
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
etag: "8222bdfdf08f1a28312e7d161218ff2d:1551324797"
vary: User-Agent
content-type: text/html
location: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fvictoria%2Fsix-properties-to-make-way-for-suburban-rail-loop-train-yard-at-former-construction-tip-site%2Fnews-story%2Fd1a89579b60f21a703a0aedbcb950f9b&memtype=anonymous&mode=premium
cache-control: max-age=0, no-cache, no-store
date: Tue, 15 Dec 2020 20:01:34 GMT
is-https: true
content-length: 154
expires: Tue, 15 Dec 2020 20:01:34 GMT

GET
H2 200 schools-hub
www.heraldsun.com.au/education/ 0
51 KB 3387ms
3386ms Other
text/html 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/education/schools-hub

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: bom2 113 203 3271
server: nginx
date: Tue, 15 Dec 2020 20:01:35 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Tue, 15 Dec 2020 20:01:35 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2feducation%2fschools-hub&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=schools-hub&session=edee2fd90f59e54ccf2138cd2da6867c
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2

200

/
www.heraldsun.com.au/subscribe/news/1/
Redirect Chain

https://www.heraldsun.com.au/education/schools-hub/dunce-teachers-to-be-weeded-out-with-tough-test/news-story/70981f845b774d62bd0f3da3bd3f187b
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Feducation%2Fschools-hub%2Fdunce-teachers-to-be-weeded-out-with-tough-test%2Fnews-s...
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fsubscribe%2fnews%2f1%2f%3fsourceCode%3dHSWEB_WRE170_a%26dest%3dhttps%253A%252F%252Fwww.heraldsun.com.a...
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Feducation%2Fschools-hub%2Fdunce-teachers-to-be-weeded-out-with-tough-test%2Fnews-s...

0
1 KB

263ms
262ms

Other
text/html

104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Feducation%2Fschools-hub%2Fdunce-teachers-to-be-weeded-out-with-tough-test%2Fnews-story%2F70981f845b774d62bd0f3da3bd3f187b&memtype=anonymous&mode=premium

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date: Tue, 15 Dec 2020 20:01:34 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=1956
is-https: true
ssl: yes
content-length: 912
expires: Tue, 15 Dec 2020 20:34:10 GMT

Redirect headers

pragma: no-cache
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: AkamaiNetStorage
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
etag: "8222bdfdf08f1a28312e7d161218ff2d:1551324797"
vary: User-Agent
content-type: text/html
location: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Feducation%2Fschools-hub%2Fdunce-teachers-to-be-weeded-out-with-tough-test%2Fnews-story%2F70981f845b774d62bd0f3da3bd3f187b&memtype=anonymous&mode=premium
cache-control: max-age=0, no-cache, no-store
date: Tue, 15 Dec 2020 20:01:34 GMT
is-https: true
content-length: 154
expires: Tue, 15 Dec 2020 20:01:34 GMT

GET
H2

200

/
www.heraldsun.com.au/subscribe/news/1/
Redirect Chain

https://www.heraldsun.com.au/news/victoria/melbourne-suburbs-where-2020-homebuyers-have-spent-the-most-corelogic/news-story/4bd91cc6da693eed17dbf7832e18bb3b
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fvictoria%2Fmelbourne-suburbs-where-2020-homebuyers-have-spent-the-most-core...
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fsubscribe%2fnews%2f1%2f%3fsourceCode%3dHSWEB_WRE170_a%26dest%3dhttps%253A%252F%252Fwww.heraldsun.com...
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fvictoria%2Fmelbourne-suburbs-where-2020-homebuyers-have-spent-the-most-core...

0
1 KB

274ms
273ms

Other
text/html

104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fvictoria%2Fmelbourne-suburbs-where-2020-homebuyers-have-spent-the-most-corelogic%2Fnews-story%2F4bd91cc6da693eed17dbf7832e18bb3b&memtype=anonymous&mode=premium&nk=a0ff3a0e9d8b6901ecb0757770654435-1608062496

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date: Tue, 15 Dec 2020 20:01:36 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=2113
is-https: true
ssl: yes
content-length: 912
expires: Tue, 15 Dec 2020 20:36:49 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:36 GMT
server: AkamaiGHost
mime-version: 1.0
etag: "05563c72b22b39afb384f19701c03047:1600838589.100191"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
location: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fvictoria%2Fmelbourne-suburbs-where-2020-homebuyers-have-spent-the-most-corelogic%2Fnews-story%2F4bd91cc6da693eed17dbf7832e18bb3b&memtype=anonymous&mode=premium&nk=a0ff3a0e9d8b6901ecb0757770654435-1608062496
cache-control: max-age=0, no-cache
content-type: text/html
content-length: 154
expires: Tue, 15 Dec 2020 20:01:36 GMT

GET
H2

200

confidential
www.heraldsun.com.au/entertainment/
Redirect Chain

https://www.heraldsun.com.au/entertainment/confidential
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fentertainment%2fconfidential
https://www.heraldsun.com.au/entertainment/confidential
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fentertainment%2fconfidential
https://www.heraldsun.com.au/entertainment/confidential
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fentertainment%2fconfidential&16080624951697004517
https://www.heraldsun.com.au/entertainment/confidential?nk=2d74b03a24cd3369d801fd3028b64f9f-1608062496

0
49 KB

2339ms
2339ms

Other
text/html

104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/entertainment/confidential?nk=2d74b03a24cd3369d801fd3028b64f9f-1608062496

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: bom2 115 229 3098
server: nginx
date: Tue, 15 Dec 2020 20:01:38 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Tue, 15 Dec 2020 20:01:38 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fentertainment%2fconfidential%3fnk%3d2d74b03a24cd3369d801fd3028b64f9f-1608062496&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=confidential&session=edee2fd90f59e54ccf2138cd2da6867c
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Redirect headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:36 GMT
server: AkamaiGHost
mime-version: 1.0
etag: "05563c72b22b39afb384f19701c03047:1600838589.100191"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
location: https://www.heraldsun.com.au/entertainment/confidential?nk=2d74b03a24cd3369d801fd3028b64f9f-1608062496
cache-control: max-age=0, no-cache
content-type: text/html
content-length: 154
expires: Tue, 15 Dec 2020 20:01:36 GMT

GET
H2

200

/
www.heraldsun.com.au/subscribe/news/1/
Redirect Chain

https://www.heraldsun.com.au/entertainment/confidential/richmond-coach-damien-harwick-has-separated-from-his-wife-danielle/news-story/4e64d940189d4534ef1398e511cbfd50
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fentertainment%2Fconfidential%2Frichmond-coach-damien-harwick-has-separated-from-hi...

0
1 KB

978ms
978ms

Other
text/html

104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fentertainment%2Fconfidential%2Frichmond-coach-damien-harwick-has-separated-from-his-wife-danielle%2Fnews-story%2F4e64d940189d4534ef1398e511cbfd50&memtype=anonymous&mode=premium

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date: Tue, 15 Dec 2020 20:01:35 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=3600
is-https: true
ssl: yes
content-length: 912
expires: Tue, 15 Dec 2020 21:01:35 GMT

Redirect headers

date: Tue, 15 Dec 2020 20:01:34 GMT
server: AkamaiGHost
x-arrrg5: BlaizeHappened
vary: User-Agent
location: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fentertainment%2Fconfidential%2Frichmond-coach-damien-harwick-has-separated-from-his-wife-danielle%2Fnews-story%2F4e64d940189d4534ef1398e511cbfd50&memtype=anonymous&mode=premium
expires: Tue, 15 Dec 2020 20:01:34 GMT
cache-control: max-age=0
is-https: true
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fentertainment%2fconfidential%2frichmond-coach-damien-harwick-has-separated-from-his-wife-danielle%2fnews-story%2f4e64d940189d4534ef1398e511cbfd50&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=4e64d940189d4534ef1398e511cbfd50&session=edee2fd90f59e54ccf2138cd2da6867c
content-length: 0
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2

200

/
www.heraldsun.com.au/subscribe/news/1/
Redirect Chain

https://www.heraldsun.com.au/news/national/malka-leifer-can-be-extradited-to-australia-court-rules/news-story/c608fa2489819c44cc739fbfb500cc3d
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Fmalka-leifer-can-be-extradited-to-australia-court-rules%2Fnews-s...

0
1 KB

905ms
905ms

Other
text/html

104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Fmalka-leifer-can-be-extradited-to-australia-court-rules%2Fnews-story%2Fc608fa2489819c44cc739fbfb500cc3d&memtype=anonymous&mode=premium

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date: Tue, 15 Dec 2020 20:01:36 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=3521
is-https: true
ssl: yes
content-length: 912
expires: Tue, 15 Dec 2020 21:00:17 GMT

Redirect headers

date: Tue, 15 Dec 2020 20:01:36 GMT
server: AkamaiGHost
x-arrrg5: BlaizeHappened
vary: User-Agent
location: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fnational%2Fmalka-leifer-can-be-extradited-to-australia-court-rules%2Fnews-story%2Fc608fa2489819c44cc739fbfb500cc3d&memtype=anonymous&mode=premium
expires: Tue, 15 Dec 2020 20:01:36 GMT
cache-control: max-age=0
is-https: true
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fnational%2fmalka-leifer-can-be-extradited-to-australia-court-rules%2fnews-story%2fc608fa2489819c44cc739fbfb500cc3d&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=c608fa2489819c44cc739fbfb500cc3d&session=edee2fd90f59e54ccf2138cd2da6867c
content-length: 0
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 comments-count Show response
mhr.talk.news.com.au/api/v1/ 1 KB
1 KB 1465ms
1241ms Fetch
application/json 104.75.88.116
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mhr.talk.news.com.au/api/v1/comments-count?ids=673af666e1eb8e6d4d0d8c72c2cdfb9f,dd2f8b737366ed1e036d8ea5e474140c,d1a89579b60f21a703a0aedbcb950f9b,70981f845b774d62bd0f3da3bd3f187b,4bd91cc6da693eed17dbf7832e18bb3b,c269fc29e3768d9c6f099b176476220c,a1100ababae8d38b18df79b27f2450a0,be7551576f4256fb88ab537c803f2b2e,a6b16ab4804930c517850354d810e233,23a1d9cbd99f4c0ed1fceac7510703f1,ad137d5b8578da019c0bcd33d6d70060,75c6d3bf571769e07016515908fb2058,4a93aeda0e52360748563c9dceb8c60f,ff2562697d4be16b01ef58b5a7979a98,16a285cf4932910107d0d6c18493c756,99ffdf1b42b31552a15b5edf71bc16d4,762d5c0c83119f1842734daeed80aecd,b878f571f59c9e83b85fa4e124a342fd,1e38c6aa018efe2a92091dbb3282549d,fb8ce1e48d3966398cd636390f2161bb,be7551576f4256fb88ab537c803f2b2e,f2fb9c64996283a1f9d0a2e07dc7158e,84c55e2ae5a92c7445b16d87ac72c78a,7befba77fa3b4991c5d9b1addc515e34,7eb12812a24ed390dd3972b0cbfd8a46,fff85b56496da67587c56ea7250cc5ad,80d384561ff77fde612ad9c553203e0e,49912dbe3df52f3c18ca067ce79e7156,ba0deea1a8786d091afd7b96c26f6910,474b60170b6a3ab6385ce65acab14408,40db0c80c9cc3d9b9b3c75d77c56d62f,b55a5479218890624c21285bdc5f0f1b,c96209bdf77caa2e225ee8131d1659ef,9de9b3e5139b8ba437eae4d263909fa3,581db01817afb11f0b1dde400c096c89,b4f33e81269335807837ae2c06729e58,672fe5a02621ec9bf516a6ed3215038f

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.75.88.116 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-116.deploy.static.akamaitechnologies.com

Software

nginx/1.16.1 /

Resource Hash

25f84ba9cc250146477c7911324680c4ea496e638d8fc38e197698b59180ddcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.16.1
etag: W/"546-ITt2fC08l69ILJAhqZw3JLloQoQ"
x-download-options: noopen
x-dns-prefetch-control: off
content-type: application/json; charset=utf-8
access-control-allow-origin: *
date: Tue, 15 Dec 2020 20:01:21 GMT
x-talk-trace-id: 4d896a50-3f10-11eb-a045-f1871db4f7c7
vary: Accept-Encoding
content-length: 770
x-xss-protection: 1; mode=block

GET
H2 200 3000 Show response
www.heraldsun.com.au/wp-json/api/weather/ 2 KB
2 KB 314ms
308ms Fetch
application/json 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-json/api/weather/3000

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

1e4304de1ea5e28de5aff0cbf0913047cfbac0fa64295e37068dd5307971c703

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-type-options: nosniff
is-https: true
content-length: 1654
x-rq: bom2 113 203 3271
allow: GET
expires: Tue, 15 Dec 2020 20:02:17 GMT
server: nginx
date: Tue, 15 Dec 2020 20:01:20 GMT
vary: User-Agent
content-type: application/json; charset=UTF-8
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
cache-control: max-age=57
x-robots-tag: noindex
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 685ec392386f3803de1580eca5e356f7
content.api.news/v3/images/bin/ 8 KB
8 KB 489ms
486ms Image
image/jpeg 104.75.88.116
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/685ec392386f3803de1580eca5e356f7?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.116 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-116.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 74c56dc51ea7565e74edad1a94047924a3816e1c7d57ca913326e428af3a2f7d

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: 685ec392386f3803de1580eca5e356f7
date: Tue, 15 Dec 2020 20:01:20 GMT
last-modified: Tue, 15 Dec 2020 11:01:12 GMT
server: Akamai Image Manager
etag: 40039bcb26668d8c5c62aa7c020c4652-685ec392386f3803de1580eca5e356f7-150
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5151632
access-control-allow-headers: x-newsapi-api-key
content-length: 8107
expires: Sat, 13 Feb 2021 11:01:52 GMT

GET
H2 200 4a73eed5d33698f28884fb2652f34189
content.api.news/v3/images/bin/ 5 KB
6 KB 488ms
485ms Image
image/jpeg 104.75.88.116
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/4a73eed5d33698f28884fb2652f34189?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.116 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-116.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 38bba6edf1f5150a76307f4bb0c67a75615c074786885feaf18513d10687aef0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: 4a73eed5d33698f28884fb2652f34189
date: Tue, 15 Dec 2020 20:01:20 GMT
last-modified: Tue, 15 Dec 2020 10:31:50 GMT
server: Akamai Image Manager
etag: 80654862ab6795f9edd2f7c5e0a9abc8-4a73eed5d33698f28884fb2652f34189-150
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5149839
access-control-allow-headers: x-newsapi-api-key
content-length: 5313
expires: Sat, 13 Feb 2021 10:31:59 GMT

GET
H2 200 da222ec1b4b1d27deaa44fdb4fd485e3
content.api.news/v3/images/bin/ 7 KB
7 KB 488ms
485ms Image
image/jpeg 104.75.88.116
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/da222ec1b4b1d27deaa44fdb4fd485e3?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.116 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-116.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: b3828bdc8ad17fcf8de3fc5ff15c8ebac5de01f4c19c491138426eacf21d4b37

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: da222ec1b4b1d27deaa44fdb4fd485e3
date: Tue, 15 Dec 2020 20:01:20 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 01b1a2cc8a3ea9668e5343ac34c564b9-da222ec1b4b1d27deaa44fdb4fd485e3-150
x-serial: 198
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5145006
last-modified: Tue, 15 Dec 2020 09:11:31 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 7014
expires: Sat, 13 Feb 2021 09:11:26 GMT

GET
H2 200 authorize
login.newscorpaustralia.com/ Frame A0E8 0
0 734ms
467ms Document
text/html 92.122.106.155
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=HCZjAabhY24jju_qBRNdoJhQfrhIG-oJ&nonce=2CnBxF8nEi11He3p-JddZ_6VFlS~rQOc&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

92.122.106.155 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-122-106-155.deploy.static.akamaitechnologies.com

Software

openresty /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: login.newscorpaustralia.com
:scheme: https
:path: /authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=HCZjAabhY24jju_qBRNdoJhQfrhIG-oJ&nonce=2CnBxF8nEi11He3p-JddZ_6VFlS~rQOc&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

server: openresty
content-type: text/html;charset=UTF-8
ot-tracer-spanid: 715a1403115046cd
ot-tracer-traceid: 690127895bea287b
ot-tracer-sampled: true
ot-baggage-auth0-request-id: 28434-1608062480.971-23.55.162.137-1458-578145816-7-0.000
x-auth0-requestid: da8a8f5dc98a29c13bd9
x-ratelimit-limit: 1000
x-ratelimit-remaining: 999
x-ratelimit-reset: 1608062481
content-encoding: gzip
strict-transport-security: max-age=31536000
x-akamai-transformed: 9 534 0 pmb=mTOE,3
expires: Tue, 15 Dec 2020 20:01:21 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 15 Dec 2020 20:01:21 GMT
content-length: 838
vary: Accept-Encoding
set-cookie: did=s%3Av0%3A4d0f7f60-3f10-11eb-b304-7b17c8fe4505.Tgj1%2BQgvij%2BafJejYcl6htEDhfr6LroCSamoJpgyHp4; Max-Age=31557600; Path=/; Expires=Thu, 16 Dec 2021 02:01:20 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A4d0f7f60-3f10-11eb-b304-7b17c8fe4505.Tgj1%2BQgvij%2BafJejYcl6htEDhfr6LroCSamoJpgyHp4; Max-Age=31557600; Path=/; Expires=Thu, 16 Dec 2021 02:01:20 GMT; HttpOnly; Secure ak_bmsc=C29C6A380DBFF02D586C4E8F1F7E366CC16C5EA7AE5C00001116D95F3354532A~plxTFJxJ5/SULynW82hk1carcAaK982Ro0Fpd8zIp4k5eFm1CM5Ovor0P2Y/2JwHfXdasi3MsnYNs3Z/fQhJrDEu7p2kVUXEBWI165/55aiS3ckV7k9LnJmZlUz1j65kyjbFb8T0qoPd3qeGabcrZKCzf4HL3/oCfEJcuObhyIbxBVSX9ywak3TiCt57so/dUeXEURk9XtaEc65SXraSbvH2yZn3bfXiBaGC9riDTkndeYGvuOdr35hoc0/wtbaDxv; expires=Tue, 15 Dec 2020 22:01:21 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=3C796D97A34CF53FF110FDB2F479357F~9/otd7tBOgK24pBJNEc9Ra62fIwSbxsBs6eKN2NA4UAV56NeeneCyf83UeQMRrOSVNl4qPe39/HW2rKEPOhj8d4Bhosc/Jt+pSr7oRHYhPlU0l448rUEZoQ2HpcHbG/pTTduaNdsnV7CHXlRNP+uoqPnR8evpvc21gVEH1wCoE0m85SV/NWULayE+LvnvpYnax8u0l4iV3NH2RqoSSdIEyt0ikJBzStbFUiVzu/uQ8tqaE+pzUUIkr7IRO85SWV0; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=5173E28694EB2E3874AFC73152D0A314~YAAQp15swan/q2Z2AQAAIzP+ZwqUbOTkm4Mez4ir07FkaqLQF3zmXo3UtdweXKIYJOiIojFduOpJNVh4mFzG/Pgbph24XD12h44WJf7+Ivgtv9TzPmduU33oQcTn7muBjXKEAhRS5nFINC52urUDV0u7l0jrncB3SaoMKyK9BTRSr9zqvt94nFLLNGaC8lXP66dTxLhYBLYsJA==; Domain=.newscorpaustralia.com; Path=/; Expires=Wed, 16 Dec 2020 00:01:20 GMT; Max-Age=14399; HttpOnly _abck=5B5A0810AD967AAA7FFF3FACB8C6BD42~-1~YAAQp15swar/q2Z2AQAAIzP+ZwWhABVQcH8eWykgWxkUlRp0n3l1cto8A8B9dwMobfhL3pEYdBrFCHknF4FDbfMTcx3BuR6OcQ8c1WW4RfP3XNdk2EBWZfjfWrrLILaa4RGeonY1fy74Q/C/ke1Ou/xe2M7NMtL7ahP/Iy0GD8KwHVITpaIT75GbO+XMeHGr8GsseFDEHIyXamad9QCFBDk4WFdQFWOZ0tapWTSOHTM/McNn0ugdqr+dxtkggqQqYckduj/WRUY4fO+EECIRE+0wLYdiOxaLCfy16LZQDexboHyhmZQzYGPgwncvujUzyZ8rAqw=~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Wed, 15 Dec 2021 20:01:21 GMT; Max-Age=31536000; Secure

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 3 KB
1 KB 323ms
116ms Script
application/x-javascript 23.37.61.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.sync.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.61.47 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-61-47.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 34d7e05910aac6f533cb31a9dffc4e37213c93c3b90a545b4f3bcedea3e6d03c

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:20 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 00:59:52 GMT
server: AkamaiNetStorage
etag: "32dbeac6f93a14f6e0b28daba07aa294:1607993992.778839"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 1235
expires: Tue, 15 Dec 2020 20:06:20 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 70 KB
19 KB 225ms
146ms Script
application/x-javascript 23.37.61.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.61.47 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-61-47.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 37839f90f9c430af4b063874e26d8986b8ceb01ebcdad7eedb4977c833116693

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:20 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 00:59:52 GMT
server: AkamaiNetStorage
etag: "59bda7243b0fc7e08ca82d70f35e8dbe:1607993992.156774"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 18842
expires: Tue, 15 Dec 2020 20:06:20 GMT

GET
H2 200 indies-loader.js Show response
ts2020-indies-client.web.app/ 7 KB
3 KB 317ms
117ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://ts2020-indies-client.web.app/indies-loader.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1136fd8d6ff6f21847aab9abfab903a5a0e2f26a6f621f34af563def44ceb81c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
last-modified: Thu, 17 Sep 2020 07:41:38 GMT
x-timer: S1608062481.104456,VS0,VE1
etag: "16a0649956d88d08059c392d3f4b3b1b1b6ee7a364d1e3444626bf6439417ed3-br"
x-served-by: cache-ams21074-AMS
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Tue, 15 Dec 2020 20:01:21 GMT
accept-ranges: bytes
content-length: 2338
x-cache-hits: 1

GET
H2 200 js-vidora-client.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 6 KB
3 KB 233ms
232ms Script
application/x-javascript 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

f75772cc182eeecd95e8887564f7d5b21bbd6c035b3d664ece5a6893071db987

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:21 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 2886
x-rq: ewr4 114 53 3172
last-modified: Tue, 15 Dec 2020 02:56:42 GMT
server: nginx
etag: W/"5fd825ea-19e5"
vary: User-Agent
content-type: application/x-javascript
cache-control: max-age=1
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Tue, 15 Dec 2020 20:01:22 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.6.3/css/ 52 KB
13 KB 223ms
73ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:20 GMT
content-encoding: gzip
last-modified: Thu, 20 Dec 2018 17:45:13 GMT
server: NetDNA-cache/2.2
etag: W/"dc93d584e41f8417f6b7163320d34329"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 json Show response
trc.taboola.com/newscorpau-aud-heraldsun/trc/3/ 3 KB
2 KB 470ms
464ms XHR
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/newscorpau-aud-heraldsun/trc/3/json?tim=21%3A01%3A20.764&lti=deflated&data=%7B%22id%22%3A319%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1608039812683%2C%22vi%22%3A1608062480664%2C%22cv%22%3A%2220201214-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A9172%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-midrail-native%3Aabp%3D0%22%2C%22uip%22%3A%22Desktop%20Mid%20Rail%20Home%20Native%22%2C%22orig_uip%22%3A%22Desktop%20Mid%20Rail%20Home%20Native%22%2C%22cd%22%3A982%2C%22mw%22%3A194%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CDesktop%20Mid%20Rail%20Home%20Native%3Dthumbnails-midrail-native%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201214-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c0655069beb80e832c054d2529725dcafb4a663d4a9c32e44cb90008cd67bcfb

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 407
date: Tue, 15 Dec 2020 20:01:21 GMT
content-encoding: gzip
server: nginx
x-timer: S1608062481.818415,VS0,VE407
x-served-by: cache-fra19163-FRA
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.heraldsun.com.au
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1608062480805&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=ht...
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1608062480805&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=h...

