www.heraldsun.com.au Open in urlscan Pro
104.79.88.36 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.heraldsun.news.com.au/common/story_page/0,5478,4859169%255e663,00.html
Effective URL:
https://www.heraldsun.com.au/?nk=7b33bdb693ee05575cb97324035c1442-1607487475
Submission: On December 09 via api (December 9th 2020, 4:18:20 am UTC) from CA

Summary HTTP 270 Redirects Links 55 Behaviour Indicators

Summary

This website contacted 69 IPs in 10 countries across 62 domains to perform 270 HTTP transactions. The main IP is 104.79.88.36, located in United States and belongs to AKAMAI-AS, US. The main domain is www.heraldsun.com.au.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on September 28th 2020. Valid for: a year.

This is the only time www.heraldsun.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2.21.242.219 2.21.242.219	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
19 70	104.79.88.36 104.79.88.36	16625 (AKAMAI-AS) (AKAMAI-AS)
1 8	104.79.88.147 104.79.88.147	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.114.217 151.101.114.217	54113 (FASTLY) (FASTLY)
8	199.232.57.44 199.232.57.44	54113 (FASTLY) (FASTLY)
2	2a04:fa87:fff... 2a04:fa87:fffd::c000:42d0	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2600:9000:206... 2600:9000:206f:c00:1e:c291:240:93a1	16509 (AMAZON-02) (AMAZON-02)
2	52.95.134.222 52.95.134.222	16509 (AMAZON-02) (AMAZON-02)
1	52.95.132.227 52.95.132.227	16509 (AMAZON-02) (AMAZON-02)
11	104.75.88.206 104.75.88.206	16625 (AKAMAI-AS) (AKAMAI-AS)
2	151.101.13.181 151.101.13.181	54113 (FASTLY) (FASTLY)
2 5	95.101.55.60 95.101.55.60	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
3	184.24.22.132 184.24.22.132	16625 (AKAMAI-AS) (AKAMAI-AS)
5	23.8.6.251 23.8.6.251	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.1.195 151.101.1.195	54113 (FASTLY) (FASTLY)
2 2	18.193.136.159 18.193.136.159	16509 (AMAZON-02) (AMAZON-02)
2 9	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
2	185.33.220.241 185.33.220.241	29990 (ASN-APPNEX) (ASN-APPNEX)
2 4	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1 20	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	52.209.120.242 52.209.120.242	16509 (AMAZON-02) (AMAZON-02)
1 2	216.52.2.19 216.52.2.19	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	35.161.43.127 35.161.43.127	16509 (AMAZON-02) (AMAZON-02)
1	199.187.193.192 199.187.193.192	47043 (SMARTADSE...) (SMARTADSERVER)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6 7	54.36.109.46 54.36.109.46	16276 (OVH) (OVH)
2 2	3.122.86.213 3.122.86.213	16509 (AMAZON-02) (AMAZON-02)
2 2	54.171.173.220 54.171.173.220	16509 (AMAZON-02) (AMAZON-02)
1 1	51.255.68.100 51.255.68.100	16276 (OVH) (OVH)
2 2	3.123.96.39 3.123.96.39	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1 1	172.105.220.23 172.105.220.23	63949 (LINODE-AP...) (LINODE-AP Linode)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
3 3	18.195.73.36 18.195.73.36	16509 (AMAZON-02) (AMAZON-02)
2 2	3.124.14.91 3.124.14.91	16509 (AMAZON-02) (AMAZON-02)
1	172.217.22.70 172.217.22.70	15169 (GOOGLE) (GOOGLE)
1	2600:9000:210... 2600:9000:2104:5800:18:1fcd:34e:d2a1	16509 (AMAZON-02) (AMAZON-02)
13	216.58.207.34 216.58.207.34	15169 (GOOGLE) (GOOGLE)
2 4	2600:9000:21f... 2600:9000:21f3:d200:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:21f... 2600:9000:21f3:7600:2:42d9:3100:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.35.254.127 13.35.254.127	16509 (AMAZON-02) (AMAZON-02)
2	184.31.90.174 184.31.90.174	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	65.9.73.87 65.9.73.87	16509 (AMAZON-02) (AMAZON-02)
1	18.192.172.94 18.192.172.94	16509 (AMAZON-02) (AMAZON-02)
1	13.225.80.85 13.225.80.85	16509 (AMAZON-02) (AMAZON-02)
1 4	52.49.226.218 52.49.226.218	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:206... 2600:9000:206f:c800:4:77d:a0c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.241.138.222 34.241.138.222	16509 (AMAZON-02) (AMAZON-02)
2	15.237.76.117 15.237.76.117	16509 (AMAZON-02) (AMAZON-02)
1 1	99.81.11.244 99.81.11.244	16509 (AMAZON-02) (AMAZON-02)
2	54.205.171.136 54.205.171.136	14618 (AMAZON-AES) (AMAZON-AES)
1	65.9.73.11 65.9.73.11	16509 (AMAZON-02) (AMAZON-02)
1	65.9.73.24 65.9.73.24	16509 (AMAZON-02) (AMAZON-02)
1	82.199.68.72 82.199.68.72	15830 (EQUINIX-C...) (EQUINIX-CONNECT-EMEA)
11	54.77.231.46 54.77.231.46	16509 (AMAZON-02) (AMAZON-02)
2	143.204.97.161 143.204.97.161	16509 (AMAZON-02) (AMAZON-02)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
2	2a02:26f0:6c0... 2a02:26f0:6c00:28c::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:818::2008	15169 (GOOGLE) (GOOGLE)
1	151.101.113.108 151.101.113.108	54113 (FASTLY) (FASTLY)
2 4	172.217.16.134 172.217.16.134	15169 (GOOGLE) (GOOGLE)
1	35.227.202.26 35.227.202.26	15169 (GOOGLE) (GOOGLE)
3 6	37.252.172.37 37.252.172.37	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:81a::2004	15169 (GOOGLE) (GOOGLE)
1 2	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:81a::2003	15169 (GOOGLE) (GOOGLE)
10	2600:9000:210... 2600:9000:2104:6200:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
19	104.244.36.20 104.244.36.20	7415 (ADSAFE-1) (ADSAFE-1)
2	34.251.61.210 34.251.61.210	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	54.194.243.3 54.194.243.3	16509 (AMAZON-02) (AMAZON-02)
270	69