0
528 B

126ms
125ms

Image
text/plain

23.37.53.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1608062480805&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9=&cs_ak_ss=1
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.17 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Dec 2020 20:01:21 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1608062480805&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Tue, 15 Dec 2020 20:01:21 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pmk-202003261.4.js Show response
widget.perfectmarket.com/newscorpau-aud-heraldsun/ 111 KB
31 KB 72ms
71ms Script
application/javascript 151.101.113.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/newscorpau-aud-heraldsun/pmk-202003261.4.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/newscorpau-aud-heraldsun/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f6f9b28ce46bc46d6dc12b7a3e09437e46b159144cf7ea835cfd4702cad05ad8

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: vvUnpxiCp2d1vGKAsSzC893juA9_vk_J
content-encoding: gzip
etag: "b7fcedf037c57085d364b689ca46f32e"
age: 9998491
x-cache: HIT, HIT, HIT
content-length: 30954
x-amz-id-2: TG49UWLSXX/7JOu+pu/KWBF6lPU+j/sA4SNskqAGNRvS7P8ejY6LRwed0jVXlMerBXwRC25qwP8=
x-served-by: cache-lax8636-LAX, cache-lax10627-LGB, cache-hhn4061-HHN
last-modified: Tue, 07 Apr 2020 10:39:09 GMT
server: AmazonS3
x-timer: S1608062481.865549,VS0,VE1
date: Tue, 15 Dec 2020 20:01:20 GMT
vary: Accept-Encoding,,,
x-amz-request-id: 9758181B46377FE5
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 2, 1, 1

GET
H2 200 authorize
login.newscorpaustralia.com/ Frame 5A11 0
0 562ms
562ms Document
text/html 92.122.106.155
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=S6jwSGVPT2Hv-cQURJID75arfU~DB3Cu&nonce=LtwD7KT0Q~0NdiaicBY2gf4T5dhi5UA.&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

92.122.106.155 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-122-106-155.deploy.static.akamaitechnologies.com

Software

openresty /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: login.newscorpaustralia.com
:scheme: https
:path: /authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=S6jwSGVPT2Hv-cQURJID75arfU~DB3Cu&nonce=LtwD7KT0Q~0NdiaicBY2gf4T5dhi5UA.&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

server: openresty
content-type: text/html;charset=UTF-8
ot-tracer-spanid: 166df1ca60d40e1b
ot-tracer-traceid: 57c51b853a19fd1e
ot-tracer-sampled: true
ot-baggage-auth0-request-id: 30572-1608062481.230-23.55.162.137-1458-578400714-8-0.000
x-auth0-requestid: 1840c1cafce2c4b015b4
x-ratelimit-limit: 1000
x-ratelimit-remaining: 999
x-ratelimit-reset: 1608062482
content-encoding: gzip
strict-transport-security: max-age=31536000
x-akamai-transformed: 9 538 0 pmb=mTOE,3
expires: Tue, 15 Dec 2020 20:01:21 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 15 Dec 2020 20:01:21 GMT
content-length: 842
vary: Accept-Encoding
set-cookie: did=s%3Av0%3A4d370490-3f10-11eb-bfb6-6d5a87556414.bzbZEeWEd55D8ZhIX3ZsOe7wB6jC%2ByAY6DGWdIyAkOk; Max-Age=31557600; Path=/; Expires=Thu, 16 Dec 2021 02:01:21 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A4d370490-3f10-11eb-bfb6-6d5a87556414.bzbZEeWEd55D8ZhIX3ZsOe7wB6jC%2ByAY6DGWdIyAkOk; Max-Age=31557600; Path=/; Expires=Thu, 16 Dec 2021 02:01:21 GMT; HttpOnly; Secure ak_bmsc=6989E510F8E669E91E17A92641E432B0C16C5EA7AE5C00001116D95F55324007~plReqo4lXm7nI6PdNb3WpQgvONpkof4VskC4OPYqq0Wb8cLY1G/x0uWGrwR8c7BlnCU7EGjxZz3ycviaejKBnak2a69s8n3aGw5fzrWyfKbFM6mOY6CNHIU/Hb36SeUEdF9UkUt26mFAA5vGXXDf0IJLxkYLKXJU8BMh0ZmfGRxXMPQfI2GPuCxP3dYtJfZQFTcyS+yvsxiOxXLU9HRmRKLP/S6KeQwGWUaX21tj4GkFAe7v6+NQ8A5Q+Mlc2vE4Bk; expires=Tue, 15 Dec 2020 22:01:21 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=D8AC05F3FEA1771EA8F0842A3D016BAF~9/otd7tBOgK24pBJNEc9Rd45hbqBRwvxOnO64d/oCD+wuq8AaItZFSFb4/DkA8mXhN+8q9J4+fyIjEpLQJMaqrONWLjNCC6JnH9ll9woiMbPEWtWEi0+F1l0+FLVtrUP0GtX+a7BPqB616WwktSzScfR0aIWrfjYKSjcRLHWPw7jmcM/ots9+CoO88DiehVWb4kq19FKsX5QvsvRpbGwVXJdeXHnrVAQVjtO7r497FF9UKSlRDjdycGHIzV9SaLo; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=2759F47C236F6F7E83D75D36514950F5~YAAQp15swbn/q2Z2AQAA6DP+Zwq3/McTYKX2aSWMpguFH3/myhpvujFSZ0tLDGjsKVC9U4haAYNY/dr91gIPweo5FTb7daqTX0OHMzlVOnGzuVE+x8v97osG5CV2ULASTriRORbwXEMJeLauHp0DKKqe2YY3QAOnKTzeR0nTooWFTJuIyEtMyJyOdabfP+elojm5M21tAlGaS08=; Domain=.newscorpaustralia.com; Path=/; Expires=Wed, 16 Dec 2020 00:01:21 GMT; Max-Age=14400; HttpOnly _abck=2ACFAD63130704205780C89A0F6DEECD~-1~YAAQp15swbr/q2Z2AQAA6DP+ZwX2cpLxRJ12yjgCQ6h86pbP+3orhFTIu5LAEF7RyC/s6WtpYwv2bED2X3ynIBC913Axd32ZVWOFxW3js9IC11qHAzfhQsKRcu0MSC1liGNpka1h0sg6LT4sCDi/8ZEPbI1hf7YbswgE9aQz/Nx2ljwVX+a3gCnsL1B+bAL1ygZXwJnT9l2dNzLcFztC5QibH+o6I9dJp5uBycq8hcHfO5K2AQAgsGFHpuGg1ZyZd6pJl2VaJ+G7kn73ONjF9GfboqjuLNpLhjHz71Dcw5KH3VImsEUZKRkhJLpQbICzFl1Vkw0=~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Wed, 15 Dec 2021 20:01:21 GMT; Max-Age=31536000; Secure

GET
H2 200 utrack.js Show response
tags.news.com.au/prod/utrack/ 2 KB
1 KB 127ms
126ms Script
application/x-javascript 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/utrack/utrack.js?cb=16080624809860.08972545266652676
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7eab82ead1480897c3dedd5c6b4ef4ec553efacdca1ce23c3acd6bd8e9621046

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:21 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "ab4f3fe7c5c43b61d4377ef72d3952fa:1558613430"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=0, no-cache, no-store
content-type: application/x-javascript
content-length: 832
expires: Tue, 15 Dec 2020 20:01:21 GMT

GET
H2 200 mitas.js Show response
tags.news.com.au/prod/mitas/ 666 B
905 B 120ms
120ms Script
application/x-javascript 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/mitas/mitas.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:21 GMT
cache-control: max-age=32128
server: AkamaiNetStorage
content-type: application/x-javascript
etag: "83a2bbd4d3829f1d4278f4ff0988804c:1490850995"
content-length: 666
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"

GET
H2 200 B7670439;dcadv=4149947;sz=1x2;ord=812740924318.7706 Show response
ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/ 16 KB
6 KB 364ms
131ms Script
text/javascript 216.58.208.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=812740924318.7706?

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.208.38 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f38.1e100.net

Software

cafe /

Resource Hash

4821d5b0ffb00e563d948d49c60afbfc7bb567e340f6e34ba4741f9a3e458b92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5801
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dae9dd8e4cf2883023928e196d10f713
content.api.news/v3/images/bin/ 14 KB
14 KB 194ms
193ms Image
image/webp 104.75.88.116
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/dae9dd8e4cf2883023928e196d10f713?width=320
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.116 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-116.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: d1a3bc73f51534788911fbc36f882cf5e8981830226e3b98d088519b9024aadc

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: dae9dd8e4cf2883023928e196d10f713
date: Tue, 15 Dec 2020 20:01:21 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 2651fabaae31fcb794300985dac96759-dae9dd8e4cf2883023928e196d10f713-320
x-serial: 1902
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5141308
last-modified: Tue, 15 Dec 2020 08:11:06 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 13858
expires: Sat, 13 Feb 2021 08:09:49 GMT

GET
H2 200 a25efa9bdb434e7c51e628bebc2b8d16
content.api.news/v3/images/bin/ 10 KB
11 KB 1548ms
1547ms Image
image/jpeg 104.75.88.116
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/a25efa9bdb434e7c51e628bebc2b8d16?width=320
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.116 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-116.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 6312c236f2a15fbafa9ce8c42658708fc4403056acb9689aaae5e8d6fa346da2

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: a25efa9bdb434e7c51e628bebc2b8d16
date: Tue, 15 Dec 2020 20:01:22 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 046a4cc5f0f8bd8d39bb3cbea5820e2c-a25efa9bdb434e7c51e628bebc2b8d16-320
x-serial: 1363
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5131104
last-modified: Tue, 15 Dec 2020 05:21:30 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 10633
expires: Sat, 13 Feb 2021 05:19:46 GMT

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 69 KB
23 KB 59ms
21ms Script
application/x-javascript 2600:9000:2104:f200:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:f200:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 06e9f93163cce0aa6698b5dbdd52d0ea860a91aa75e80d724051e67e6f0304f3

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 18:43:38 GMT
content-encoding: gzip
last-modified: Wed, 14 Oct 2020 02:31:43 GMT
server: nginx
age: 4663
etag: W/"5f86630f-112ec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 241b025da3883bdb653910a6da97c0a8.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: zKrIL4mEPYbqJgJDIbBiUDdznjRl4-ViB670MHW8hNYDtulTaH4arQ==
expires: Tue, 15 Dec 2020 20:43:38 GMT

GET
H2 200 metrics.js Show response
tags.news.com.au/prod/metrics/ 177 KB
61 KB 121ms
121ms Script
application/x-javascript 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/metrics/metrics.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 120be8f5d061203ea26fd4bd2043201d6f06a7fce30cd7104e01c5dfafb48cd7

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:21 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "032ddabb406fd4179075624c01a76c5d:1606693368.080684"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=39243
content-type: application/x-javascript

GET
H2 200 tad.js Show response
tags.news.com.au/prod/tad/ 98 KB
29 KB 261ms
257ms Script
application/x-javascript 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/tad/tad.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7aa0de94f2a1424b10a2a72a14372c7ebd96a41a96cc86aff80bdd7e1f2a3782

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:21 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "9fe78c0aa76460a3c0378bcb80647421:1607915792.033366"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=17551
content-type: application/x-javascript
content-length: 29304

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 54 KB
19 KB 380ms
133ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

sffe /

Resource Hash

d59bb3ed1515ef903ce58fc46f805b9cef3581d3af4d5ba852ae59b2399d68f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "725 / 100 of 1000 / last-modified: 1608034737"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18850
x-xss-protection: 0
expires: Tue, 15 Dec 2020 20:01:21 GMT

GET
H2 200 prebid.js Show response
tags.news.com.au/prod/prebid/ 327 KB
98 KB 242ms
241ms Script
application/x-javascript 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/prebid/prebid.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b748ce6a5a5ea9c905bca2845dab6456c5232bead14b02fca00864562e98bfda

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:21 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "079b5880b9ed74f5d265d6b9199a2e85:1601422697.718452"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=29529
content-type: application/x-javascript

GET
H2 200 nielsen.js Show response
tags.news.com.au/prod/nielsen/ 21 KB
9 KB 196ms
195ms Script
application/x-javascript 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ebaf330ad588600b4b748410b4f77f3cd9c4abc18e3a240156bc6ac9814cf896

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:21 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "25edec9c399349e0480c59ebca3d0a23:1607918432.510353"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=20169
content-type: application/x-javascript
content-length: 8648

GET
H2

200

v60.js Show response
cdn-gl.imrworldwide.com/
Redirect Chain

https://secure-gl.imrworldwide.com/v60.js
https://cdn-gl.imrworldwide.com/v60.js

21 KB
7 KB

51ms
15ms

Script
application/javascript

2600:9000:2093:3a00:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/v60.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2093:3a00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 75481bc06d1b02e50fd1cc921a7838e3af6caa9b8c0745b50182ebf29f195e20

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: .KrDWJ6YcsmnfI6j8sx8eWw9CjCealBE
content-encoding: gzip
etag: "cc7339d315e5ab16597dd66d153a0e7e"
last-modified: Mon, 12 Oct 2020 13:35:53 GMT
server: AmazonS3
age: 1269
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 918126cde448a82c2757fd37058ea3ec.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Tue, 15 Dec 2020 19:40:13 GMT
x-amz-cf-pop: HAM50-C1
x-amz-cf-id: xLTMf5i8AVgKEquSzrY4Y8KFkZmvoN8IH6fce41CLDpK_vHp0I5LfA==

Redirect headers

date: Tue, 15 Dec 2020 20:01:21 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
server: awselb/2.0
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
content-type: text/html
location: https://cdn-gl.imrworldwide.com:443/v60.js
content-length: 134
x-amz-cf-id: 9cMPcWkhyvADsi37hFn-4h3KkAvoKdNyuVFfw6GtfWwnWJ2ji6qMSw==

GET
H/1.1 200
OK ncg.js Show response
au.tags.newscgp.com/prod/ncg/ 155 KB
48 KB 962ms
648ms Script
text/javascript 99.86.7.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.20 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-20.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 53c25ccb7181178c52c32fdf5e58a55d730bbfe8e45db600886adfb33d88411b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Dec 2020 19:02:36 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Thu, 05 Nov 2020 07:14:18 GMT
Server: AmazonS3
Age: 3536
ETag: "ae1b1b3c735b9c3894bc20532056e9de"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70f.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA6-C1
X-Amz-Cf-Id: pwv7NhngA2P3eDefSWry3rLBgiGgNJUN-JLFKhoaawyGxVam753q0g==

GET
H2 200 utag.975.js Show response
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 3 KB
1 KB 166ms
166ms Script
application/x-javascript 23.37.61.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.975.js?utv=ut4.46.202012150059
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.61.47 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-61-47.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b764af95d9d52c77cae46fd77f6cff6380e1c56e2a72aad477cffa48417586e1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:21 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 00:59:51 GMT
server: AkamaiNetStorage
etag: "49fd633b43b8cf51d6769f750a771264:1607993991.21714"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1285
expires: Wed, 30 Dec 2020 20:01:21 GMT

GET
H2 200 utag.985.js Show response
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 2 KB
1 KB 167ms
167ms Script
application/x-javascript 23.37.61.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.985.js?utv=ut4.46.201911200449
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.61.47 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-61-47.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d5ba954163b526260314b95b75779981e8bc6645c4b3a7bd40cede3ba2799c80

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:21 GMT
content-encoding: gzip
last-modified: Wed, 20 Nov 2019 04:49:47 GMT
server: AkamaiNetStorage
etag: "a2af0d00bb0e150c0e6e47d44b9436d7:1574225387.905732"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 900
expires: Wed, 30 Dec 2020 20:01:21 GMT

GET
H2 200 authorize
login.newscorpaustralia.com/ Frame 68B8 0
0 494ms
493ms Document
text/html 92.122.106.155
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=LhaT4Od.bVwFa3.SJOVUkt2eJvdCT_Cw&nonce=4orYjlNLEIEJymobtTLYtSzuOiv65wjK&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

92.122.106.155 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-122-106-155.deploy.static.akamaitechnologies.com

Software

openresty /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: login.newscorpaustralia.com
:scheme: https
:path: /authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=LhaT4Od.bVwFa3.SJOVUkt2eJvdCT_Cw&nonce=4orYjlNLEIEJymobtTLYtSzuOiv65wjK&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

server: openresty
content-type: text/html;charset=UTF-8
ot-tracer-spanid: 7110a18e5b9dcb04
ot-tracer-traceid: 0e9edf6f4053f901
ot-tracer-sampled: true
ot-baggage-auth0-request-id: 28434-1608062481.416-23.55.162.137-1458-578145816-8-0.000
x-auth0-requestid: f9324b7ba2c8d3378439
x-ratelimit-limit: 1000
x-ratelimit-remaining: 999
x-ratelimit-reset: 1608062482
content-encoding: gzip
strict-transport-security: max-age=31536000
x-akamai-transformed: 9 531 0 pmb=mTOE,3
expires: Tue, 15 Dec 2020 20:01:21 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 15 Dec 2020 20:01:21 GMT
content-length: 837
vary: Accept-Encoding
set-cookie: did=s%3Av0%3A4d538d40-3f10-11eb-a0e1-491926c96140.K%2Bl5dx1vI6wlMC4V9b%2Bw0MxoxXJgiZw9EZoeDpkULEs; Max-Age=31557600; Path=/; Expires=Thu, 16 Dec 2021 02:01:21 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A4d538d40-3f10-11eb-a0e1-491926c96140.K%2Bl5dx1vI6wlMC4V9b%2Bw0MxoxXJgiZw9EZoeDpkULEs; Max-Age=31557600; Path=/; Expires=Thu, 16 Dec 2021 02:01:21 GMT; HttpOnly; Secure ak_bmsc=33DBDCCF52A262D249632151C0BC6915C16C5EA7AE5C00001116D95F1A289C4A~pldswROm9wHL81vrgsY5BRHbYvWO7P4LvN5ILUvxMtmo1soDZk1XwFuVqaJtgdug0BGiZ1WlxoCsrpUVmc9ddnCGPMg9AenAL9nXOuIE2GOUguzfY5+RKEJAAsb2q4V2zUFZ21lEpK9oCCc8RHfqefaq5aPbuDIn0imdDiNYV8WM86gBOu4Rx6G/ZyG/ARd3g0Xt183NqwvRROc2z3qpo6E0mxgKPFPRNN3QnMzft+MQUAF8vL97jImZnQNeRfNjsg; expires=Tue, 15 Dec 2020 22:01:21 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=05548158FB055AEB3D073C603D4F845C~9/otd7tBOgK24pBJNEc9RXz/x0RaSpAioY/VHvtJQ91izFfoHQgLeg0Ko0BR+JpOFy3P8uBrqFyi9NUsehPcZD+jnc7f1eETPwWlbotXRY+e4XMwzz0cagWwZ2VWyve2c30c2LSLNOUhZPFYZor4MXQaq7luQ4A/iNX+6JRObOzrG1bH8DET2/jzFtx8umO5eULN9lY6KhOLQfhYAzJ4T3Hh5RVWRCiekjcVm7+75zr4qEGr6HGfz6cXrsnQc+rZ; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=79CBE5BF8FFF4FD9F627B10E4E7EC85B~YAAQp15swcX/q2Z2AQAApDT+ZwoUu7pZXW9PVRsXMamTuuQ5fdHgai269yyCsK9/krqkfJVe3nKar2rN9ZLrM26wBy3ZUnXNy4rp2Dq0P0ylEz9RKu48bTeo4udUDZvt6CVssJcGcc6Ko214kfQArwljCv2pgj45YNsOHWm36+2xf41KPVMaqcGZkgUy7S9wcDMCBwF6rlfh2vA=; Domain=.newscorpaustralia.com; Path=/; Expires=Wed, 16 Dec 2020 00:01:21 GMT; Max-Age=14400; HttpOnly _abck=AF3DF4037D9A0C03761B1E446ACCC47D~-1~YAAQp15swcb/q2Z2AQAApDT+ZwWaDl9EC+ipFw0jkRwVKim+SW4eB6diOKfUmx64Odjo9YeK//wHVK/j6nnWBOlE3vCt6N/vDhKCTLGYtBCZ9Njt9903uzEuZqxr6FtyB8p0NRh1XPEZsdi9fZhoON8StVmJOMvbaUJ6aFeejmT6O60nLMKB+uClzQI0SFzfRN/blZgoouu+YiVKOZ71/XxrDWkaweONukdTgIehNF5zHsYF8dADg00t37Vm/j5ude5aKuC8cnbLYwv5tI43aAXMnV37YdXa1L5tgRKUblMXJr2+a7VOdsCu/F1revpkaIM8UCM=~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Wed, 15 Dec 2021 20:01:21 GMT; Max-Age=31536000; Secure

GET
H2 200 vidora-client.1.x.x.min.js Show response
assets.vidora.com/js/ 8 KB
4 KB 249ms
184ms Script
application/javascript 2600:9000:206f:b800:4:77d:a0c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:b800:4:77d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 08052c2c99dd94a7e638999360264f21fd6ea6c6e7f0c9fbaf55e11cd4fe314f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 00:25:43 GMT
content-encoding: gzip
last-modified: Wed, 08 Apr 2020 14:24:21 GMT
server: AmazonS3
age: 70539
etag: "09285b59e7b4661ace266ee756c7b3f3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: -g4-HReoH9VJuEp7nFSl4hZfpPJAuQuueX-L7432G49mklvg4G3raw==

GET
H2 200 c6953ffdfab4d5538fa60f41c089d62a
content.api.news/v3/images/bin/ 14 KB
15 KB 225ms
225ms Image
image/jpeg 104.75.88.116
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/c6953ffdfab4d5538fa60f41c089d62a?width=320
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.116 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-116.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 4a74783c0bb7bcbcfeae64e9d4b2f3dfb55df5899f6ecef63bca3b2063c1a566

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: c6953ffdfab4d5538fa60f41c089d62a
date: Tue, 15 Dec 2020 20:01:21 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: f53dd14da5b358c45f2646a7cb95b6b2-c6953ffdfab4d5538fa60f41c089d62a-320
x-serial: 1975
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5146698
last-modified: Tue, 15 Dec 2020 09:39:16 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 14809
expires: Sat, 13 Feb 2021 09:39:39 GMT

GET
H2 200 hotjar-465845.js Show response
static.hotjar.com/c/ 4 KB
2 KB 483ms
190ms Script
application/javascript 52.84.50.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-465845.js?sv=6

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.50.90 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-50-90.ham50.r.cloudfront.net

Software

Resource Hash

659ec8040006cf9459b685b4b3a63af02a8122f28ee8d2e00df257718e91fb1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:22 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: HAM50-C2
etag: W/245da6e0e40a2a32a849a2de8da459f3
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
x-cache-hit: 1
content-length: 1653
via: 1.1 52c7de80c6ff92b7b540ab39e3ca1184.cloudfront.net (CloudFront)
x-amz-cf-id: tF5RU25cjw5-YCeDcABF0aClz47bjYOrQ4diAg2QeZElEY0Mn8Kbvw==

GET
H2 200 ebOneTag.js Show response
secure-ds.serving-sys.com/SemiCachedScripts/ 52 KB
16 KB 435ms
142ms Script
application/javascript 23.43.114.245
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.43.114.245 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a23-43-114-245.deploy.static.akamaitechnologies.com
Software: / ARR/3.0
Resource Hash: 560ff2564fbf2bef305cf0e9533c4db2671c96297d978fd31ac0310727fe455f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:22 GMT
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 15:15:57 GMT
server
x-powered-by: ARR/3.0
etag: "84a7fce7aaabd61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=303
accept-ranges: bytes
content-length: 15848

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
243 B 142ms
141ms Script
application/x-javascript 23.37.61.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsltd/hwt/202012150059&cb=1608062481182
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.61.47 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-61-47.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:21 GMT
content-encoding: gzip
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 22
expires: Tue, 15 Dec 2020 20:11:21 GMT

GET
H2 200 _error
uconnect.tealiumiq.com/ulog/ 43 B
455 B 393ms
119ms Image
image/gif 18.192.172.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uconnect.tealiumiq.com/ulog/_error?utid=newsltd/hwt/202012150059&e0=ge%3A%3A4%3A%3A%2F%2Ftags.tiqcdn.com%2Futag%2Fnewsltd%2Fhwt%2Fprod%2Futag.js%3A%3A_gaq%20is%20not%20defined
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.172.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:22 GMT
x-serverid: uconnect_i-0fabb3a43f2422e14
vary: Origin
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc: _error::4:uconnect
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
x-region: eu-central-1
x-error: _error is not supported
content-type: image/gif
x-ulver: 65ed533ac5b7460579a0f854b35565150511cdb2-SNAPSHOT
content-length: 43
x-uuid: 3dd01969-eb92-4383-bd43-e1c8b129f18d
expires: Tue, 15 Dec 2020 20:01:22 GMT

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ 9 KB
3 KB 117ms
114ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201214-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a5637934865d2aa41b2cb550b37d4f57070028d026edcc4891dd0b52e4685ae5

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: o4T63Sh.xgRNl2qmKkn70cuLpzZLzSVA
content-encoding: gzip
etag: "75c293488f88dded172b9df1863a9237"
age: 17913
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 3132
x-amz-id-2: hZvlftDIhVzQPeHUHkdniDK7nymmxEdcmkYM2C8FgEsbetC5vPHPlqoXCF72+17aK9gUg3bFyJk=
x-served-by: cache-fra19163-FRA
last-modified: Tue, 15 Dec 2020 15:02:44 GMT
server: AmazonS3
x-timer: S1608062481.371140,VS0,VE0
date: Tue, 15 Dec 2020 20:01:21 GMT
vary: Accept-Encoding
x-amz-request-id: 9B61C327F727993D
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 26
x-cache-hits: 241634

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 3 KB
965 B 119ms
117ms Stylesheet
text/css 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201214-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2cb57515497d75f4345929ae896c87c21f27d609aed94fb83f857e5b96f9835

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: tcahAQL7SM5vHmChLog9xryayd2KNhUu
content-encoding: gzip
etag: "9e155136143a96e23a99757df9aa3cc8"
age: 9618
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 728
x-amz-id-2: f65xj6iuxogMKrz0V0PcFaMwZec2VDREXRA0jdjbf3aLNlkxtn2vhTmCXQ21535SK5HpYLHFJGI=
x-served-by: cache-fra19163-FRA
last-modified: Sun, 15 Nov 2020 09:20:35 GMT
server: AmazonS3
x-timer: S1608062481.371153,VS0,VE0
date: Tue, 15 Dec 2020 20:01:21 GMT
vary: Accept-Encoding
x-amz-request-id: 414C1B5C7AA1A893
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 26
x-cache-hits: 103119

GET
H2 200 distance-from-article.20201214-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 114ms
110ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20201214-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d8eecac242b66125024559089a5085b56b8e5bf78bc9bb664480a72077c8d8ba

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 2gbJymiMQsMVZrAOumFxaKmbLNZBKW7e
content-encoding: gzip
etag: "8b7d19dc7c96ad1fb6b9b3dfd0147b4a"
age: 15916
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 964
x-amz-id-2: hH7qfdCa9Wp8Rs+O80mRDhdSReY7d3KTOABAqd5I58Yr99KbzIHAbKzLu6/TTu5grqBeIcYH5Cg=
x-served-by: cache-fra19163-FRA
last-modified: Tue, 15 Dec 2020 15:36:02 GMT
server: AmazonS3
x-timer: S1608062481.375730,VS0,VE0
date: Tue, 15 Dec 2020 20:01:21 GMT
vary: Accept-Encoding
x-amz-request-id: EBE3CEAE42201BF7
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 26
x-cache-hits: 14538

GET
H2 200 article-detection.20201214-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 114ms
110ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20201214-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 751d3c6aaa3629df3f420185c654ce47ee59ac60d27f8b318b4ad9cf4a088d0d

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: VfRvm0KOnpwH94OXf1vrPsBa3RQzleW3
content-encoding: gzip
etag: "3b933c1dc20d66fdb3d74c41fe42220a"
age: 15908
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 864
x-amz-id-2: POg0HwlgUbp2hpN2trAHOt3RWLnVskCqohSn1BW3f18aMIPBV59OSzalQK0kNLqMZRTncTiglaw=
x-served-by: cache-fra19163-FRA
last-modified: Tue, 15 Dec 2020 15:36:11 GMT
server: AmazonS3
x-timer: S1608062481.376172,VS0,VE0
date: Tue, 15 Dec 2020 20:01:21 GMT
vary: Accept-Encoding
x-amz-request-id: 9B38CA193133F6D6
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 26
x-cache-hits: 14513

GET
H2

200

rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 2B78
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=59525ef0-3250-44c5-9735-a0c87a70b76a
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=59525ef0-3250-44c5-9735-a0c87a70b76a&tbid=a1b6216a-096c-41b9-b66e-5813b04bc646-tuct6d29b92&query=taboola_hm%3D59525ef0-3250-...

0
147 B

378ms
156ms

Image
text/plain

151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=59525ef0-3250-44c5-9735-a0c87a70b76a&tbid=a1b6216a-096c-41b9-b66e-5813b04bc646-tuct6d29b92&query=taboola_hm%3D59525ef0-3250-44c5-9735-a0c87a70b76a&isDirect=0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:22 GMT
via: 1.1 varnish
server: nginx
x-timer: S1608062483.983726,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn4055-HHN

Redirect headers

location: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=59525ef0-3250-44c5-9735-a0c87a70b76a&tbid=a1b6216a-096c-41b9-b66e-5813b04bc646-tuct6d29b92&query=taboola_hm%3D59525ef0-3250-44c5-9735-a0c87a70b76a&isDirect=0
tbl-x-upstream: 10.40.0.111:10213
date: Tue, 15 Dec 2020 20:01:22 GMT
server: nginx
x-fastly-to-nlb-rtt: 1861

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 2B78 0
239 B 507ms
134ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

GET
H2

204

/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 2B78
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=PvMiHcsOifi9&ev=1&orig=trc&pid=562107

0
216 B

97ms
79ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=PvMiHcsOifi9&ev=1&orig=trc&pid=562107
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.41.22.84:10213
date: Tue, 15 Dec 2020 20:01:22 GMT
server: nginx
x-fastly-to-nlb-rtt: 1855

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=PvMiHcsOifi9&ev=1&orig=trc&pid=562107
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-659d447f4f-wq9dw
expires: -1

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame 2B78 43 B
693 B 352ms
119ms Image
image/gif 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Dec 2020 20:01:22 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.136:80
AN-X-Request-Uuid: b2951500-ac03-4c1c-900d-0df85d3e3e9f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 2B78
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEG9otnUjxFfg10EQNx0CIfw&google_cver=1

0
58 B

94ms
93ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEG9otnUjxFfg10EQNx0CIfw&google_cver=1
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Tue, 15 Dec 2020 20:01:22 GMT
via: 1.1 varnish
server: nginx
x-timer: S1608062483.615723,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19163-FRA

Redirect headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEG9otnUjxFfg10EQNx0CIfw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Pug
simage2.pubmatic.com/AdServer/ Frame 2B78 42 B
885 B 310ms
95ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=4ff041ca-6074-4e4f-91ee-2a4605a74413-tuct6d29b90:$UID
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Tue, 15 Dec 2020 20:01:22 GMT
X-lat: Pug22044:0:640
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 2B78
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=22be8c20-d11f-457f-85d5-0f6123606eab-tuct6d29b92

170 B
730 B

45ms
31ms

Image
image/png

2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=22be8c20-d11f-457f-85d5-0f6123606eab-tuct6d29b92

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=22be8c20-d11f-457f-85d5-0f6123606eab-tuct6d29b92
tbl-x-upstream: 10.40.20.11:10213
date: Tue, 15 Dec 2020 20:01:22 GMT
server: nginx
x-fastly-to-nlb-rtt: 1859

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 2B78
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=26ee1fe5-127a-4e43-82a1-10e74a08cbfe

0
200 B

137ms
137ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=26ee1fe5-127a-4e43-82a1-10e74a08cbfe
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Tue, 15 Dec 2020 20:01:23 GMT
via: 1.1 varnish
server: nginx
x-timer: S1608062483.042514,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19163-FRA

Redirect headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:22 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=26ee1fe5-127a-4e43-82a1-10e74a08cbfe
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame 2B78
Redirect Chain

https://ce.lijit.com/merge?pid=42&3pid=4ff041ca-6074-4e4f-91ee-2a4605a74413-tuct6d29b90&us_privacy=&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=42&3pid=4ff041ca-6074-4e4f-91ee-2a4605a74413-tuct6d29b90&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

0
433 B

124ms
124ms

Image
text/plain

72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=42&3pid=4ff041ca-6074-4e4f-91ee-2a4605a74413-tuct6d29b90&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Dec 2020 20:01:22 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 15 Dec 2020 20:01:22 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=42&3pid=4ff041ca-6074-4e4f-91ee-2a4605a74413-tuct6d29b90&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame 2B78 49 B
333 B 160ms
159ms Image
image/gif 198.148.27.140
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=4ff041ca-6074-4e4f-91ee-2a4605a74413-tuct6d29b90

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-659d447f4f-wq9dw
expires: -1

GET
H2

200

rtb-h
sync.taboola.com/sg/storygize-network/1/ Frame 2B78
Redirect Chain

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=4ff041ca-6074-4e4f-91ee-2a4605a74413-tuct6d29b90
https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301

0
224 B

123ms
122ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.40.20.9:10213
date: Tue, 15 Dec 2020 20:01:23 GMT
server: nginx
x-fastly-to-nlb-rtt: 1914

Redirect headers

Location: https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
Pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
Connection: keep-alive
P3P: CP ALL ADM DEV PSAi COM OUR OTRo STP IND ONL
Content-Length: 0
expires: 0

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 2B78 43 B
697 B 314ms
127ms Image
image/gif 185.86.138.142
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=4ff041ca-6074-4e4f-91ee-2a4605a74413-tuct6d29b90&gdpr=0&gdpr_consent=
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.142 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:21 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame 2B78 42 B
233 B 530ms
184ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=281&r=%2F%2Fsync.taboola.com%2Fsg%2Fadkernelrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%7BUID%7D
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 Garden City, United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Dec 2020 20:01:23 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2 200 put
e1.emxdgt.com/ Frame 2B78 43 B
124 B 607ms
78ms Image
image/gif 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d41&uid=4ff041ca-6074-4e4f-91ee-2a4605a74413-tuct6d29b90
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:22 GMT
content-length: 43
x-nosync: emp
content-type: image/gif

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 2B78
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=a66f0645-04d0-48fa-b346-68538ecc49f4

0
225 B

30ms
29ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=a66f0645-04d0-48fa-b346-68538ecc49f4
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.111:10213
date: Tue, 15 Dec 2020 20:01:23 GMT
server: nginx
x-fastly-to-nlb-rtt: 1947

Redirect headers

pragma: no-cache
x-errorlevel: 0
date: Tue, 15 Dec 2020 20:01:22 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=a66f0645-04d0-48fa-b346-68538ecc49f4
cache-control: no-cache
server-processing-duration-in-ticks: 1807
content-type: text/html; charset=utf-8
content-length: 222
expires: Tue, 15 Dec 2020 00:00:00 GMT

GET
H2

400

/
sync.taboola.com/sg/id5-network/1/rtb-h/ Frame 2B78
Redirect Chain

https://id5-sync.com/s/464/9.gif?puid=4ff041ca-6074-4e4f-91ee-2a4605a74413-tuct6d29b90&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
https://id5-sync.com/c/464/464/7/1.gif?puid=4ff041ca-6074-4e4f-91ee-2a4605a74413-tuct6d29b90&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO6x11SAaag_9ONWFtyuslCz4bBOot4V0lR4BG0Q&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO6x11SAaag_9ONWFtyuslCz4bBOot4V0lR4BG0Q&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp...
https://id5-sync.com/cq/464/124/6/2.gif?puid=621590fb-fffc-482f-bb1a-ae94b8f09bc9&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://id5-sync.com/c/464/19/5/3.gif?puid=3236e03bac54d15ecd7ff0c2707b559b&gdpr=1&gdpr_consent=
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/464/101/4/4.gif?puid=07d837ab-9b70-412d-935c-7ea1633829c9&gdpr=1&gdpr_consent=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gd...
https://id5-sync.com/c/464/108/3/5.gif?puid=51e7bb63-3f10-11eb-8cdd-aa1ed121fdfa&gdpr=1&gdpr_consent=
https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=

0
0

89ms
88ms

Image
text/html

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Location: https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=
Date: Tue, 15 Dec 2020 20:01:29 GMT
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

GET
H2

204

rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame 2B78
Redirect Chain

https://s.c.appier.net/taboola
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=w-NpVRHjDO2yAt25ExbZXw

0
216 B

114ms
114ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=w-NpVRHjDO2yAt25ExbZXw
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.40.20.11:10213
date: Tue, 15 Dec 2020 20:01:24 GMT
server: nginx
x-fastly-to-nlb-rtt: 1888

Redirect headers

location: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=w-NpVRHjDO2yAt25ExbZXw
date: Tue, 15 Dec 2020 20:01:23 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 110
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 2B78 35 B
380 B 646ms
193ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-ServerName: Track001-dc3
Pragma: no-cache
Date: Tue, 15 Dec 2020 20:01:20 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H/1.1 204
No Content /
cds.taboola.com/ Frame 2B78 0
155 B 378ms
173ms Image
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cds.taboola.com/?uid=4ff041ca-6074-4e4f-91ee-2a4605a74413-tuct6d29b90&_r=4112569
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 15 Dec 2020 20:01:23 GMT
Cache-Control: no-store
Server: nginx
Connection: close

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 2B78
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=c976ed1a-5168-481a-9d17-b1c058b25a0e
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=59525ef0-3250-44c5-9735-a0c87a70b76a&ssp=taboola
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c976ed1a-5168-481a-9d17-b1c058b25a0e

0
225 B

98ms
96ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c976ed1a-5168-481a-9d17-b1c058b25a0e
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.111:10213
date: Tue, 15 Dec 2020 20:01:24 GMT
server: nginx
x-fastly-to-nlb-rtt: 1897

Redirect headers

location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c976ed1a-5168-481a-9d17-b1c058b25a0e
date: Tue, 15 Dec 2020 20:01:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 204 debug
trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/ 0
275 B 68ms
66ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/debug?tim=21%3A01%3A21.272&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbnails-midrail-native&id=4902&cv=20201214-6-RELEASE&lt=deflated&pct=1
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:23 GMT
server: nginx
x-fastly-to-nlb-rtt: 1929
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.40.0.117:10213

GET
H2 204 social
trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/ 0
406 B 95ms
95ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/social?route=AM:AM:V&lti=deflated&ri=1111a7a8588f33761c2ed8fa330264d1&sd=v2_06d68d305f052baf58dad219bb77ede3_4ff041ca-6074-4e4f-91ee-2a4605a74413-tuct6d29b90_1608062480_1608062480_CIi3jgYQgPNHGJji-L_mLiABKAEwoQE4l-oLQJWXEEj-0toDUP___________wFYAGAAaOKmqpGyrZficA&ui=4ff041ca-6074-4e4f-91ee-2a4605a74413-tuct6d29b90&pi=/&wi=873729681997272865&pt=home&vi=1608062480664&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=21%3A01%3A21.285&id=7596&llvl=1&cv=20201214-6-RELEASE&
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:23 GMT
server: nginx
x-fastly-to-nlb-rtt: 1919
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.41.24.10:10213

GET
H2 200 ping
ping.chartbeat.net/ 43 B
169 B 608ms
193ms Image
image/gif 3.232.164.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2F&u=BxyHKHDR0-jNChWYZc&d=heraldsun.com.au&g=36976&g0=home%2Chomepage%2Cno_video&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=9172&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=11972&t=WlZ3hB87O9JDN0fs4NtJvgIUnDl&V=121&i=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&tz=-60&_acct=anon&sn=1&sv=CKXI7g87DQZClaTrO3mDV_BUuRV-&sd=1&im=06030402&_
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.232.164.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:24 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 204 supply-feature
trc.taboola.com/newscorpau-aud-heraldsun/log/3/ 0
64 B 134ms
133ms Image
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/newscorpau-aud-heraldsun/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=1111a7a8588f33761c2ed8fa330264d1&sd=v2_06d68d305f052baf58dad219bb77ede3_4ff041ca-6074-4e4f-91ee-2a4605a74413-tuct6d29b90_1608062480_1608062480_CIi3jgYQgPNHGJji-L_mLiABKAEwoQE4l-oLQJWXEEj-0toDUP___________wFYAGAAaOKmqpGyrZficA&ui=4ff041ca-6074-4e4f-91ee-2a4605a74413-tuct6d29b90&pi=/&wi=873729681997272865&pt=home&vi=1608062480664&d=%7B%22event_type%22%3A%22END_OF_ARTICLE_MEASUREMENT%22%2C%22event_state%22%3A%22REPORTED%22%2C%22event_value%22%3A%22%7B%5C%22distance%5C%22%3A557%2C%5C%22articleClasses%5C%22%3A%5C%22site-content%5C%22%2C%5C%22articleTag%5C%22%3A%5C%22SECTION%5C%22%2C%5C%22threshold%5C%22%3A%5C%22261%5C%22%7D%22%7D&tim=21%3A01%3A21.426&id=4866&llvl=1&cv=20201214-6-RELEASE&
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 11
pragma: no-cache
date: Tue, 15 Dec 2020 20:01:23 GMT
via: 1.1 varnish
server: nginx
x-timer: S1608062484.689408,VS0,VE11
x-served-by: cache-fra19163-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1608062481557
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1608062481557

5 KB
2 KB

111ms
111ms

XHR
application/json

34.249.128.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1608062481557

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.249.128.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-128-36.eu-west-1.compute.amazonaws.com

Software

Resource Hash

a3299c6c5ad5294a46cf078b52a676239ce2b8745c2baa92ec16fa634cbde1a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v086-0a291b154.edge-irl1.demdex.com 5.80.1.20201111130852 4ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: ZdipvXQcR1Q=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.heraldsun.com.au
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1538
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://www.heraldsun.com.au
X-TID: kdwcdYf+TrE=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1608062481557
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK iasPET.1.js Show response
cdn.adsafeprotected.com/ 22 KB
7 KB 377ms
119ms Script
application/javascript 13.225.80.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adsafeprotected.com/iasPET.1.js
Requested by: Host: tags.news.com.au
URL: https://tags.news.com.au/prod/tad/tad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.80.120 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-80-120.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 54138d578ed166d5381db70b3dd14a16830233553b6e4213402bae2fdb0564b4

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 12 Dec 2020 13:25:33 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 08 Jul 2020 20:34:30 GMT
Server: AmazonS3
Age: 282951
ETag: "a8663f72a1dbe614b19f167a59af368d"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 ec9e3bc729d9c6d55ed32446408ad62f.cloudfront.net (CloudFront)
Cache-Control: max-age=604800
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA2-C2
X-Amz-Cf-Id: LERi_I5UjMRS8_jw6O4ivhgihFb4gmK7P2lhnLVTG_rOTmh1yD0bOA==

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20201203/r20110914/elements/html/ 6 KB
3 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201203/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=812740924318.7706?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa3748e2366d5ba5f4a7b6c8154809725b6bfb7843743837384c70f060b33503

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 19:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3596
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 2649
x-xss-protection: 0
server: cafe
etag: 804181672847865866
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Dec 2020 19:01:27 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ 0
683 B 405ms
130ms Other
image/gif 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsucO_MhuVVMK6x_2lToH_-bbrWdvO_FGA2uDO1ToOUPAIvfnwbEzgwlBVQlR7JZCul5zMcO4dZV9AqrkuIGOLcUPSpZWfVTsOrqAmRGoHBB3p4_72lkAz5sDeo_ugGVREHO&sig=Cg0ArKJSzMgXVrLMRGIiEAE&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20201203.21533&adurl=

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=812740924318.7706?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 15 Dec 2020 20:01:24 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 ggcmb510.js Show response
seccdn-gl.imrworldwide.com/novms/js/2/ 12 KB
5 KB 35ms
15ms Script
application/javascript 2600:9000:2093:3a00:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://seccdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Requested by: Host: tags.news.com.au
URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2093:3a00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: CeKWdfuThsyzKr0NmnwAM5a0VYitilJV
content-encoding: gzip
etag: "afa0d379b1e6e0a61fad577d0043ff26"
last-modified: Tue, 17 Nov 2020 14:36:24 GMT
server: AmazonS3
age: 152
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 918126cde448a82c2757fd37058ea3ec.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Tue, 15 Dec 2020 19:58:52 GMT
x-amz-cf-pop: HAM50-C1
x-amz-cf-id: MM6xTm5VS5VOXZGdNGEw_KcO0gVCo0-IHhe18hK9DOm1r3k0HiK0yw==

GET
H2 200 storageframe.html
secure-gl.imrworldwide.com/ Frame F528 0
0 121ms
121ms Document
text/html 2600:9000:21f3:5e00:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-gl.imrworldwide.com/storageframe.html
Requested by: Host: secure-gl.imrworldwide.com
URL: https://secure-gl.imrworldwide.com/v60.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:5e00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: secure-gl.imrworldwide.com
:scheme: https
:path: /storageframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

content-type: text/html
vary: Accept-Encoding
date: Tue, 15 Dec 2020 20:01:21 GMT
server: nginx
last-modified: Tue, 08 Dec 2020 21:31:18 GMT
etag: W/"5fcff0a6-2b27"
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: dRtkxi9K61OIfyUoqG59qYkoTDnOR3htMmcQX7sgYnC-17_mlJ4nPg==

GET
H2

200

m
secure-gl.imrworldwide.com/cgi-bin/
Redirect Chain

https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1608062481909&ci=newscorp&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&sr=1600x1200&id=lstr...
https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1608062481909&ci=newscorp&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&sr=1600x1200&id=lstr...

44 B
490 B

110ms
110ms

Image
image/gif

2600:9000:21f3:5e00:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1608062481909&ci=newscorp&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&sr=1600x1200&id=lstrg-ccd9ea9330f76cb1e9f4a36f97ef6df0&tz=1&ja=1
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:5e00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:22 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA2-C2
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 44
x-amz-cf-id: hwplEilDqYeDDGHFlhhqEAlyRpeNcyRP6NQ0VOooiFiw9G830fzvhg==
expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:21 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA2-C2
location: https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1608062481909&ci=newscorp&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&sr=1600x1200&id=lstrg-ccd9ea9330f76cb1e9f4a36f97ef6df0&tz=1&ja=1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: RoNbeuYbp8BNV-R0X23TCXMqZ93px7eWeFcJ0kcM48pHqV6NqrTYOQ==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3-Q050 200 pubads_impl_2020120801.js Show response
securepubads.g.doubleclick.net/gpt/ 274 KB
97 KB 267ms
136ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

sffe /

Resource Hash

5f02981bfcab6807a15ddfea1babc7cee05cd0f1f59abe712928de44fb6c1f0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Dec 2020 09:42:29 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98829
x-xss-protection: 0
expires: Tue, 15 Dec 2020 20:01:22 GMT

GET
H2 200 modules.f2a0c48472fc3a6a1664.js Show response
script.hotjar.com/ 222 KB
59 KB 371ms
138ms Script
application/javascript 13.226.155.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.f2a0c48472fc3a6a1664.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-465845.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.155.55 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-155-55.dus51.r.cloudfront.net

Software

Resource Hash

3422a566d3586aa83e09fd661635fe9ebcf90f0f4824fdf3d42d6698662cbfcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 12:37:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26658
x-cache: Hit from cloudfront
content-length: 59564
access-control-allow-origin: *
last-modified: Tue, 15 Dec 2020 12:34:17 GMT
etag: "5a8a077d3cc3e6ab1290703959e9ca39"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: Q6jROS-Dh1q7DLpY5hbD2mSsdh4mVDHWVQTntchF-JdUn2uG0uAIDw==

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 4812 0
0 163ms
157ms Document
text/html 52.84.50.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-465845.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.50.90 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-50-90.ham50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

content-type: text/html
content-length: 851
date: Fri, 06 Nov 2020 22:29:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified: Fri, 06 Nov 2020 16:42:59 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 52c7de80c6ff92b7b540ab39e3ca1184.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: 9VcbC2wM_JLu4S5F7RqU1N1V3x3e9pt4wHgmHptqAqPTritlMPpfeQ==
age: 3360686

GET
H2 200 6630 Show response
secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/ 15 KB
1 KB 334ms
94ms XHR
application/octet-stream 23.43.114.245
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/6630
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.43.114.245 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a23-43-114-245.deploy.static.akamaitechnologies.com
Software: ATS/7.1.0 /
Resource Hash: befd4d99b6cb8649f107a5cd1fec1055d228bdc1c001493676bb87249e9b1040

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: s9D81rRzINXxbJe2GpsceLRJAdvlBAld
content-encoding: gzip
last-modified: Mon, 30 Nov 2020 08:14:17 GMT
server: ATS/7.1.0
x-amz-request-id: 0F11EBC0262C8C70
etag: "622b99881112d32ffad4119cdad72daf"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=186
date: Tue, 15 Dec 2020 20:01:22 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 1050
x-amz-id-2: fHEyaDFJT5Pv9RMW+rMYW4/PZTtlPcKYcPrPL9GHMBK4qj0Q3XDjmy/sW5V+LulY6yeW5XOHnME=

POST
H2 204 bulk Show response
trc.taboola.com/newscorpau-aud-heraldsun/log/3/ 0
414 B 129ms
129ms XHR
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/newscorpau-aud-heraldsun/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201214-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 10
pragma: no-cache
date: Tue, 15 Dec 2020 20:01:22 GMT
via: 1.1 varnish
server: nginx
x-timer: S1608062482.395263,VS0,VE10
x-served-by: cache-fra19163-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.heraldsun.com.au
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H3-Q050 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 21 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eccd35a63a7b80bbfd3a64bb7be75b327bf9292b7c603c8d31c0247962223819

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 19:28:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1948
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 8761
x-xss-protection: 0
server: cafe
etag: 16638491572200565323
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 15 Dec 2020 20:28:55 GMT

GET
H/1.1 200 Serving Show response
bs.serving-sys.com/ 10 KB
4 KB 511ms
139ms Script
text/html 82.199.68.72
EQUINIX-CONNECT-EMEA

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?cn=ot&onetagid=6630&dispType=js&sync=0&sessionid=6671451136493258756&pageurl=$$https%3A%2F%2Fwww.heraldsun.com.au%2F$$&activityValues=$$Session%3D4933441207701751970$$&ns=0&rnd=3400396045263898
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 82.199.68.72 , Netherlands, ASN15830 (EQUINIX-CONNECT-EMEA, GB),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: ce126fe1085d58b9a3e2f53906f2a4b4a9b9c295a75d9bf9772b4d5fe70546f3

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Dec 2020 20:01:47 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
P3P: CP="NOI DEVa OUR BUS UNI"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
Content-Type: text/html; charset=UTF-8
Content-Length: 2386
Expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 campaigns Show response
resourcesssl.newscdn.com.au/indies/ 3 KB
1 KB 40ms
39ms XHR
application/json 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22homepage%22,site:%22heraldsun.com.au%22,section:%22/home%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Requested by: Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: Google Frontend / Express
Resource Hash: 338ad442ce49a764c366579658c0abb342c8192513168eb0aab49ffd111b4b43

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 15 Dec 2020 20:01:23 GMT
content-encoding: gzip
etag: W/"abd-v6vZDUIiNtwyMRVGdlumjzOe9BE"
x-powered-by: Express
x-cache-hits: 0
content-length: 867
x-served-by: cache-dca17743-DCA
server: Google Frontend
x-timer: S1608019714.534416,VS0,VE352
x-i: true
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 5289e239f7a5fad4f3dc0e8c769017ff
cache-control: private, max-age=562008
function-execution-id: 5zeauepb0l43
accept-ranges: bytes
x-orig-accept-language: en-us
x-country-code: DE
expires: Tue, 22 Dec 2020 08:08:11 GMT

OPTIONS
H2 204 campaigns
resourcesssl.newscdn.com.au/indies/ Frame 0
0 596ms
596ms Other
text/html 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22homepage%22,site:%22heraldsun.com.au%22,section:%22/home%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Protocol: H2
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.heraldsun.com.au
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
content-type: text/html
function-execution-id: ntqjr3itf0yp
server: Google Frontend
x-cloud-trace-context: e6edffc0e9e2a3d2b94a9292e7004cac
x-country-code: DE
x-orig-accept-language: en-US
x-powered-by: Express
accept-ranges: bytes
x-served-by: cache-dca17740-DCA
x-cache-hits: 0
x-timer: S1608062483.927355,VS0,VE239
cache-control: private, max-age=604792
expires: Tue, 22 Dec 2020 20:01:15 GMT
date: Tue, 15 Dec 2020 20:01:23 GMT
x-i: true

GET
H/1.1 200
OK Cookie set dest5.html
newscorpau.demdex.net/ Frame FA1E 0
0 491ms
114ms Document
text/html 34.249.128.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://newscorpau.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.249.128.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-128-36.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: newscorpau.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.heraldsun.com.au/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=58555027313566200433690474862434481875
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Thu, 19 Nov 2020 14:56:47 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=58555027313566200433690474862434481875;Path=/;Domain=.demdex.net;Expires=Sun, 13-Jun-2021 20:01:23 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: 4Igr0XumQek=
Content-Length: 2785
Connection: keep-alive

GET
H2 200 id Show response
metrics.heraldsun.com.au/ 48 B
516 B 435ms
133ms XHR
application/x-javascript 15.237.76.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.heraldsun.com.au/id?d_visid_ver=5.1.1&d_fieldgroup=A&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&mid=58576019560493271213692879203747309513&ts=1608062482657

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.76.117 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-237-76-117.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

97a8b22437442465f82a4829cffd92194e57ea08d89ff2d34cd24a7877df8ba1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 15 Dec 2020 20:01:22 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-f7bfdfcfd-rmp7d
vary: Origin
x-c: master-1404.I1e61f9.M0-468
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.heraldsun.com.au
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=X9kWFAAAAD0RIR-H
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=58555027313566200433690474862434481875
https://dpm.demdex.net/ibs:dpid=411&dpuuid=X9kWFAAAAD0RIR-H

42 B
915 B

132ms
132ms

Image
image/gif

34.249.128.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=X9kWFAAAAD0RIR-H

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.249.128.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-128-36.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v086-0f950b505.edge-irl1.demdex.com 5.80.1.20201111130852 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: Z4CMzvQSRng=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=X9kWFAAAAD0RIR-H
Date: Tue, 15 Dec 2020 20:01:24 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 gdpr_user_check.esi Show response
tags.news.com.au/prod/data-esi/top/ 61 B
359 B 823ms
823ms XHR
text/plain 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi?
Requested by: Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AkamaiGHost /
Resource Hash: 0d65919743905ca954e12255f116be6594f5c6ec20fab63ad2295ae71da41658

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:23 GMT
server: AkamaiGHost
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
etag: "f1d1adc077c1f1f826a151ee3db530bc:1600839199.327003"
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=0, no-cache
content-length: 61
mime-version: 1.0
expires: Tue, 15 Dec 2020 20:01:23 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 5 KB
2 KB 86ms
86ms XHR
application/json 34.249.128.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=58576019560493271213692879203747309513&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&ts=1608062483096

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.249.128.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-128-36.eu-west-1.compute.amazonaws.com

Software

Resource Hash

0066f3ccac17485cc01c22a7d9ab1aeffb9b03bd0d3e778a981868b80e8187be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v086-0cc7b6eb3.edge-irl1.demdex.com 5.80.1.20201111130852 3ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: s1ssNcXNQVs=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.heraldsun.com.au
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1537
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 s46779522804421
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.0/ 43 B
440 B 42ms
42ms Image
image/gif 15.237.76.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.0/s46779522804421?AQB=1&ndh=1&pf=1&t=15%2F11%2F2020%2021%3A1%3A23%202%20-60&mid=58576019560493271213692879203747309513&aamlh=6&ce=UTF-8&ns=newscorpau&cdp=3&pageName=hs%7Chome%7Chomepage%7Chomepage&g=https%3A%2F%2Fwww.heraldsun.com.au%2F&cc=AUD&ch=D%3Dv4&events=event1%2Cevent8%2Cevent17%3D7%2Cevent18%2Cevent63%3D122&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=D%3Dv1&v1=news%20corp%20au&h1=news%20corp%20au%7Cherald%20sun%7Cherald%20sun%20web%7Chome&l1=hybrid%3A1%7Chybrid-leader-billboard%3A1%7Chalfpage%3A1%7Chybrid%3A2%7Chybrid-leader-portal%3A1%7Cmrec%3A1%7Croadblock-px%3A1&c2=D%3Dv2&v2=herald%20sun&c3=D%3Dv3&v3=herald%20sun%20web&c4=D%3Dv4&v4=home&c9=D%3Dv9&v9=homepage&c10=D%3Dg&v10=D%3DpageName&c11=D%3Dv11&v11=D%3Dvid&c12=D%3Dv12&v12=not%20set&c14=D%3Dv14&v14=anonymous&c22=D%3Dv22&v22=7%3A01%20AM%7CWednesday&c24=D%3Dv24&v24=New&c30=First%20Visit&v34=D%3Dg&c45=landscape&c46=D%3Dv46&v46=not%20logged%20in&v52=1600x1200%7Cmac%20os%20x%7C10_14_5&c60=D%3Dv60&v60=122&c65=D%3Dv65&v65=false&c75=D%3Dv80&v76=no%20plugins&v77=D%3Dmid&v78=nl%7Cunknown%7Camsterdam%7C52.35%7C4.92%7Cgmt%2B1%7Cunknown&v79=nl&v80=00000000000000000000000000000000-00000000000000000000000000000000-1608062481297-899996&v111=0&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&AQE=1

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.76.117 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-237-76-117.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:22 GMT
x-content-type-options: nosniff
x-c: master-1404.I1e61f9.M0-468
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 16 Dec 2020 20:01:23 GMT
server: jag
xserver: anedge-f7bfdfcfd-gv44j
etag: 3453287887290073088-4621510624836267547
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Mon, 14 Dec 2020 20:01:23 GMT

GET
H2 200 style.css
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/banner-update-indie/assets/ 969 B
737 B 442ms
441ms Stylesheet
text/css 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/banner-update-indie/assets/style.css

Requested by

Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-206.deploy.static.akamaitechnologies.com

Software

Resource Hash

5b6656e316c03a551cbdeb95f1aed0acdffeb7b3ce743144573475dd3b8133fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: "617866c501ae2baecee3c33975ca8125d4935302e86a88dedf91278f1aec543e"
last-modified: Wed, 09 Dec 2020 05:03:11 GMT
x-timer: S1607490656.986599,VS0,VE1
x-i: true
x-served-by: cache-dca17728-DCA
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=1800
date: Tue, 15 Dec 2020 20:01:23 GMT
x-cache-hits: 1
accept-ranges: bytes
content-length: 406
expires: Tue, 15 Dec 2020 20:31:23 GMT

GET
H2 200 main.js Show response
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/banner-update-indie/assets/ 3 KB
2 KB 472ms
472ms Script
text/javascript 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/banner-update-indie/assets/main.js

Requested by

Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-206.deploy.static.akamaitechnologies.com

Software

Resource Hash

386895aeac76b1c5ff9b99ceaf1129828535748e9dd0ff241e8f595ca13b6afb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: "799b8c406ecbbc260dc9ac71c011202326bd9a557b155ba1707af12579eded3c"
last-modified: Wed, 09 Dec 2020 05:03:11 GMT
x-timer: S1607490568.714474,VS0,VE1
x-i: true
x-served-by: cache-dca17736-DCA
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=1800
date: Tue, 15 Dec 2020 20:01:24 GMT
x-cache-hits: 1
accept-ranges: bytes
content-length: 1276
expires: Tue, 15 Dec 2020 20:31:24 GMT

POST
H2 200 validate
assets.vidora.com/v1/ 0
314 B 482ms
482ms Other
application/octet-stream 2600:9000:206f:b800:4:77d:a0c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidora.com/v1/validate?api_key=heraldsun.2F8773CE626E38E3517E704E87B6D52D
Requested by: Host: assets.vidora.com
URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:b800:4:77d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 15 Dec 2020 20:01:24 GMT
via: 1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: K9WSXDPFw9irrDQrTRKx0zbIgOMAMdRlP77YnKXWgWgHkwhtyibZEA==
expires: Tue, 15 Dec 2020 20:01:23 GMT

GET
H2 200 glcfg510.js Show response
cdn-gl.imrworldwide.com/novms/js/2/configs/ 2 KB
1 KB 21ms
21ms Script
application/javascript 2600:9000:2093:3a00:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/configs/glcfg510.js
Requested by: Host: seccdn-gl.imrworldwide.com
URL: https://seccdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2093:3a00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: a9yv6FoqUOJEHV8JhhsvdvrSixeG3nZZ
content-encoding: gzip
etag: "931051f801612c3a0e2782961ac3d56c"
last-modified: Tue, 17 Nov 2020 14:36:24 GMT
server: AmazonS3
age: 1665
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 918126cde448a82c2757fd37058ea3ec.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Tue, 15 Dec 2020 19:33:39 GMT
x-amz-cf-pop: HAM50-C1
x-amz-cf-id: d3nVJgqvLvmqQOLHn8Sd6gRS-_gyAep1JjLSrhxxNlvoepNSoEdpUg==

GET
H2 200 PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js Show response
cdn-gl.imrworldwide.com/conf/ 32 KB
7 KB 26ms
25ms Script
application/javascript 2600:9000:2093:3a00:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Requested by: Host: secure-gl.imrworldwide.com
URL: https://secure-gl.imrworldwide.com/v60.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2093:3a00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cef718a0e010f9a07acbb967c0bf49ff1cb115a08eacd40e5bffcaab5ebb729c

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: Kj7_unSqPUpvxwNm3Fae6KN3klZ7QYmy
content-encoding: gzip
etag: "095093dda9d40b392141a14682cc9fd6"
last-modified: Tue, 15 Dec 2020 09:18:05 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C1
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 918126cde448a82c2757fd37058ea3ec.cloudfront.net (CloudFront)
cache-control: max-age=86400,s-maxage=86400
date: Tue, 15 Dec 2020 20:01:23 GMT
x-amz-cf-id: A7Rc-Bgj9DfcYHAdTRhHsTW6ywa1_apRlO0oC9W7a1qG2-qcDLDndg==

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 647 B
885 B 441ms
139ms XHR
application/json 34.250.51.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=10507&slot=%7Bid:ad-block-728x90-1,ss:%5B728.90,970.250,970.50,1000.100%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x250-1,ss:%5B300.250,300.600%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x250-2,ss:%5B300.250%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-1000x50-1,ss:%5B1000.50,728.1%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-728x90-2,ss:%5B728.90,1000.150%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-out-of-page,ss:%5B1.1%5D,p:/5129/ndm.hwt/home,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=29820b4f-cf5a-9456-05bf-68e356f7cfa9&url=https%253A%252F%252Fwww.heraldsun.com.au%252F
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.51.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ac9beda0caea77f8433790621e206488234b7789204f247e5f11962f33c38c56

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:24 GMT
x-server-name: app18.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.heraldsun.com.au
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H2 200 nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 173 KB
50 KB 16ms
16ms Script
application/javascript 2600:9000:2093:3a00:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2093:3a00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 43ec631c14060e4d10a7fc3b6b96296f20e718d65fb51558370d41eda08a3ddc

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 8pyu2AVizz7qLhkNLlydOCakgrumnPjD
content-encoding: gzip
etag: "2a3ec0074402cc8fa654f381bebd2e04"
last-modified: Tue, 17 Nov 2020 14:36:24 GMT
server: AmazonS3
age: 230
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 918126cde448a82c2757fd37058ea3ec.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Tue, 15 Dec 2020 19:57:35 GMT
x-amz-cf-pop: HAM50-C1
x-amz-cf-id: Mxg_AM4Ypj0ewHvTff7ap-S5JaTDmwO9MtkcaiL0djXIv0Enyq3ykg==

GET
H2 200 ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame D1D9 0
0 15ms
14ms Document
text/html 2600:9000:2093:3a00:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2093:3a00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: cdn-gl.imrworldwide.com
:scheme: https
:path: /novms/html/ls.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSCVER=v1; IMRID=4ec6a540-3f10-11eb-9185-f9e3a531bb10
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

content-type: text/html
date: Tue, 15 Dec 2020 19:27:47 GMT
last-modified: Tue, 17 Nov 2020 14:36:23 GMT
etag: W/"7fa83dfc7b78314b137e2eb13834daa7"
x-amz-server-side-encryption: AES256
cache-control: max-age=86400
x-amz-version-id: fXiAi9JTI1XHMxGqL.0MvkCakB1rMXT9
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 918126cde448a82c2757fd37058ea3ec.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C1
x-amz-cf-id: v2_K3ipfQ1XkRBuVCueR2nS26Trpsw3i31Zd7EMBWKa2U6MKXfF9SA==
age: 2018

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ Frame 79D1 4 KB
2 KB 463ms
120ms Script
application/x-javascript 54.230.55.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.55.228 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-55-228.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Dec 2020 08:42:38 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 40727
ETag: "98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 d66ba6ddafce2f17d4194c66f1af89fc.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: HAM50-C1
X-Amz-Cf-Id: NHf2wPMCU6lanj3SM8tTq12s6LoyFoLzhwOsRfig6C86-umaBz16WA==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ Frame F1F2 5 KB
2 KB 364ms
120ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4a3afa2cbb934f375faa4617058d5b4e-1608062471
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:24 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 68073
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1608062485.616993,VS0,VE0
x-served-by: cache-fra19172-FRA

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame E02E 965 B
761 B 28ms
9ms Script
application/x-javascript 2a02:26f0:10c:58e::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4a3afa2cbb934f375faa4617058d5b4e-1608062471
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:58e::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Dec 2020 20:01:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=43960
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 448

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame 1486 96 KB
38 KB 20ms
16ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-707564276

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b078acca5079cc43614182feddcc9f3a3d5c733eb382d596f1cfcb7eaa82f326

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:24 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38971
x-xss-protection: 0
last-modified: Tue, 15 Dec 2020 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 15 Dec 2020 20:01:24 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ Frame 756D 4 KB
2 KB 427ms
156ms Script
application/x-javascript 54.230.55.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.55.228 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-55-228.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Dec 2020 08:42:38 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 40727
ETag: "98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 e783bb6c29f662cfdd94e8ac169d6a36.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: HAM50-C1
X-Amz-Cf-Id: 4zTNqHYCDM_J4e8dtfKX7L-htzveyLHs63SRWBX_hy2gbR6t42no3g==

GET
H/1.1 200
OK pixie.js Show response
acdn.adnxs.com/dmp/up/ Frame 600B 7 KB
3 KB 448ms
158ms Script
application/javascript 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/up/pixie.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4a3afa2cbb934f375faa4617058d5b4e-1608062471
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3883ff2a5b46193da5464f5ae5fb94169d1361cfecedbd187439d459dc669f31

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Dec 2020 20:01:25 GMT
Content-Encoding: gzip
Age: 1571
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 2601
X-Served-By: cache-lga21945-LGA, cache-hhn4024-HHN
Access-Control-Allow-Origin: *
Last-Modified: Thu, 14 May 2020 21:04:36 GMT
Server: nginx/1.13.10
X-Timer: S1608062485.032866,VS0,VE0
ETag: W/"5ebdb264-1cfb"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Thu, 10 Dec 2020 19:35:03 GMT
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 2, 1201

GET
H3-Q050

200

activityi;dc_pre=CILptsnj0O0CFSaSdwod5mgM8w;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1080377071112.4772
8228261.fls.doubleclick.net/ Frame 1175
Redirect Chain

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1080377071112.4772?
https://8228261.fls.doubleclick.net/activityi;dc_pre=CILptsnj0O0CFSaSdwod5mgM8w;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=108037707111...

0
0

384ms
239ms

Document
text/html

172.217.22.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8228261.fls.doubleclick.net/activityi;dc_pre=CILptsnj0O0CFSaSdwod5mgM8w;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1080377071112.4772?

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4a3afa2cbb934f375faa4617058d5b4e-1608062471

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8228261.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CILptsnj0O0CFSaSdwod5mgM8w;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1080377071112.4772?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnkHs9LRsUimRohrlejjci0RhXB_k-wOiyUP-C004mHlGXEPUzkuVr81_SO
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 15 Dec 2020 20:01:25 GMT
expires: Tue, 15 Dec 2020 20:01:25 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 328
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 15 Dec 2020 20:01:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8228261.fls.doubleclick.net/activityi;dc_pre=CILptsnj0O0CFSaSdwod5mgM8w;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1080377071112.4772?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050

200

activityi;dc_pre=CJLstsnj0O0CFQiXdwod9ksP0A;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6462153067301.551
8228261.fls.doubleclick.net/ Frame 94E1
Redirect Chain

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6462153067301.551?
https://8228261.fls.doubleclick.net/activityi;dc_pre=CJLstsnj0O0CFQiXdwod9ksP0A;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=646215306730...

0
0

384ms
240ms

Document
text/html

172.217.22.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8228261.fls.doubleclick.net/activityi;dc_pre=CJLstsnj0O0CFQiXdwod9ksP0A;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6462153067301.551?

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4a3afa2cbb934f375faa4617058d5b4e-1608062471

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8228261.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CJLstsnj0O0CFQiXdwod9ksP0A;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6462153067301.551?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnkHs9LRsUimRohrlejjci0RhXB_k-wOiyUP-C004mHlGXEPUzkuVr81_SO
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 15 Dec 2020 20:01:25 GMT
expires: Tue, 15 Dec 2020 20:01:25 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 328
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 15 Dec 2020 20:01:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8228261.fls.doubleclick.net/activityi;dc_pre=CJLstsnj0O0CFQiXdwod9ksP0A;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6462153067301.551?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame DCC6 96 KB
38 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-820018408

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8600099f7e30b15cb09a2746c608dec0944c9a031c8b4794010ab943f2a98522

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:24 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38969
x-xss-protection: 0
last-modified: Tue, 15 Dec 2020 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 15 Dec 2020 20:01:24 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame 2E7D 30 KB
12 KB 371ms
127ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

09494b789c55d639e0aabeffc59433963f0e8e766baba0fea88eae8a63c40ccd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11865
x-xss-protection: 0
server: cafe
etag: 18432201170715473949
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 15 Dec 2020 20:01:24 GMT

GET
H2 200 activity
au-gmtdmp.mookie1.com/t/v2/ Frame E31B 43 B
606 B 1626ms
354ms Image
image/gif 35.227.202.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296557&src.rand=[timestamp]
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.202.26 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:26 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 4E14
Redirect Chain

https://secure.adnxs.com/px?id=879166&seg=9702347&t=2
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2

43 B
1 KB

238ms
107ms

Image
image/gif

185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Dec 2020 20:01:25 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.48:80
AN-X-Request-Uuid: bf436d8a-2eda-4008-b6cb-18fb99d0bbdb
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 15 Dec 2020 20:01:25 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.90:80
AN-X-Request-Uuid: 8cfae9d0-e3aa-4812-a0ee-54e43fb5bb67
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1

0
1 KB

234ms
126ms

Image
application/javascript

185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Dec 2020 20:01:25 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.154:80
AN-X-Request-Uuid: cbf06e9b-949c-41e4-88ef-7f5398e3fb0a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 15 Dec 2020 20:01:25 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.168:80
AN-X-Request-Uuid: d08ffab3-0c54-45dd-9c31-23e2c144f98a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK px
secure.adnxs.com/ 0
953 B 212ms
113ms Image
application/javascript 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/px?id=1049968&seg=15374298&t=1

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Dec 2020 20:01:25 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.75:80
AN-X-Request-Uuid: e94b54a7-24d4-433f-8701-831211e8744f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 109 B
803 B 36ms
15ms Script
application/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=www.heraldsun.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Dec 2020 20:01:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 37ms
17ms Script
application/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.heraldsun.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Dec 2020 20:01:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 122 KB
14 KB 189ms
188ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1340128692438989&correlator=2848086932019929&output=ldjh&impl=fifs&hxva=1&scor=1460561042729955&eid=21069139%2C21069142%2C21069710&vrg=2020120801&co=1&npa=1&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201215&iu_parts=5129%2Cndm.hwt%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%7C970x50%7C1000x100%2C300x250%7C300x600%2C300x250%2C1000x50%7C728x1%2C728x90%7C1000x150%2C1x1&ists=1&prev_scp=pos%3D1%26id%3D4f19a82a-3f10-11eb-8b24-0ab32f77e5b0%7Cpos%3D1%26id%3D4f19a82b-3f10-11eb-8b24-0ab32f77e5b0%26vw%3D40%2C50%2C60%2C70%26vw05%3D40%26grm%3D40%2C50%2C60%26pub%3D40%7Cpos%3D2%26id%3D4f19a82c-3f10-11eb-8b24-0ab32f77e5b0%7Cpos%3D1%26id%3D4f19a82d-3f10-11eb-8b24-0ab32f77e5b0%7Cpos%3D2%26id%3D4f19a82e-3f10-11eb-8b24-0ab32f77e5b0%7Cpos%3D1%26id%3D4f19a82f-3f10-11eb-8b24-0ab32f77e5b0&eri=1&cust_params=us%3Db%26s%3D0%26co%3D1%26kw%3D%26sec1%3Dhome%26ksgmnt%3D%26siteview%3D1%26pagetype%3Dhomepage%26pid%3Dnone%26adl%3Dfalse%26pvid%3D00000000000000000000000000000000-00000000000000000000000000000000-1608062481297-899996%26fr%3Dtrue%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3D&bc=31&abxe=1&lmt=1608062484&dt=1608062484473&dlt=1608062479569&idt=2872&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C1123%2C1124%2C176%2C176%2C0&adys=28%2C467%2C7735%2C8775%2C2622%2C9417&adks=1616217045%2C2956706420%2C1415436295%2C1982096792%2C3785065344%2C3544675803&ucis=1%7C2%7C3%7C4%7C5%7C6&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x134%7C300x0%7C300x0%7C1248x0%7C1248x0%7C1600x9417&msz=728x133%7C300x276%7C1600x276%7C1000x50%7C728x90%7C1x1&ga_vid=1829112523.1608062484&ga_sid=1608062484&ga_hid=1145656285&fws=640%2C640%2C128%2C128%2C128%2C128&ohw=0%2C0%2C0%2C0%2C0%2C0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

5b7e357f9ac086b6acfa35baae9fd7f1e09dc4e8d421f76369d49611886ec1a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14083
x-xss-protection: 0
google-lineitem-id: 4682990628,4682990628,4682990628,4682990628,4682990628,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138234025551,138234025548,138234092042,138234082439,138234025461,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.heraldsun.com.au
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
55ae6dbe066050f3c3f342566fa11ce0.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 78ms
14ms Other
text/html 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://55ae6dbe066050f3c3f342566fa11ce0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 1486 30 KB
12 KB 125ms
125ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-707564276

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

e1ec254792b6fe5cb168d2ce9cb1e35d15311d3b357b305a95cbfb12552477d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12175
x-xss-protection: 0
server: cafe
etag: 17536051821503146167
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 15 Dec 2020 20:01:25 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame DCC6 30 KB
12 KB 140ms
139ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-820018408

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

e1ec254792b6fe5cb168d2ce9cb1e35d15311d3b357b305a95cbfb12552477d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12175
x-xss-protection: 0
server: cafe
etag: 17536051821503146167
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 15 Dec 2020 20:01:25 GMT

GET
H2 200 adsct
t.co/i/ Frame F1F2 43 B
448 B 467ms
240ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o3flk&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2F

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 116
pragma: no-cache
last-modified: Tue, 15 Dec 2020 20:01:26 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: ba743ab634ec2fb8e7f2528073397fba
x-transaction: 00170e7400056e2f
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame E02E 3 KB
2 KB 10ms
9ms Script
application/x-javascript 2a02:26f0:10c:58e::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:58e::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Dec 2020 20:01:25 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Sep 2020 20:29:41 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=16138
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1576

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 48ms
40ms Image
image/gif 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=1340128692438989&r=300x250&w=1&h=1&a=0

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 732B 0
0 136ms
135ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssMzooEdmk2bWuf4uWcFpf5IExkOy9Yj851g5ney20xRp4Ad4TcTOuJZo_zRLIihC6rgWB1dDlBcIWCgi0j0I4hB1tR-OI6S_UpuzHxC7Desx9qqYyzzBMl083GZlyrcqPRCw1Pp5Kbw-0BMdoKkvI1h_oICPAXAcOda3TsH18Xv63U6EmoIQ9Dqlf9aZ1VyJx_hCHJ8-R3pJQpZVIaxTHMeslATi5wM87GbabTQMHMtNON2Ofh3L4ws7xIPeMnpho6odVxkXcj&sig=Cg0ArKJSzPU5ew5sUmnpEAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4a3afa2cbb934f375faa4617058d5b4e-1608062471

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Dec 2020 20:01:24 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/ Frame 732B 18 KB
7 KB 28ms
8ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

631c6a3617e2f5860eaa62155f5200b6ca156c00438445f9862089ef785e4542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 16:44:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11825
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7483
x-xss-protection: 0
server: cafe
etag: 7789600959769866771
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Dec 2020 16:44:19 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame 732B 3 KB
2 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 17:50:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7875
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Dec 2020 17:50:10 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 732B 76 KB
29 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07a3eb8be1687dc1ee377d85bffd51891d0fd539258b63ab4031b012bd77f5fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607690616793149"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29432
x-xss-protection: 0
expires: Tue, 15 Dec 2020 20:01:24 GMT

GET
H3-Q050 200 7114969398400660195
tpc.googlesyndication.com/simgad/ Frame 732B 68 B
99 B 8ms
7ms Image
image/png 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7114969398400660195

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 00:59:57 GMT
x-content-type-options: nosniff
age: 68488
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 23 May 2018 07:39:36 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Dec 2021 00:59:57 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame DFFA 0
0 134ms
134ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvg5ZO4jxsU_B8Et0v3JNZ2H7PDr6C71Kbn7nLdXnvZAF97VtPzlJB6CwVjDE4QsOVJCFcmOfMdmnEwqERM_gfqpV-YYE6j-rVwjl-wIkinTuW7aTyDhsc__6L7Eg_5z4dP9TX4YBbnCI_7xrMi2qVSfkKB6suYu_tg0-3Lpbfa1rIhZfaGXVqq-WSH3LTfgV5V0G0Q3n2gDx3eWzcLcCI256q9rILltGBMGNgxRUbtI9Vo25Bv71hT90uvl0vAqAs9Y_xgqfPw&sig=Cg0ArKJSzCSKZVGG0U9bEAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4a3afa2cbb934f375faa4617058d5b4e-1608062471

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Dec 2020 20:01:24 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/ Frame DFFA 18 KB
7 KB 16ms
7ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

631c6a3617e2f5860eaa62155f5200b6ca156c00438445f9862089ef785e4542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 16:44:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11825
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7483
x-xss-protection: 0
server: cafe
etag: 7789600959769866771
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Dec 2020 16:44:19 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame DFFA 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 17:50:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7875
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Dec 2020 17:50:10 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame DFFA 76 KB
29 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07a3eb8be1687dc1ee377d85bffd51891d0fd539258b63ab4031b012bd77f5fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607690616793149"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29432
x-xss-protection: 0
expires: Tue, 15 Dec 2020 20:01:24 GMT

GET
H3-Q050 200 13756812283639570429
tpc.googlesyndication.com/simgad/ Frame DFFA 68 B
168 B 9ms
9ms Image
image/png 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13756812283639570429

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 02:48:56 GMT
x-content-type-options: nosniff
age: 61949
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 23 May 2018 07:40:06 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Dec 2021 02:48:56 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 723C 0
0 135ms
134ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv3l0SAs-t2JmGBrkLb2BBHeFa9oBlJkwoVCqsMVk-J4akHXvUrTQ92_0R_RyRtF9DnT2EY2wNb5VIroAwGpvrRoPzZAjSTcxsCy17EV18jMCbTg9kQEeng5TYBKr1SoiKLdX0VencwzlMMbbSqKuKV2H3kuT92R4gzWohPiNzHVVWhsVuwsAUBMX5Hk-8oWLYD4NAUMrL3RlVu0-WTL37zG-fbzZJ7BaA_RsU5f-lHNHcXk3Ab6G6c6qVBvqLD6_IND20_LHiA&sig=Cg0ArKJSzGoW-Lp9CuFuEAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4a3afa2cbb934f375faa4617058d5b4e-1608062471

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Dec 2020 20:01:24 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 13756812283639570429
tpc.googlesyndication.com/simgad/ Frame 723C 68 B
94 B 10ms
9ms Image
image/png 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13756812283639570429

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 02:48:56 GMT
x-content-type-options: nosniff
age: 61949
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 23 May 2018 07:40:06 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Dec 2021 02:48:56 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/ Frame 723C 18 KB
8 KB 19ms
15ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

631c6a3617e2f5860eaa62155f5200b6ca156c00438445f9862089ef785e4542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 16:44:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11825
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7483
x-xss-protection: 0
server: cafe
etag: 7789600959769866771
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Dec 2020 16:44:19 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame 723C 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 17:50:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7875
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Dec 2020 17:50:10 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 723C 76 KB
29 KB 25ms
21ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07a3eb8be1687dc1ee377d85bffd51891d0fd539258b63ab4031b012bd77f5fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607690616793149"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29432
x-xss-protection: 0
expires: Tue, 15 Dec 2020 20:01:24 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 723C 0
0 14ms
14ms Image
text/html 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRj7OnpzFyjdv8MJShR_s5KsFNQnSZTmYsHqhu7Sral46R2vAa9hoGj1wbDAlAl6msKZumk
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0243 0
0 147ms
132ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvswjThA7wXScX-GzEKwINl3umcVIurW6Jn9WUqNN3MMqECmSy3ajhDRytW6rAlMWMJpT77RVD6EEzisWJIuY5xBnUztlJherq2QfRozkzBAA5zwufQ77UDQFv6RRLt53SAr-9OUj7ohvjaPlGBrbBgscLqVCGC7P32SH6gOA7DV8kD_I1fkp-0MtGCjZMtIlzyWQB7pDNzC94CP5aRezRHMBm1PyJMy0Glkw_pm7zaraFgjofT7yNjQJ3FV4-YNt2piTeNMSej&sig=Cg0ArKJSzFetyfWob424EAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4a3afa2cbb934f375faa4617058d5b4e-1608062471

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Dec 2020 20:01:24 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/ Frame 0243 18 KB
8 KB 101ms
83ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

631c6a3617e2f5860eaa62155f5200b6ca156c00438445f9862089ef785e4542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 16:44:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11825
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7483
x-xss-protection: 0
server: cafe
etag: 7789600959769866771
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Dec 2020 16:44:19 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame 0243 3 KB
2 KB 106ms
88ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 17:50:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7874
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Dec 2020 17:50:10 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0243 76 KB
29 KB 24ms
14ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07a3eb8be1687dc1ee377d85bffd51891d0fd539258b63ab4031b012bd77f5fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607690616793149"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29432
x-xss-protection: 0
expires: Tue, 15 Dec 2020 20:01:24 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 0243 0
0 14ms
13ms Image
text/html 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQnlVM7uazQB1yLNG_JbywTglisqMFfv0XjM3CcOEIxyNsjp_ZqcZh6va49vOi9yz2yAiqS
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 13503232906761715217
tpc.googlesyndication.com/simgad/ Frame 0243 3 KB
3 KB 105ms
89ms Image
image/png 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13503232906761715217

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a87453753b5611e7806718ec99a837dc8068d9eb20b4b6b3bb0d38ee2bd84d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 16:07:34 GMT
x-content-type-options: nosniff
age: 359630
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3270
x-xss-protection: 0
last-modified: Wed, 23 May 2018 04:43:28 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Dec 2021 16:07:34 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 40DD 0
0 146ms
136ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst4A-Mv8e31qKr26lZ5Px94u9h7OgB0UbN2fqrKEUA6ib6is9p3-RF2zDfKz97Lc5ez4p2ZmZeVnbDI0vb-r-7rGGoGGZWjX1Oh1BexoVTJzM0XbG7dxi4H8WfIbCGHrlXaQb8KgKYFxmSpoqbMBgZaD3E5vmsTPSRUsxTLvEyNjxlPtQWl9LB5BldFTaIPPWGp2LiRx9prynBX2XzKIWCl-N2tKIYWrOml5VLeZR6a5X48GnZeZXJXzXXhG7Vz5CUIr8efKUn7&sig=Cg0ArKJSzOL8_Qketsh7EAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=4a3afa2cbb934f375faa4617058d5b4e-1608062471

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Dec 2020 20:01:24 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 7114969398400660195
tpc.googlesyndication.com/simgad/ Frame 40DD 68 B
172 B 101ms
88ms Image
image/png 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7114969398400660195

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 00:59:57 GMT
x-content-type-options: nosniff
age: 68487
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 23 May 2018 07:39:36 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Dec 2021 00:59:57 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/ Frame 40DD 18 KB
7 KB 97ms
86ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

631c6a3617e2f5860eaa62155f5200b6ca156c00438445f9862089ef785e4542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 16:44:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11825
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7483
x-xss-protection: 0
server: cafe
etag: 7789600959769866771
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Dec 2020 16:44:19 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame 40DD 3 KB
1 KB 99ms
88ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 17:50:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7874
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Dec 2020 17:50:10 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 40DD 76 KB
29 KB 20ms
16ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07a3eb8be1687dc1ee377d85bffd51891d0fd539258b63ab4031b012bd77f5fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607690616793149"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29432
x-xss-protection: 0
expires: Tue, 15 Dec 2020 20:01:24 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 20ms
17ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1c9310eb6a56101c2133db372cfbe9cefb5ff6b90a02ded916984c975b813b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607690616793149"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28334
x-xss-protection: 0
expires: Tue, 15 Dec 2020 20:01:24 GMT

GET
DATA 200
OK truncated
/ Frame DFFA 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42aec9f93a5809f6726e93d7efde4678fbf63be61b52a317da7a4b2d133f2415

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 0AEA 46 KB
13 KB 790ms
149ms Script
application/javascript 34.250.51.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025548&pubOrder=305536031&cb=1566836915&custom=homepage&custom3=168400391&adsafe_par&impId=4f19a82b-3f10-11eb-8b24-0ab32f77e5b0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.51.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 19d658fae7d0104c29739f0a245735a995b1fbb6f840ab4b7c7d1f55dac3b346

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:25 GMT
content-encoding: gzip
x-server-name: app31.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
DATA 200
OK truncated
/ Frame 732B 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd9bf9053ea9538a93ac56b4c4dfe2a9ee8a345f8cef29ffd8bc820ddaafedf0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame A684 46 KB
13 KB 967ms
370ms Script
application/javascript 34.250.51.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025551&pubOrder=305536031&cb=573688561&custom=homepage&custom3=168400391&adsafe_par&impId=4f19a82a-3f10-11eb-8b24-0ab32f77e5b0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.51.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c500c193e1cc75c3e7398d1c1de12b6cc5d95bc115f4e43e166c903e0aa67d04

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:25 GMT
content-encoding: gzip
x-server-name: app41.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
DATA 200
OK truncated
/ Frame 723C 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9455ce59056c6ee4bba787e378ee4e1680c5dcf62d95bdae93de8abe6a8e405b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 1E98 46 KB
13 KB 846ms
253ms Script
application/javascript 34.250.51.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092042&pubOrder=305536031&cb=1383567697&custom=homepage&custom3=168400391&adsafe_par&impId=4f19a82c-3f10-11eb-8b24-0ab32f77e5b0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.51.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9c1a1fa3a8dac5e03623a57cd51a10ee5065df6a7336175b19fea04fc6cc3621

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:25 GMT
content-encoding: gzip
x-server-name: app14.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/ Frame 2E7D 2 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/?random=1608062484969&cv=9&fst=1608062484969&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f7859af8fc13ece22bc912f4fa842b45834190ed47ca4f5e20421b318023d3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 966
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0243 0
45 B 133ms
133ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssr8pFRa_AnXzAZtdO21qXvcBIJGGj5k4-StDPvsEjNS8A6rNEs2So6HlwCJQlPRtjlFvgwUokSHvTP7xP22885hue3XuxN9vjMCEsDBkEOf1BBh-fPZHKpPkt3MxwZVVwdZaAXOCz3RfKSSULFx_hczOTV6pt2ydFHEUo8vUimVFoeVWhtT2Ol2JIxkArg6oahVntZX9e6gCf_oxsgghABi-SGr1prT-TO3bRz5785ZR7_993jOb57-xkv8QGPLWQOE1QGxkCZPy8&sig=Cg0ArKJSzPiYCIkysO3zEAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Dec 2020 20:01:25 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0243 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 744393e80c78dd4e70cb70e59a68c70f97a2187860b60b7341b9387000fff146

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 3D0E 46 KB
13 KB 857ms
289ms Script
application/javascript 34.250.51.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234082439&pubOrder=305536031&cb=485181901&custom=homepage&custom3=168400391&adsafe_par&impId=4f19a82d-3f10-11eb-8b24-0ab32f77e5b0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.51.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ba04250e6d9b1301404ef662c4b3b3b775c79db69479275ff76982e6fef4f4c9

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:25 GMT
content-encoding: gzip
x-server-name: app40.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
DATA 200
OK truncated
/ Frame 40DD 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e076b42302f182786db609cbe4cb7ddd35daec225b10425ec75eaaa64bff35a

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame B8EB 46 KB
13 KB 905ms
347ms Script
application/javascript 34.250.51.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025461&pubOrder=305536031&cb=456819254&custom=homepage&custom3=168400391&adsafe_par&impId=4f19a82e-3f10-11eb-8b24-0ab32f77e5b0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.51.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ae9d8c370d75d7c96a2e388575e68b5b821e4469d783d61667f5dbd8ed186868

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:25 GMT
content-encoding: gzip
x-server-name: app34.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 40DD 0
22 B 132ms
132ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst9zFXu9nsIKjHYH71LdxnrGsDw3yVa4lisAM4IlL8vE9CGZ1Ikirv1vW2FSIn0HcHH4eUTWCq4IHtjsrudu1qHGv4rLTpJaWGZwDEUXgIrAiyvdpxWyJxIryEBXidMjqSIt-yYOYo-HvTrwjbHfQc4QD12J_TewSihg-u-j13mAvDjv2Aoi1NCN7gS9P0ncJBJonVsd81MInzhh4UDy9vcBa2nLtWxiWGNhZ3dTH9G1_fSBz7xtTTRGFlKvJYN8maGgXCmC3YN3ds&sig=Cg0ArKJSzHKeT2KrRThcEAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Dec 2020 20:01:25 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK pixie
ib.adnxs.com/ Frame 600B 42 B
355 B 108ms
108ms Image
image/gif 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/pixie?e=PageView&pi=4332873b-84ca-4d4d-a575-ee974bcdf99a&it=1608062485108&v=0.0.15&u=https%3A%2F%2Fwww.heraldsun.com.au%2F&r=https%3A%2F%2Fwww.heraldsun.com.au%2F&st=1608062485108&et=1608062485109&if=1
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.14 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: nginx/1.17.9 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Dec 2020 20:01:26 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx/1.17.9
Connection: keep-alive
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 10.2.80.148:80
Content-Length: 42
Content-Type: image/gif

GET
H2 200 up
insight.adsrvr.org/track/ Frame B54C 0
0 1631ms
91ms Document
text/html 34.251.61.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.61.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-61-210.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

date: Tue, 15 Dec 2020 20:01:26 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 adsct Show response
analytics.twitter.com/i/ Frame F1F2 31 B
650 B 487ms
238ms Script
application/javascript 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o3flk&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 116
pragma: no-cache
last-modified: Tue, 15 Dec 2020 20:01:26 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 38a3005a86ad934b9a0ff7450d7e41aa
x-transaction: 0030640500a9af68
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 up
insight.adsrvr.org/track/ Frame 91EC 0
0 1566ms
93ms Document
text/html 34.251.61.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.61.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-61-210.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

date: Tue, 15 Dec 2020 20:01:26 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 main.gr.19.8.149.js Show response
static.adsafeprotected.com/ Frame 0AEA 176 KB
56 KB 42ms
18ms Script
application/javascript 2600:9000:2182:c400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.149.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025548&pubOrder=305536031&cb=1566836915&custom=homepage&custom3=168400391&adsafe_par&impId=4f19a82b-3f10-11eb-8b24-0ab32f77e5b0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:c400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eb4ce55125de2a93e2195c216683aaba6edfe2552ef028728a77129176b12da8

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 16:29:23 GMT
content-encoding: gzip
age: 531124
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 09 Dec 2020 16:13:56 GMT
server: AmazonS3
etag: W/"7a5b536396630d4384ea30d5372afce3"
vary: Accept-Encoding
x-amz-version-id: 9Jd5zGDFPA.mRZ.RWVPZ582SkXlqlHka
via: 1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: 9kwXipD8gnfJ-hsPUDPat_0nYHlLL8fzzK3pAl8UIgCwRgyzwy30CQ==

GET
H2 200 main.gr.19.8.149.js Show response
static.adsafeprotected.com/ Frame 1E98 176 KB
56 KB 15ms
14ms Script
application/javascript 2600:9000:2182:c400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.149.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092042&pubOrder=305536031&cb=1383567697&custom=homepage&custom3=168400391&adsafe_par&impId=4f19a82c-3f10-11eb-8b24-0ab32f77e5b0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:c400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eb4ce55125de2a93e2195c216683aaba6edfe2552ef028728a77129176b12da8

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 16:29:23 GMT
content-encoding: gzip
age: 531124
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 09 Dec 2020 16:13:56 GMT
server: AmazonS3
etag: W/"7a5b536396630d4384ea30d5372afce3"
vary: Accept-Encoding
x-amz-version-id: 9Jd5zGDFPA.mRZ.RWVPZ582SkXlqlHka
via: 1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: 0BQVdZUhhThbl9yu8s3ruiH4jHnm0G2L6raxdu11uBKoVQpDAE_4YQ==

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/ Frame 1486 2 KB
1 KB 126ms
125ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/?random=1608062485844&cv=9&fst=1608062485844&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&ig=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7ca4a4bf4ce4ca332df94fc72a763f2341472a50a5418e36d1dabeb754b5aba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1009
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.gr.19.8.149.js Show response
static.adsafeprotected.com/ Frame 3D0E 176 KB
56 KB 16ms
14ms Script
application/javascript 2600:9000:2182:c400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.149.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234082439&pubOrder=305536031&cb=485181901&custom=homepage&custom3=168400391&adsafe_par&impId=4f19a82d-3f10-11eb-8b24-0ab32f77e5b0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:c400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eb4ce55125de2a93e2195c216683aaba6edfe2552ef028728a77129176b12da8

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 16:29:23 GMT
content-encoding: gzip
age: 531124
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 09 Dec 2020 16:13:56 GMT
server: AmazonS3
etag: W/"7a5b536396630d4384ea30d5372afce3"
vary: Accept-Encoding
x-amz-version-id: 9Jd5zGDFPA.mRZ.RWVPZ582SkXlqlHka
via: 1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: 22MkM98kW6ZI_mIK0tXsY6q14BLw5LgMkI7ryHbSmRFXhpH3f0YOaQ==

GET
H2 200 main.gr.19.8.149.js Show response
static.adsafeprotected.com/ Frame B8EB 176 KB
56 KB 26ms
25ms Script
application/javascript 2600:9000:2182:c400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.149.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025461&pubOrder=305536031&cb=456819254&custom=homepage&custom3=168400391&adsafe_par&impId=4f19a82e-3f10-11eb-8b24-0ab32f77e5b0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:c400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eb4ce55125de2a93e2195c216683aaba6edfe2552ef028728a77129176b12da8

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 16:29:23 GMT
content-encoding: gzip
age: 531124
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 09 Dec 2020 16:13:56 GMT
server: AmazonS3
etag: W/"7a5b536396630d4384ea30d5372afce3"
vary: Accept-Encoding
x-amz-version-id: 9Jd5zGDFPA.mRZ.RWVPZ582SkXlqlHka
via: 1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: 1GUCNMAM10iUpjatqgTBPtE7U56T260wiX2IRvDLq_ahfXWUcVo9Hw==

GET
H2 200 main.gr.19.8.149.js Show response
static.adsafeprotected.com/ Frame A684 176 KB
56 KB 26ms
25ms Script
application/javascript 2600:9000:2182:c400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.149.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025551&pubOrder=305536031&cb=573688561&custom=homepage&custom3=168400391&adsafe_par&impId=4f19a82a-3f10-11eb-8b24-0ab32f77e5b0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:c400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eb4ce55125de2a93e2195c216683aaba6edfe2552ef028728a77129176b12da8

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 16:29:23 GMT
content-encoding: gzip
age: 531124
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 09 Dec 2020 16:13:56 GMT
server: AmazonS3
etag: W/"7a5b536396630d4384ea30d5372afce3"
vary: Accept-Encoding
x-amz-version-id: 9Jd5zGDFPA.mRZ.RWVPZ582SkXlqlHka
via: 1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: fP4hYdUwoVPQ_RUCftaRvc0Dq9fIb736m4LThTibAyMgdmbu4Sb9pQ==

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/ Frame DCC6 2 KB
1 KB 125ms
124ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/?random=1608062485940&cv=9&fst=1608062485940&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&ig=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1dd25034fe7e3773e681156029b6b3ad9c285e99f8c2feca3c695c6388ff66bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1009
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px.ads.linkedin.com/ Frame E02E
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&time=1608062485950
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252F%26time%3D1608062485...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&time=1608062485950&liSync=true

0
58 B

158ms
158ms

Image
application/javascript

2a05:f500:10:101::b93f:9105
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&time=1608062485950&liSync=true
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:26 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-efr5
content-type: application/javascript
content-length: 0
x-li-uuid: rYrFzU/8UBYQOVmGSSsAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-content-type-options: nosniff
linkedin-action: 1
content-length: 0
x-li-uuid: /mSlyU/8UBZgbmHl1SoAAA==
pragma: no-cache
x-li-pop: afd-prod-edc2
x-msedge-ref: Ref A: AC34328E34AD4AA2958B8C48D400125C Ref B: FRAEDGE0820 Ref C: 2020-12-15T20:01:26Z
x-frame-options: sameorigin
date: Tue, 15 Dec 2020 20:01:26 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=2592000
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&time=1608062485950&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 732B 0
45 B 118ms
117ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuwm9RZ3utnRwgcIspeOMowdEgxBIYceTEjRrj8eUq66r7QQBVt__094Jl2njuGo7NgP7qwQRmFrEVqc_MD4irtszLFIWTcwlDWax-J0yDp1JxYLgwyZMB_i_wtDfd7YttAPa2q8KTRx6YXR2ckr0GGHDO6E1qezYyEX05_QRr_Unh9E8f0aHYi_7rIqUjmmNlDn4so_D8IkutTaNwqO_mGljgZX3EA9FIorBXQOsSi2u0d7Etx6xJ7al-y4XsxXBbCp6dXAIEnun8&sig=Cg0ArKJSzKn8KG66JZ0jEAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Dec 2020 20:01:26 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame DFFA 0
22 B 121ms
121ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssHCYtc3KubGFheyFcjyhUVmOrlzB2E1Jfq_gHWoqEedSuTrZaMSe5CaS8OYKrj7tMtdSyL5DUkLlMunFAjm_QWRsFC6evtpvBGY8mwUvu85ON40KwhSP8Wa2-jDIIxRLjhZnca2Y_-50tDDdLEZWy5Zt3mMxZxi0e2bgbcW3l0JuJj1FEbHTgJSXfKLpTJCz0VTY_gxzFk9H39p1pEUCe6F5IQeQkTKcuJUCg2TnBlqfJh6-C72KAeVLuADMwHzO0O2mFwgLLsRu4&sig=Cg0ArKJSzJQqWzfacwomEAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Dec 2020 20:01:26 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 723C 0
22 B 121ms
121ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssg6_-6jq5CC0TjD8RADmLZ0wslwsp-EHVRPQiJA_28EPAGDCdTdM2dVJgo0K40_wZndHAytEny7LzANk5ZunOtQMbPjb_LBpsCtXcdEuAnGPNHD9Kp3LVOb2LH6Mjs8AIwDojJWqEuzojDZ3hGfP8ZoQ8TTBSpN1FleP8mCPYY-Qy82wQCPjLmPYR6eCVuTr4FWBAqb-BxGrLcWy-lsEtOPgJu8EWpX_MNDc8vehErGhsG_xQq_Nub3C-yGvUJPgOjU_z3Jivs8LQ&sig=Cg0ArKJSzITP-e-7mz8rEAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Dec 2020 20:01:26 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/859754747/ Frame 2E7D 42 B
292 B 19ms
19ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/859754747/?random=1608062484969&cv=9&fst=1608062400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=774767095&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/859754747/ Frame 2E7D 42 B
552 B 43ms
23ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/859754747/?random=1608062484969&cv=9&fst=1608062400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=774767095&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sca.17.4.114.js Show response
static.adsafeprotected.com/ Frame FD0F 81 KB
22 KB 14ms
13ms Script
application/javascript 2600:9000:2182:c400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.4.114.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:c400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 08:42:12 GMT
content-encoding: gzip
age: 9458354
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 13 Jan 2020 23:54:54 GMT
server: AmazonS3
etag: W/"e456dd0e5be3c2494dd734db6c5b965c"
vary: Accept-Encoding
x-amz-version-id: gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z
via: 1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: L-PE2S688oI9rTOPJwo7I0UO6_9VFpSyMX0PobxNpHifFSFTnHhEOQ==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 142ms
142ms Image
image/gif 34.250.51.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025461&pubOrder=305536031&cb=456819254&custom=homepage&custom3=168400391&adsafe_par&impId=4f19a82e-3f10-11eb-8b24-0ab32f77e5b0&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:97407386-ddb5-22f3-c548-073368888173,c:wZN0j4,sl:outOfView,em:true,fr:true,mn:app34ie,pt:1-5-15,wc:0.0.1600.1200,ac:800.2639.1.1,am:i,cc:800.2639.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:sjgSjqb+11|12|13|14|15|161|17|18|19|1a1|1b|1c1|1d1|1e|1f|1g|1h|1i1|1j1|1k1|1l1|1m*.10507|1m1|1n,idMap:1m*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:468,oid:4fd9753a-3f10-11eb-91cf-0696e6fc74a5,v:19.8.149,sp:1,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.51.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:26 GMT
x-server-name: app34.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 sca.17.4.114.js Show response
static.adsafeprotected.com/ Frame 978E 81 KB
22 KB 27ms
27ms Script
application/javascript 2600:9000:2182:c400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.4.114.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:c400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 08:42:12 GMT
content-encoding: gzip
age: 9458354
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 13 Jan 2020 23:54:54 GMT
server: AmazonS3
etag: W/"e456dd0e5be3c2494dd734db6c5b965c"
vary: Accept-Encoding
x-amz-version-id: gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z
via: 1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: BE3xg4zNhvjMzxuy1rZlCQbMwzLcpOvhSTYZBjUFNKM_aXbGar2otQ==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 140ms
140ms Image
image/gif 34.250.51.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025548&pubOrder=305536031&cb=1566836915&custom=homepage&custom3=168400391&adsafe_par&impId=4f19a82b-3f10-11eb-8b24-0ab32f77e5b0&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:c6525031-20a3-0b5b-ea04-70eb5e75efd1,c:wZN0jy,sl:outOfView,em:true,fr:true,mn:app31ie,pt:1-5-15,wc:0.0.1600.1200,ac:1273.484.1.1,am:i,cc:1273.484.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:sjgSjmX+11|12|13|14|15|161|17|18|19|1a1|1b|1c1|1d1|1e|1f|1g|1h|1i1|1j*.10507|1j1|1k1|1l1|1m1|1m2|1n,idMap:1j*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:698,oid:4fd94e0e-3f10-11eb-bbec-06cc0da90f4d,v:19.8.149,sp:1,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.51.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:26 GMT
x-server-name: app15.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 sca.17.4.114.js Show response
static.adsafeprotected.com/ Frame 7B7D 81 KB
22 KB 27ms
26ms Script
application/javascript 2600:9000:2182:c400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.4.114.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:c400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 08:42:12 GMT
content-encoding: gzip
age: 9458354
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 13 Jan 2020 23:54:54 GMT
server: AmazonS3
etag: W/"e456dd0e5be3c2494dd734db6c5b965c"
vary: Accept-Encoding
x-amz-version-id: gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z
via: 1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: e-kNZ_ndSlgDoOeBDPwfNza9_2hA9OLQAXdJNESJyUpav251Q2sPIQ==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 141ms
140ms Image
image/gif 34.250.51.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092042&pubOrder=305536031&cb=1383567697&custom=homepage&custom3=168400391&adsafe_par&impId=4f19a82c-3f10-11eb-8b24-0ab32f77e5b0&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:4ff70bb9-4565-3d07-5db3-39a684c7f41d,c:wZN0ku,sl:outOfView,em:true,fr:true,mn:app14ie,pt:1-5-15,wc:0.0.1600.1200,ac:1274.7770.1.1,am:i,cc:1274.7770.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:sjgSjoE+11|12|13|14|15|161|17|18|19|1a1|1b|1c1|1d1|1e|1f|1g|1h|1i1|1j1|1j2|1k*.10507|1k1|1l1|1m1|1m2|1n,idMap:1k*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:650,oid:4fd97571-3f10-11eb-abb2-02c390e9b11a,v:19.8.149,sp:1,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.51.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:26 GMT
x-server-name: app33.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 sca.17.4.114.js Show response
static.adsafeprotected.com/ Frame 44C1 81 KB
22 KB 45ms
45ms Script
application/javascript 2600:9000:2182:c400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.4.114.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:c400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 08:42:12 GMT
content-encoding: gzip
age: 9458354
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 13 Jan 2020 23:54:54 GMT
server: AmazonS3
etag: W/"e456dd0e5be3c2494dd734db6c5b965c"
vary: Accept-Encoding
x-amz-version-id: gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z
via: 1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: Fz6y-APiB-Kxgc0eyj9ndR6lyJokXHG1p9g8GwyreSvz8wrLhGZzjQ==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 144ms
144ms Image
image/gif 34.250.51.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=10x10|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234082439&pubOrder=305536031&cb=485181901&custom=homepage&custom3=168400391&adsafe_par&impId=4f19a82d-3f10-11eb-8b24-0ab32f77e5b0&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:8ee02947-657e-72c3-dbd5-98a3e1bf8db2,c:wZN0kM,sl:outOfView,em:true,fr:true,mn:app40ie,pt:1-5-15,wc:0.0.1600.1200,ac:795.8801.10.10,am:i,cc:795.8801.10.10,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:sjgSjpd+11|12|13|14|15|161|17|18|19|1a1|1b|1c1|1d1|1e|1f|1g|1h|1i1|1j1|1j2|1k1|1k2|1l*.10507|1l1|1m1|1m2|1n,idMap:1l*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:633,oid:4fd974e0-3f10-11eb-9dfc-0a3d107069a3,v:19.8.149,sp:1,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.51.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:26 GMT
x-server-name: app26.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 849ms
205ms Image
image/gif 34.233.208.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=97407386-ddb5-22f3-c548-073368888173&tv={c:wZN0lu,pingTime:-2,time:617,type:a,im:{sf:0,pom:1,prf:{beA:913,beZ:914,mfA:1354,cmA:1355,inA:1355,inZ:1361,prA:1361,prZ:1371,si:1381,poA:1381,poZ:1396,cmZ:1396,mfZ:1396,loA:1493,loZ:1496,ltA:1530,ltZ:1530}},sca:{dfp:{df:0}},env:{gca:false,cca:false,gca2:false},clog:[{piv:0,vs:o,r:r,w:1,h:1,t:467}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:617,n:0,pp:0,pm:0},slEvents:[{sl:o,t:466,wc:0.0.1600.1200,ac:800.2639.1.1,am:i,cc:800.2639.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[173~0],as:[173~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sjgSjmX+11|12|13|14|15|161|17|18|19|1a1|1b|1c1|1d1|1e|1f|1g|1h|1i1|1j.10507|1j1|1k.10507|1k1|1l.10507|1l1|1m*.10507|1m1|1n,idMap:1m*,rmeas:1,rend:0,renddet:IMG.us,slid:[google_ads_iframe_/5129/ndm.hwt/home_4,google_ads_iframe_/5129/ndm.hwt/home_4__container__,ad-block-728x90-2,newscorpau_ads-168],sinceFw:148,readyFired:true}&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.208.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:27 GMT
x-server-name: dt45.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 789ms
205ms Image
image/gif 34.233.208.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=c6525031-20a3-0b5b-ea04-70eb5e75efd1&tv={c:wZN0ly,pingTime:-2,time:821,type:a,im:{sf:0,pom:1,prf:{beA:804,beZ:806,mfA:1488,cmA:1488,inA:1488,inZ:1490,prA:1490,prZ:1495,si:1501,poA:1502,poZ:1535,cmZ:1535,mfZ:1535,loA:1594,loZ:1596,ltA:1625,ltZ:1625}},sca:{dfp:{df:0}},env:{gca:false,cca:false,gca2:false},clog:[{piv:0,vs:o,r:r,w:1,h:1,t:697}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:821,n:0,pp:0,pm:0},slEvents:[{sl:o,t:697,wc:0.0.1600.1200,ac:1273.484.1.1,am:i,cc:1273.484.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[137~0],as:[137~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sjgSjmX+11|12|13|14|15|161|17|18|19|1a1|1b|1c1|1d1|1e|1f|1g|1h|1i1|1j*.10507|1j1|1k.10507|1k1|1l.10507|1l1|1m.10507|1m1|1m2|1n,idMap:1j*,rmeas:1,rend:0,renddet:IMG.us,slid:[google_ads_iframe_/5129/ndm.hwt/home_1,google_ads_iframe_/5129/ndm.hwt/home_1__container__,ad-block-300x250-1,newscorpau_multi_collection-3],sinceFw:123,readyFired:true}&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.208.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:27 GMT
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 sca.17.4.114.js Show response
static.adsafeprotected.com/ Frame 38A3 81 KB
22 KB 42ms
42ms Script
application/javascript 2600:9000:2182:c400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.4.114.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:c400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 08:42:12 GMT
content-encoding: gzip
age: 9458354
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 13 Jan 2020 23:54:54 GMT
server: AmazonS3
etag: W/"e456dd0e5be3c2494dd734db6c5b965c"
vary: Accept-Encoding
x-amz-version-id: gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z
via: 1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: hsOv9MzYNqnmO6Xs5v1YuDRcusPwV3RLZHjNzoxX_lQ3o9l423jFsQ==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
215 B 155ms
155ms Image
image/gif 34.250.51.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025551&pubOrder=305536031&cb=573688561&custom=homepage&custom3=168400391&adsafe_par&impId=4f19a82a-3f10-11eb-8b24-0ab32f77e5b0&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:812c536e-4f5c-01e4-e3f9-828e372adf93,c:wZN0lQ,sl:outOfView,em:true,fr:true,mn:app41ie,pt:1-5-15,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:sjgSjqw+11|12|13|14|15|161|17|18|19|1a1|1b|1c1|1d1|1e|1f|1g|1h|1i*.10507|1i1|1j1|1j2|1k1|1k2|1l1|1l2|1m1|1m2|1n,idMap:1i*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:619,oid:4fd9c3b4-3f10-11eb-b894-0ae4aba8ea09,v:19.8.149,sp:1,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.51.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:26 GMT
x-server-name: app10.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 563ms
204ms Image
image/gif 34.233.208.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=4ff70bb9-4565-3d07-5db3-39a684c7f41d&tv={c:wZN0lX,pingTime:-2,time:741,type:a,im:{sf:0,pom:1,prf:{beA:853,beZ:854,mfA:1490,cmA:1490,inA:1490,inZ:1492,prA:1492,prZ:1497,si:1503,poA:1503,poZ:1509,cmZ:1509,mfZ:1509,loA:1559,loZ:1560,ltA:1594,ltZ:1594}},sca:{dfp:{df:0}},env:{gca:false,cca:false,gca2:false},clog:[{piv:0,vs:o,r:r,w:1,h:1,t:650}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:742,n:0,pp:0,pm:0},slEvents:[{sl:o,t:650,wc:0.0.1600.1200,ac:1274.7770.1.1,am:i,cc:1274.7770.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[104~0],as:[104~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sjgSjmX+11|12|13|14|15|161|17|18|19|1a1|1b|1c1|1d1|1e|1f|1g|1h|1i1|1j.10507|1j1|1j2|1k*.10507|1k1|1l.10507|1l1|1m1|1m2|1n,idMap:1k*,rmeas:1,rend:0,renddet:IMG.us,slid:[google_ads_iframe_/5129/ndm.hwt/home_2,google_ads_iframe_/5129/ndm.hwt/home_2__container__,ad-block-300x250-2,newscorpau_ads-19,group_3_col-22],sinceFw:91,readyFired:true}&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.208.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:27 GMT
x-server-name: dt34.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 213ms
211ms Image
image/gif 34.233.208.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=8ee02947-657e-72c3-dbd5-98a3e1bf8db2&tv={c:wZN0lZ,pingTime:-2,time:709,type:a,im:{sf:0,pom:1,prf:{beA:863,beZ:865,mfA:1485,cmA:1486,inA:1486,inZ:1488,prA:1488,prZ:1493,si:1496,poA:1496,poZ:1501,cmZ:1501,mfZ:1501,loA:1538,loZ:1539,ltA:1571,ltZ:1571}},sca:{dfp:{df:0}},env:{gca:false,cca:false,gca2:false},clog:[{piv:0,vs:o,r:r,w:10,h:10,t:633}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:709,n:0,pp:0,pm:0},slEvents:[{sl:o,t:633,wc:0.0.1600.1200,ac:795.8801.10.10,am:i,cc:795.8801.10.10,piv:0,obst:0,th:0,reas:r,bkn:{piv:[86~0],as:[86~10.10]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sjgSjmX+11|12|13|14|15|161|17|18|19|1a1|1b|1c1|1d1|1e|1f|1g|1h|1i1|1j.10507|1j1|1j2|1k.10507|1k1|1k2|1l*.10507|1l1|1m1|1m2|1n,idMap:1l*,rmeas:1,rend:0,renddet:IMG.us,slid:[google_ads_iframe_/5129/ndm.hwt/home_3,google_ads_iframe_/5129/ndm.hwt/home_3__container__,ad-block-1000x50-1],sinceFw:75,readyFired:true}&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.208.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:27 GMT
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/820018408/ Frame DCC6 42 B
66 B 21ms
20ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/820018408/?random=1608062485940&cv=9&fst=1608062400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=3980821869&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/820018408/ Frame DCC6 42 B
66 B 51ms
36ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/820018408/?random=1608062485940&cv=9&fst=1608062400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=3980821869&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/707564276/ Frame 1486 42 B
66 B 20ms
20ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/707564276/?random=1608062485844&cv=9&fst=1608062400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=1562338084&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/707564276/ Frame 1486 42 B
530 B 48ms
35ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/707564276/?random=1608062485844&cv=9&fst=1608062400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=1562338084&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 214ms
212ms Image
image/gif 34.233.208.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=812c536e-4f5c-01e4-e3f9-828e372adf93&tv={c:wZN0my,pingTime:-2,time:662,type:a,im:{sf:0,pom:1,prf:{beA:1006,beZ:1007,mfA:1612,cmA:1613,inA:1613,inZ:1614,prA:1614,prZ:1620,si:1625,poA:1625,poZ:1630,cmZ:1630,mfZ:1630,loA:1650,loZ:1652,ltA:1667,ltZ:1667}},sca:{dfp:{df:0}},env:{gca:false,cca:false,gca2:false},clog:[{piv:0,vs:o,r:r,w:1,h:1,t:618}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:662,n:0,pp:0,pm:0},slEvents:[{sl:o,t:618,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[55~0],as:[55~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sjgSjqw+11|12|13|14|15|161|17|18|19|1a1|1b|1c1|1d1|1e|1f|1g|1h|1i*.10507|1i1|1j1|1j2|1k1|1k2|1l1|1l2|1m1|1m2|1n,idMap:1i*,rmeas:1,rend:0,renddet:IMG.us,slid:[google_ads_iframe_/5129/ndm.hwt/home_0,google_ads_iframe_/5129/ndm.hwt/home_0__container__,ad-block-728x90-1],sinceFw:42,readyFired:true}&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.208.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:27 GMT
x-server-name: dt03.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 211ms
209ms Image
image/gif 34.233.208.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=97407386-ddb5-22f3-c548-073368888173&tv={c:wZN0nL,time:758,type:e,env:{ar:self.0},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:758,n:0,pp:0,pm:0},slEvents:[{sl:o,t:466,wc:0.0.1600.1200,ac:800.2639.1.1,am:i,cc:800.2639.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[313~0],as:[313~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sjgSjmX+11|12|13|14|15|161|17|18|19|1a1|1b|1c1|1d1|1e|1f|1g|1h|1i.10507|1i1|1j.10507|1j1|1k.10507|1k1|1l.10507|1l1|1m*.10507|1m1|1n,idMap:1m*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.208.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:27 GMT
x-server-name: dt62.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 211ms
209ms Image
image/gif 34.233.208.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=c6525031-20a3-0b5b-ea04-70eb5e75efd1&tv={c:wZN0nM,time:959,type:e,env:{ar:self.0},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:959,n:0,pp:0,pm:0},slEvents:[{sl:o,t:697,wc:0.0.1600.1200,ac:1273.484.1.1,am:i,cc:1273.484.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[275~0],as:[275~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sjgSjmX+11|12|13|14|15|161|17|18|19|1a1|1b|1c1|1d1|1e|1f|1g|1h|1i.10507|1i1|1j*.10507|1j1|1k.10507|1k1|1l.10507|1l1|1m.10507|1m1|1m2|1n,idMap:1j*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.208.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:27 GMT
x-server-name: dt19.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 212ms
211ms Image
image/gif 34.233.208.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=4ff70bb9-4565-3d07-5db3-39a684c7f41d&tv={c:wZN0nR,time:859,type:e,env:{ar:self.0},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:859,n:0,pp:0,pm:0},slEvents:[{sl:o,t:650,wc:0.0.1600.1200,ac:1274.7770.1.1,am:i,cc:1274.7770.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[222~0],as:[222~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sjgSjmX+11|12|13|14|15|161|17|18|19|1a1|1b|1c1|1d1|1e|1f|1g|1h|1i.10507|1i1|1j.10507|1j1|1j2|1k*.10507|1k1|1l.10507|1l1|1m1|1m2|1n,idMap:1k*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.208.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:27 GMT
x-server-name: dt41.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 212ms
210ms Image
image/gif 34.233.208.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=8ee02947-657e-72c3-dbd5-98a3e1bf8db2&tv={c:wZN0nS,time:825,type:e,env:{ar:self.0},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:825,n:0,pp:0,pm:0},slEvents:[{sl:o,t:633,wc:0.0.1600.1200,ac:795.8801.10.10,am:i,cc:795.8801.10.10,piv:0,obst:0,th:0,reas:r,bkn:{piv:[203~0],as:[203~10.10]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sjgSjmX+11|12|13|14|15|161|17|18|19|1a1|1b|1c1|1d1|1e|1f|1g|1h|1i.10507|1i1|1j.10507|1j1|1j2|1k.10507|1k1|1k2|1l*.10507|1l1|1m1|1m2|1n,idMap:1l*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.208.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:27 GMT
x-server-name: dt46.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 219ms
217ms Image
image/gif 34.233.208.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=812c536e-4f5c-01e4-e3f9-828e372adf93&tv={c:wZN0nT,time:745,type:e,env:{ar:self.0},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:745,n:0,pp:0,pm:0},slEvents:[{sl:o,t:618,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[139~0],as:[139~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sjgSjqw+11|12|13|14|15|161|17|18|19|1a1|1b|1c1|1d1|1e|1f|1g|1h|1i*.10507|1i1|1j1|1j2|1k1|1k2|1l1|1l2|1m1|1m2|1n,idMap:1i*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.208.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:27 GMT
x-server-name: dt59.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 gn
secure-dcr.imrworldwide.com/cgi-bin/ 44 B
336 B 141ms
139ms Image
image/gif 52.214.20.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_b04_homepage_S&asn=homepage&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&devmodel=&manuf=&sysname=&sysversion=&sessionId=sib0l9rkp1i1mvsnif33yna8htspn1608062484&prv=1&c6=vc,b04&ca=NA&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&c32=segA,NA&c33=segB,NA&c34=segC,DSK-OTT-WinPhn-OtherBrowser&c15=apn,heraldsun&sup=0&segment2=&segment1=&forward=1&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,l0bxx7b9kxr5letzku2zvnuxnde4b1608062484&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16080624840662752&c30=bldv,6.0.0.563&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&devtypid=&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1608062483740&c3=st,c&c64=starttm,1608062486&adid=1608062483740&c58=isLive,false&c59=sesid,&c61=createtm,1608062486&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&c66=mediaurl,&c62=sendTime,1608062486&rnd=746860
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.20.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-20-184.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:27 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 217ms
215ms Image
image/gif 34.233.208.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=97407386-ddb5-22f3-c548-073368888173&tv={c:wZN0qO,pingTime:-10,time:947,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.4.114v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200222002220222202,sd:MTcuNC4xMTR2MTIwMHx8MTYwMHx8MXx8MXx8MjR8fDEyMDB8fDB8fDB8fDF8fGxhbmRzY2FwZS1wcmltYXJ5fHwyNHx8NC8zfHw0LzN8fDB8fDE2MDA-,no:MTcuNC4xMTR2TW96aWxsYXx8TmV0c2NhcGV8fG58fDE2fHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTYwfHxNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODMuMC40MTAzLjYxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,asp:1608062486853||8544364ce6a8cc0c3e19b2672e7e50ca||71ff54ebddb1e090fbf173d96e2342c8||4d69436fc8dbbc657145194039b69736||26a0278e55f63ad215096de6dcab4c65||b41ce4838c80e2b16263cfdf4cdd8c81||762863538a6766b6bcbaf8e6f28f0c96||606fbae8a5bcdf8fe8f3f3fa9f940a9a||1576000828}
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.208.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:27 GMT
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 208ms
207ms Image
image/gif 34.233.208.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=8ee02947-657e-72c3-dbd5-98a3e1bf8db2&tv={c:wZN0w9,pingTime:-10,time:1338,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.4.114v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200222002220222202,sd:MTcuNC4xMTR2MTIwMHx8MTYwMHx8MXx8MXx8MjR8fDEyMDB8fDB8fDB8fDF8fGxhbmRzY2FwZS1wcmltYXJ5fHwyNHx8NC8zfHw0LzN8fDB8fDE2MDA-,no:MTcuNC4xMTR2TW96aWxsYXx8TmV0c2NhcGV8fG58fDE2fHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTYwfHxNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODMuMC40MTAzLjYxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,asp:1608062486853||8544364ce6a8cc0c3e19b2672e7e50ca||71ff54ebddb1e090fbf173d96e2342c8||4d69436fc8dbbc657145194039b69736||26a0278e55f63ad215096de6dcab4c65||b41ce4838c80e2b16263cfdf4cdd8c81||762863538a6766b6bcbaf8e6f28f0c96||606fbae8a5bcdf8fe8f3f3fa9f940a9a||1576000828,sca:{spg:97407386-ddb5-22f3-c548-073368888173}}
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.208.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:27 GMT
x-server-name: dt62.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 205ms
205ms Image
image/gif 34.233.208.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=4ff70bb9-4565-3d07-5db3-39a684c7f41d&tv={c:wZN0xo,pingTime:-10,time:1450,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.4.114v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200222002220222202,sd:MTcuNC4xMTR2MTIwMHx8MTYwMHx8MXx8MXx8MjR8fDEyMDB8fDB8fDB8fDF8fGxhbmRzY2FwZS1wcmltYXJ5fHwyNHx8NC8zfHw0LzN8fDB8fDE2MDA-,no:MTcuNC4xMTR2TW96aWxsYXx8TmV0c2NhcGV8fG58fDE2fHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTYwfHxNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODMuMC40MTAzLjYxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,asp:1608062486853||8544364ce6a8cc0c3e19b2672e7e50ca||71ff54ebddb1e090fbf173d96e2342c8||4d69436fc8dbbc657145194039b69736||26a0278e55f63ad215096de6dcab4c65||b41ce4838c80e2b16263cfdf4cdd8c81||762863538a6766b6bcbaf8e6f28f0c96||606fbae8a5bcdf8fe8f3f3fa9f940a9a||1576000828,sca:{spg:97407386-ddb5-22f3-c548-073368888173}}
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.208.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:27 GMT
x-server-name: dt15.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 37ms
18ms XHR
application/json 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020120801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fe49c17914409caa0f5f60cfe1f4e0be42d809184ca369526a68814cfb580df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Dec 2020 20:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0

GET
H2 200 bb0a7a64db37da7fe4b81526730eac50
content.api.news/v3/images/bin/ 4 KB
4 KB 194ms
193ms Image
image/jpeg 104.75.88.116
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/bb0a7a64db37da7fe4b81526730eac50?width=150
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.116 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-116.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 6046d093577dcb97486df8d383ce88f3240ec1cedf6bc53b4f12918538f96c8f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: bb0a7a64db37da7fe4b81526730eac50
date: Tue, 15 Dec 2020 20:01:27 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 1b43cb7670a8875a2593a5a0cc3df73a-bb0a7a64db37da7fe4b81526730eac50-150
x-serial: 574
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5178767
last-modified: Tue, 15 Dec 2020 18:35:04 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 3713
expires: Sat, 13 Feb 2021 18:34:14 GMT

GET
H2 200 5ed57548f2344f4466197f4c73c1fcd6
content.api.news/v3/images/bin/ 4 KB
4 KB 1370ms
1369ms Image
image/jpeg 104.75.88.116
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/5ed57548f2344f4466197f4c73c1fcd6?width=150
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.116 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-116.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 8126d782271c43730cac45b2885c0aaaf13b2c37be7eecb615ab5a0f78200fd8

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: 5ed57548f2344f4466197f4c73c1fcd6
date: Tue, 15 Dec 2020 20:01:28 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: c239d84fcb874b8989fd16a4864bbf5e-5ed57548f2344f4466197f4c73c1fcd6-150
x-serial: 702
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5051890
last-modified: Tue, 15 Dec 2020 03:11:05 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 4021
expires: Fri, 12 Feb 2021 07:19:38 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Tue, 15 Dec 2020 20:01:27 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 170ms
170ms Image
image/gif 34.233.208.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=c6525031-20a3-0b5b-ea04-70eb5e75efd1&tv={c:wZN0DO,time:1953,type:e,env:{nr_p:1,nr_publ1:1,nr_grpm1:1},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:1953,n:0,pp:0,pm:0},slEvents:[{sl:o,t:697,wc:0.0.1600.1200,ac:1273.484.1.1,am:i,cc:1273.484.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[1268~0],as:[1268~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:925,fm:sjgSjmX+11|12|13|14|15|161|17|18|19|1a1|1b|1c1|1d1|1e|1f|1g|1h|1i.10507|1i1|1j*.10507|1j1|1k.10507|1k1|1l.10507|1l1|1m.10507|1m1|1m2|1n,idMap:1j*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.208.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:27 GMT
x-server-name: dt65.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame D4E9 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Tue, 15 Dec 2020 19:35:58 GMT
expires: Wed, 15 Dec 2021 19:35:58 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1529
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 160ms
160ms Image
image/gif 34.233.208.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=c6525031-20a3-0b5b-ea04-70eb5e75efd1&tv={c:wZN0EC,pingTime:-10,time:2003,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.4.114v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200222002220222202,sd:MTcuNC4xMTR2MTIwMHx8MTYwMHx8MXx8MXx8MjR8fDEyMDB8fDB8fDB8fDF8fGxhbmRzY2FwZS1wcmltYXJ5fHwyNHx8NC8zfHw0LzN8fDB8fDE2MDA-,no:MTcuNC4xMTR2TW96aWxsYXx8TmV0c2NhcGV8fG58fDE2fHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTYwfHxNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODMuMC40MTAzLjYxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,asp:1608062486853||8544364ce6a8cc0c3e19b2672e7e50ca||71ff54ebddb1e090fbf173d96e2342c8||4d69436fc8dbbc657145194039b69736||26a0278e55f63ad215096de6dcab4c65||b41ce4838c80e2b16263cfdf4cdd8c81||762863538a6766b6bcbaf8e6f28f0c96||606fbae8a5bcdf8fe8f3f3fa9f940a9a||1576000828,sca:{spg:97407386-ddb5-22f3-c548-073368888173}}
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.208.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:27 GMT
x-server-name: dt32.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 147ms
147ms Image
image/gif 34.233.208.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=812c536e-4f5c-01e4-e3f9-828e372adf93&tv={c:wZN0F2,time:1808,type:e,env:{nr_p:1,nr_publ1:1,nr_grpm1:1},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:1808,n:0,pp:0,pm:0},slEvents:[{sl:o,t:618,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[1201~0],as:[1201~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:923,fm:sjgSjqw+11|12|13|14|15|161|17|18|19|1a1|1b|1c1|1d1|1e|1f|1g|1h|1i*.10507|1i1|1j1|1j2|1k1|1k2|1l1|1l2|1m1|1m2|1n,idMap:1i*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.208.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:27 GMT
x-server-name: dt54.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 1867e75d1b5be9892366dbe31bd4f9a6
content.api.news/v3/images/bin/ 4 KB
5 KB 107ms
106ms Image
image/jpeg 104.75.88.116
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/1867e75d1b5be9892366dbe31bd4f9a6?width=150
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.116 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-116.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 7ead2ffbd903e0c7811f7451009ace1f6e4ab05855aea1a0fe9f861e0c4df992

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: 1867e75d1b5be9892366dbe31bd4f9a6
date: Tue, 15 Dec 2020 20:01:27 GMT
last-modified: Tue, 15 Dec 2020 06:44:12 GMT
server: Akamai Image Manager
etag: 00a56ac878ff75ee1456f72508f44b1f-1867e75d1b5be9892366dbe31bd4f9a6-150
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5136070
access-control-allow-headers: x-newsapi-api-key
content-length: 4421
expires: Sat, 13 Feb 2021 06:42:37 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
533 B 41ms
40ms Image
image/gif 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020120801&jk=1340128692438989&bg=!CgmlCSnNAAXKjztBylgi6MKHYfGGvAIAAABaUgAAAAxoAQcKAUCEDym266aQMA8XBrYKr8FEFIxgPmWsz-7tud8F7tE_cfCIU9Qiwwe3aMrU6LAUbutKHquyNHwV2s8bazTZ24Oriqs5mq2HlI5lOnLjnj0Vc9PbcCvyAfkFhA8ig0gupdLPk2kCnPBsSXP3bjKCBpeqd6SgdocfV0gRtSp0-dg-Y1mZPOefYqQprMTPCVlHS19pjknMjgtWJkLg2uqGC_rMAPZThwoA0gP6w-HZIh7nSX3UPTI1wmEi3R7uzUjvnF4spWtcX-nEvPkFmlt0yJDg6yfv86xMvkvC0oYk8IM_JW8VLqz5_tyYIbICe-J4tcY6dYTkzNqbgvDeXYP3ZGSZvrL7Gc_IlSW4crVyMGtrcKCgYi578xwGrLeG-r7-e2FFb4dH0nCyFNwRb_KChwRfzoz06WV1f8gOeaoEW07pNJkBvW95l9oDk4Mx5X0rvGKDWq4NKYWj6xtkiigYrWAGbkoRSLcvPV_TWSiXcZ-P7U5r32Dt8YN124yui8_Fh_RAFnbWJQr27WItK3yR_DUDhwyJx44WQQxNOLAc-Mi54M8211iPpEKQvnUp1kFByvcP0sMpvlrs74sXfjxPCxctq53UzeDviLmz4bgtZgERjbD6_i4uT3bPgG4ffY6VF_ZJwFTlhVueypJ2ms5k9jXKgJc2sRLegvNwXRMCJt6OSsJYxWqGx2LuNP59_3jOGX_W1A2xtCgmdBlnuLGoeELG1r0d3E05a1hRq6iMvLUgCmBfob__k84Ic773XSEVTyaQGcNYtSBdu_PmwvHIYdDcffFSD0bHED6NTs1s8dEmIJvWSSHuG0JkP2CBxJJPnaLKVKtBhwPcjprHMHFdXFH_oX_vQNtsm-nmsfgJnnu3HmS1VRYDyYlrR5Yre8zy8K5HmJhwunuIBiJcr6RR7gz9mWNSOXPssebonTco29Wn-3cN3syxGiYbuhbWb7pFJSQed9-b4mVb2Pzqn1e0l4LJ9Y_dOihQuKJlGqxShA7sEEfyGhsHQrvlzw5LViPuc4E

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 172ms
171ms Image
image/gif 34.233.208.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=812c536e-4f5c-01e4-e3f9-828e372adf93&tv={c:wZN0GK,pingTime:-10,time:1914,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.4.114v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200222002220222202,sd:MTcuNC4xMTR2MTIwMHx8MTYwMHx8MXx8MXx8MjR8fDEyMDB8fDB8fDB8fDF8fGxhbmRzY2FwZS1wcmltYXJ5fHwyNHx8NC8zfHw0LzN8fDB8fDE2MDA-,no:MTcuNC4xMTR2TW96aWxsYXx8TmV0c2NhcGV8fG58fDE2fHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTYwfHxNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODMuMC40MTAzLjYxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,asp:1608062486853||8544364ce6a8cc0c3e19b2672e7e50ca||71ff54ebddb1e090fbf173d96e2342c8||4d69436fc8dbbc657145194039b69736||26a0278e55f63ad215096de6dcab4c65||b41ce4838c80e2b16263cfdf4cdd8c81||762863538a6766b6bcbaf8e6f28f0c96||606fbae8a5bcdf8fe8f3f3fa9f940a9a||1576000828,sca:{spg:97407386-ddb5-22f3-c548-073368888173}}
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.208.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:27 GMT
x-server-name: dt65.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 211ms
211ms Image
image/gif 34.233.208.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=c6525031-20a3-0b5b-ea04-70eb5e75efd1&tv={c:wZN1Gk,time:5953,type:e,env:{nr_p:5},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:5953,n:0,pp:0,pm:0},slEvents:[{sl:o,t:697,wc:0.0.1600.1200,ac:1273.484.1.1,am:i,cc:1273.484.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[5268~0],as:[5268~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:161,fm:sjgSjmX+11|12|13|14|15|161|17|18|19|1a1|1b|1c1|1d1|1e|1f|1g|1h|1i.10507|1i1|1j*.10507|1j1|1k.10507|1k1|1l.10507|1l1|1m.10507|1m1|1m2|1n,idMap:1j*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.208.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:31 GMT
x-server-name: dt39.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 232ms
232ms Image
image/gif 34.233.208.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=812c536e-4f5c-01e4-e3f9-828e372adf93&tv={c:wZN1Hk,time:5794,type:e,env:{nr_p:5},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:5794,n:0,pp:0,pm:0},slEvents:[{sl:o,t:618,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[5187~0],as:[5187~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:174,fm:sjgSjqw+11|12|13|14|15|161|17|18|19|1a1|1b|1c1|1d1|1e|1f|1g|1h|1i*.10507|1i1|1j1|1j2|1k1|1k2|1l1|1l2|1m1|1m2|1n,idMap:1i*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.208.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:31 GMT
x-server-name: dt41.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 214ms
214ms Image
image/gif 3.232.164.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2F&u=BxyHKHDR0-jNChWYZc&d=heraldsun.com.au&g=36976&g0=home%2Chomepage%2Cno_video&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=9485&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=11972&t=WlZ3hB87O9JDN0fs4NtJvgIUnDl&V=121&tz=-60&_acct=anon&sn=2&sv=CKXI7g87DQZClaTrO3mDV_BUuRV-&sd=1&im=06030402&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.232.164.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 20:01:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: heraldsun.digitaleditions.com.au
URL: http://heraldsun.digitaleditions.com.au/

Verdicts & Comments Add Verdict or Comment

286 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 00:02:38	Name: IDE Value: AHWqTUn3oTe9mCCSv7vIaEkjHIkZKjE6GKuSjW3DW3-oQYAyNNQugaBwu5CB7aX3
www.heraldsun.com.au/	1970-01-19 14:51:07	Name: AWSALB Value: kVDvNoXWNe0BF5I2bkg2wklyhpEzKCV3usMDH3Lhe+mukd1nKFJrnIuraTqjfO9reV0YBkdm9dyuaCOZ3n7V3DeruKWIUAtf+QRa3sgBqWc3JoVV5cAcp1UrxFnB
.demdex.net/	1970-01-19 19:00:14	Name: dextp Value: 461447-1-1608062485209\|129099-1-1608062485262
.adsrvr.org/	1970-01-19 23:26:38	Name: TDID Value: 09be5a57-f7be-4a66-a3f8-73785b90352c
.imrworldwide.com/	1970-01-20 00:02:38	Name: IMRID Value: 4fa7b670-3f10-11eb-af04-574878b6f521
.imrworldwide.com/	1970-01-20 00:02:38	Name: SSCVER Value: v1
.heraldsun.com.au/	1969-12-31 23:59:59	Name: tp Value: 9485
.adsrvr.org/	1970-01-19 23:26:38	Name: TDCPM Value: CAEYBSABKAIyCwjClIL83c-QORAFOAE.
.demdex.net/	1970-01-19 19:00:14	Name: demdex Value: 58555027313566200433690474862434481875
.heraldsun.com.au/	1969-12-31 23:59:59	Name: n_regis Value: 123456789
.doubleclick.net/	1970-01-19 23:26:38	Name: RUL Value: EJas5P4FGJaT6Y0GIi8BNmGQ43zoyLuIxDCHegY11067I_lpSuy1bb5tyAmMa32j2pGugIe76dG75F7wEA\|cs=AP6Md-XvDYujMhxlIItfseMZjYFZ
.heraldsun.com.au/	1969-12-31 23:59:59	Name: s_ppv Value: hs%257Chome%257Chomepage%257Chomepage%2C13%2C13%2C1200
www.heraldsun.com.au/	1970-01-19 14:51:07	Name: AWSALBCORS Value: kVDvNoXWNe0BF5I2bkg2wklyhpEzKCV3usMDH3Lhe+mukd1nKFJrnIuraTqjfO9reV0YBkdm9dyuaCOZ3n7V3DeruKWIUAtf+QRa3sgBqWc3JoVV5cAcp1UrxFnB

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.taboola.com/libtrc/impl.20201214-6-RELEASE.js(Line 3) Message: Exit TRCRBox.loadScriptCallback(retry=0): no items in response - thumbnails-midrail-native
console-api	log	URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js(Line 18) Message: UTRACK loaded (from tealium)
console-api	log	URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js(Line 3) Message: vidora-client 1.3.3 68d5ea1ec45c96bafd89f1a57b8aa2345fbf87f3
console-api	log	URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js(Line 1) Message: %c Vidora API finished initializing! background: #222; color: #b9da52
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.4.114.js(Line 32) Message: a: 0.0009765625 ms

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

55ae6dbe066050f3c3f342566fa11ce0.safeframe.googlesyndication.com
8228261.fls.doubleclick.net
acdn.adnxs.com
ad.doubleclick.net
ads.creative-serving.com
adservice.google.com
adservice.google.nl
analytics.twitter.com
assets.vidora.com
au-gmtdmp.mookie1.com
au.tags.newscgp.com
bh.contextweb.com
bs.serving-sys.com
bttrack.com
cdn-gl.imrworldwide.com
cdn.adsafeprotected.com
cdn.speedcurve.com
cdn.taboola.com
cds.taboola.com
ce.lijit.com
cm.everesttech.net
cm.g.doubleclick.net
content.api.news
dis.criteo.com
dpm.demdex.net
dsp.adkernel.com
dt.adsafeprotected.com
e1.emxdgt.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
heraldsun.digitaleditions.com.au
ib.adnxs.com
ice.360yield.com
id5-sync.com
insight.adsrvr.org
js.adsrvr.org
login.newscorpaustralia.com
match.adsrvr.org
match.taboola.com
metrics.heraldsun.com.au
mhr.talk.news.com.au
news-networkeditorial.s3-ap-southeast-2.amazonaws.com
newscorpau.demdex.net
origin.go.heraldsun.com.au
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.adsafeprotected.com
pixel.rubiconproject.com
pixel.tapad.com
px.ads.linkedin.com
resourcesssl.newscdn.com.au
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
s.c.appier.net
s1.rui.au.reastatic.net
s3-ap-southeast-2.amazonaws.com
sb.scorecardresearch.com
script.hotjar.com
seccdn-gl.imrworldwide.com
secure-dcr.imrworldwide.com
secure-ds.serving-sys.com
secure-gl.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
snap.licdn.com
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
static.hotjar.com
sync-t1.taboola.com
sync.crwdcntrl.net
sync.taboola.com
t.co
tags.news.com.au
tags.tiqcdn.com
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
ts2020-indies-client.web.app
uconnect.tealiumiq.com
use.fontawesome.com
vars.hotjar.com
widget.perfectmarket.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.heraldsun.com.au
www.heraldsun.news.com.au
www.linkedin.com
www.news.com.au
www.storygize.net
x.bidswitch.net
heraldsun.digitaleditions.com.au
104.244.42.195
104.244.42.197
104.75.88.116
104.75.88.206
104.79.88.36
13.225.80.120
13.226.155.55
141.226.224.32
141.226.228.48
15.237.76.117
151.101.113.108
151.101.113.181
151.101.113.44
151.101.114.217
151.101.12.157
151.101.13.44
151.101.65.195
172.105.199.172
172.217.18.2
172.217.22.2
172.217.22.6
172.217.23.98
174.137.133.49
178.250.0.163
18.192.172.94
18.195.155.181
18.196.214.144
185.33.221.14
185.64.189.110
185.86.138.142
192.132.33.46
198.148.27.140
2.16.186.40
216.58.208.38
23.111.9.35
23.37.53.17
23.37.61.47
23.43.114.245
2600:9000:206f:b800:4:77d:a0c0:93a1
2600:9000:2093:3a00:2:42d9:3100:93a1
2600:9000:2104:4600:1e:c291:240:93a1
2600:9000:2104:f200:18:1fcd:34e:d2a1
2600:9000:2182:c400:8:48e:53c0:93a1
2600:9000:21f3:5e00:1e:a43d:b640:93a1
2620:1ec:21::14
2a00:1450:4001:808::2008
2a00:1450:4001:814::2004
2a00:1450:4001:817::2003
2a00:1450:4001:81b::2002
2a00:1450:4001:81d::2001
2a00:1450:4001:825::2001
2a02:26f0:10c:58e::25ea
2a04:fa87:fffd::c000:42d0
2a05:f500:10:101::b93f:9105
3.121.49.210
3.121.66.166
3.232.164.179
34.233.208.188
34.249.128.36
34.250.51.184
34.251.61.210
35.161.43.127
35.227.202.26
35.227.248.159
51.195.5.40
52.214.20.184
52.57.77.12
52.84.50.90
52.95.132.126
52.95.134.31
54.216.86.107
54.230.55.228
69.173.144.138
72.251.249.9
82.199.68.72
92.122.106.155
99.80.128.92
99.81.11.244
99.86.7.20
0066f3ccac17485cc01c22a7d9ab1aeffb9b03bd0d3e778a981868b80e8187be
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
02f6334ab84d1d5aa554abe6d5f688814588478bfd9d0698f6ff414d6ff6831a
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06e9f93163cce0aa6698b5dbdd52d0ea860a91aa75e80d724051e67e6f0304f3
07a3eb8be1687dc1ee377d85bffd51891d0fd539258b63ab4031b012bd77f5fc
07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c
08052c2c99dd94a7e638999360264f21fd6ea6c6e7f0c9fbaf55e11cd4fe314f
08d947fb68ecdb4afd04c4f6a981249860bb7bf35fde3869331d972e8f88ad87
09494b789c55d639e0aabeffc59433963f0e8e766baba0fea88eae8a63c40ccd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d65919743905ca954e12255f116be6594f5c6ec20fab63ad2295ae71da41658
1136fd8d6ff6f21847aab9abfab903a5a0e2f26a6f621f34af563def44ceb81c
120be8f5d061203ea26fd4bd2043201d6f06a7fce30cd7104e01c5dfafb48cd7
19d658fae7d0104c29739f0a245735a995b1fbb6f840ab4b7c7d1f55dac3b346
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971
1dd25034fe7e3773e681156029b6b3ad9c285e99f8c2feca3c695c6388ff66bd
1e4304de1ea5e28de5aff0cbf0913047cfbac0fa64295e37068dd5307971c703
25f84ba9cc250146477c7911324680c4ea496e638d8fc38e197698b59180ddcd
27ad1c0be127da20f7b68c8e868d9a1fa6ade3308786d297a24a5651faa32a38
2a87453753b5611e7806718ec99a837dc8068d9eb20b4b6b3bb0d38ee2bd84d4
2fe49c17914409caa0f5f60cfe1f4e0be42d809184ca369526a68814cfb580df
338ad442ce49a764c366579658c0abb342c8192513168eb0aab49ffd111b4b43
3422a566d3586aa83e09fd661635fe9ebcf90f0f4824fdf3d42d6698662cbfcb
34d7e05910aac6f533cb31a9dffc4e37213c93c3b90a545b4f3bcedea3e6d03c
366511e5937957af7cf3e351417a86382e70c0f9ccfbe93fae436a12587d3daa
37839f90f9c430af4b063874e26d8986b8ceb01ebcdad7eedb4977c833116693
386895aeac76b1c5ff9b99ceaf1129828535748e9dd0ff241e8f595ca13b6afb
3883ff2a5b46193da5464f5ae5fb94169d1361cfecedbd187439d459dc669f31
38bba6edf1f5150a76307f4bb0c67a75615c074786885feaf18513d10687aef0
3a6722838646b533c42f31ecd9fe6f1b4e1cc328332dd661f4312de23a638cb6
3d46904b944d38dac0fe78cc6c3aad567ac826a9079ce9522147ef1c7feb158b
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
42aec9f93a5809f6726e93d7efde4678fbf63be61b52a317da7a4b2d133f2415
43ec631c14060e4d10a7fc3b6b96296f20e718d65fb51558370d41eda08a3ddc
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
4821d5b0ffb00e563d948d49c60afbfc7bb567e340f6e34ba4741f9a3e458b92
4a74783c0bb7bcbcfeae64e9d4b2f3dfb55df5899f6ecef63bca3b2063c1a566
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4f7859af8fc13ece22bc912f4fa842b45834190ed47ca4f5e20421b318023d3b
53c25ccb7181178c52c32fdf5e58a55d730bbfe8e45db600886adfb33d88411b
54138d578ed166d5381db70b3dd14a16830233553b6e4213402bae2fdb0564b4
560ff2564fbf2bef305cf0e9533c4db2671c96297d978fd31ac0310727fe455f
5b6656e316c03a551cbdeb95f1aed0acdffeb7b3ce743144573475dd3b8133fe
5b7e357f9ac086b6acfa35baae9fd7f1e09dc4e8d421f76369d49611886ec1a8
5e7b471a7b5dcd0107a7a7d6e057c7a6377f258a3bf28087ce83711e0ae4826a
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f02981bfcab6807a15ddfea1babc7cee05cd0f1f59abe712928de44fb6c1f0d
6046d093577dcb97486df8d383ce88f3240ec1cedf6bc53b4f12918538f96c8f
6312c236f2a15fbafa9ce8c42658708fc4403056acb9689aaae5e8d6fa346da2
631c6a3617e2f5860eaa62155f5200b6ca156c00438445f9862089ef785e4542
659ec8040006cf9459b685b4b3a63af02a8122f28ee8d2e00df257718e91fb1f
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
744393e80c78dd4e70cb70e59a68c70f97a2187860b60b7341b9387000fff146
74c56dc51ea7565e74edad1a94047924a3816e1c7d57ca913326e428af3a2f7d
751d3c6aaa3629df3f420185c654ce47ee59ac60d27f8b318b4ad9cf4a088d0d
75481bc06d1b02e50fd1cc921a7838e3af6caa9b8c0745b50182ebf29f195e20
7aa0de94f2a1424b10a2a72a14372c7ebd96a41a96cc86aff80bdd7e1f2a3782
7d30c304b532eefb574ab0b37a9c46d7e6cd847ed4c4a932abba999250626c2a
7eab82ead1480897c3dedd5c6b4ef4ec553efacdca1ce23c3acd6bd8e9621046
7ead2ffbd903e0c7811f7451009ace1f6e4ab05855aea1a0fe9f861e0c4df992
8126d782271c43730cac45b2885c0aaaf13b2c37be7eecb615ab5a0f78200fd8
83745d91266512d4c6766c97ebedb0a01c044da97cce822ff4af6eb3a3123312
8600099f7e30b15cb09a2746c608dec0944c9a031c8b4794010ab943f2a98522
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d10588aaf62cd5ed5f7214a97d66914ef0f80b2cfc5de7f08c067160a04d82b
8e076b42302f182786db609cbe4cb7ddd35daec225b10425ec75eaaa64bff35a
91998f86762c6801e681955069145c72b2ab0be30fa2808dd67ff49271ffde9e
9455ce59056c6ee4bba787e378ee4e1680c5dcf62d95bdae93de8abe6a8e405b
97a8b22437442465f82a4829cffd92194e57ea08d89ff2d34cd24a7877df8ba1
9c1a1fa3a8dac5e03623a57cd51a10ee5065df6a7336175b19fea04fc6cc3621
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3299c6c5ad5294a46cf078b52a676239ce2b8745c2baa92ec16fa634cbde1a5
a5637934865d2aa41b2cb550b37d4f57070028d026edcc4891dd0b52e4685ae5
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ac9beda0caea77f8433790621e206488234b7789204f247e5f11962f33c38c56
acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3
ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96
ae9d8c370d75d7c96a2e388575e68b5b821e4469d783d61667f5dbd8ed186868
b078acca5079cc43614182feddcc9f3a3d5c733eb382d596f1cfcb7eaa82f326
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2cb57515497d75f4345929ae896c87c21f27d609aed94fb83f857e5b96f9835
b3828bdc8ad17fcf8de3fc5ff15c8ebac5de01f4c19c491138426eacf21d4b37
b748ce6a5a5ea9c905bca2845dab6456c5232bead14b02fca00864562e98bfda
b764af95d9d52c77cae46fd77f6cff6380e1c56e2a72aad477cffa48417586e1
b7ca4a4bf4ce4ca332df94fc72a763f2341472a50a5418e36d1dabeb754b5aba
ba04250e6d9b1301404ef662c4b3b3b775c79db69479275ff76982e6fef4f4c9
bcbae4ba04442de51d06061a1a40872e3d7af82d29090aa9ca2d72fbdbeb9c96
be81ff2807633df188cd24c7f88668cc85cdb35b5b2b3c82ab273ccccb461b3e
befd4d99b6cb8649f107a5cd1fec1055d228bdc1c001493676bb87249e9b1040
c0655069beb80e832c054d2529725dcafb4a663d4a9c32e44cb90008cd67bcfb
c1c9310eb6a56101c2133db372cfbe9cefb5ff6b90a02ded916984c975b813b2
c500c193e1cc75c3e7398d1c1de12b6cc5d95bc115f4e43e166c903e0aa67d04
c6b30be9e2ecab19294bbf313c1b95df4ef35c8299bbabfd6e4ec67d95a12376
ce126fe1085d58b9a3e2f53906f2a4b4a9b9c295a75d9bf9772b4d5fe70546f3
cef718a0e010f9a07acbb967c0bf49ff1cb115a08eacd40e5bffcaab5ebb729c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d1a3bc73f51534788911fbc36f882cf5e8981830226e3b98d088519b9024aadc
d1bcc188f481bacf1d9ab4df424b1e041f10f45c85183d38bd2c079f0566dbda
d42605a78277db9f4d4b35ac625ec962a9698bd859d5341aa995ab195aa54d27
d59bb3ed1515ef903ce58fc46f805b9cef3581d3af4d5ba852ae59b2399d68f7
d5ba954163b526260314b95b75779981e8bc6645c4b3a7bd40cede3ba2799c80
d8eecac242b66125024559089a5085b56b8e5bf78bc9bb664480a72077c8d8ba
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0
dd9bf9053ea9538a93ac56b4c4dfe2a9ee8a345f8cef29ffd8bc820ddaafedf0
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
df9f327b5f87a3230f07980bc89cd2d1740f86efac49422c807f325c8d58d700
e04775740ec8b9db7622970f707a9bf458ebb5385fc1d6a414312447f8e71ab7
e1ec254792b6fe5cb168d2ce9cb1e35d15311d3b357b305a95cbfb12552477d0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596
eb4ce55125de2a93e2195c216683aaba6edfe2552ef028728a77129176b12da8
ebaf330ad588600b4b748410b4f77f3cd9c4abc18e3a240156bc6ac9814cf896
eccd35a63a7b80bbfd3a64bb7be75b327bf9292b7c603c8d31c0247962223819
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef024a5f6a6afe4d445fd60002ff33e71b80ca52cbaab97153e31ab62b40d379
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5fa8602198232e4f3704cf1dc886cb295af0f9906b0c9d63777b5f49852b84
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
f487dd5f3296946a50218dc22720a9ed1b777b3e1f793c9f8d434cf4ba27764a
f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d
f6f9b28ce46bc46d6dc12b7a3e09437e46b159144cf7ea835cfd4702cad05ad8
f75772cc182eeecd95e8887564f7d5b21bbd6c035b3d664ece5a6893071db987
f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2
fa3748e2366d5ba5f4a7b6c8154809725b6bfb7843743837384c70f060b33503

www.heraldsun.com.au Open in urlscan Pro 104.79.88.36 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

271 Requests

100 %HTTPS

20 %IPv6

60 Domains

95 Subdomains

65 IPs

9 Countries

5377 kBTransfer

8726 kBSize

13 Cookies

55 Outgoing links

Page URL History

Redirected requests

271 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.heraldsun.com.au Open in urlscan Pro
104.79.88.36 Public Scan

Screenshot
Live screenshot

Full Image

271
Requests

100 %
HTTPS

20 %
IPv6

60
Domains

95
Subdomains

65
IPs

9
Countries

5377 kB
Transfer

8726 kB
Size

13
Cookies

271 HTTP transactions
5 data transactions