1 2.21.242.219 (Netherlands) 1 redirects

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-21-242-219.deploy.static.akamaitechnologies.com

www.heraldsun.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

70 104.79.88.36 (United States) 19 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-88-36.deploy.static.akamaitechnologies.com

www.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.heraldsun.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
content.api.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mhr.talk.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.79.88.147 (United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-88-147.deploy.static.akamaitechnologies.com

tags.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.speedcurve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 199.232.57.44 (Windsor, United Kingdom)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:fa87:fffd::c000:42d0 (Ireland)

ASN2635 (AUTOMATTIC, US)

origin.go.heraldsun.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:c00:1e:c291:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

s1.rui.au.reastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.134.222 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-southeast-2.amazonaws.com

news-networkeditorial.s3-ap-southeast-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.95.132.227 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-2.amazonaws.com

s3-ap-southeast-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.75.88.206 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-206.deploy.static.akamaitechnologies.com

resourcesssl.newscdn.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.13.181 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

widget.perfectmarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.101.55.60 (Ascension Island) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-55-60.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.24.22.132 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-22-132.deploy.static.akamaitechnologies.com

login.newscorpaustralia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.8.6.251 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-8-6-251.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.195 (United States)

ASN54113 (FASTLY, US)

ts2020-indies-client.web.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.193.136.159 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-136-159.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 141.226.228.48 (Netherlands) 2 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.148.27.139 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.241 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.2 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:815::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.209.120.242 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.19 (United States) 1 redirects

ASN29791 (VOXEL-DOT-NET, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.161.43.127 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)

www.storygize.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.187.193.192 (Canada)

ASN47043 (SMARTADSERVER, CA)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (Garden City, United States)

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.36.109.46 (Germany) 6 redirects

ASN16276 (OVH, FR)
PTR: p01.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.86.213 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.171.173.220 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.255.68.100 (France) 1 redirects

ASN16276 (OVH, FR)

target.digitalaudience.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.123.96.39 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.105.220.23 (Japan) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1874-23.members.linode.com

s.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.195.73.36 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-73-36.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.14.91 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-14-91.eu-central-1.compute.amazonaws.com

prod.perf-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s17-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:5800:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 216.58.207.34 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s24-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:21f3:d200:1e:a43d:b640:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:21f3:7600:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
seccdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.254.127 (Seattle, United States)

ASN16509 (AMAZON-02, US)

au.tags.newscgp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.31.90.174 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a184-31-90-174.deploy.static.akamaitechnologies.com

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.73.87 (Seattle, United States)

ASN16509 (AMAZON-02, US)

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.192.172.94 (United States)

ASN16509 (AMAZON-02, US)

uconnect.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.80.85 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-85.fra2.r.cloudfront.net

cdn.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.49.226.218 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-226-218.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:c800:4:77d:a0c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.vidora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.241.138.222 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-138-222.eu-west-1.compute.amazonaws.com

newscorpau.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.237.76.117 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-76-117.eu-west-3.compute.amazonaws.com

metrics.heraldsun.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.11.244 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-11-244.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.205.171.136 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-171-136.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.73.11 (Seattle, United States)

ASN16509 (AMAZON-02, US)

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.73.24 (Seattle, United States)

ASN16509 (AMAZON-02, US)

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.199.68.72 (Netherlands)

ASN15830 (EQUINIX-CONNECT-EMEA, GB)

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 54.77.231.46 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-231-46.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.97.161 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-97-161.fra50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:28c::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:818::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.134 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f6.1e100.net

8228261.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.202.26 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 26.202.227.35.bc.googleusercontent.com

au-gmtdmp.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.172.37 (Ascension Island) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

6ca42657b4c020436cb93f8e3f6a9444.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:11:101::b93f:9005 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:2104:6200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 104.244.36.20 (United States)

ASN7415 (ADSAFE-1, US)
PTR: nyidt.adsafeprotected.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.251.61.210 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-61-210.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.243.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-243-3.eu-west-1.compute.amazonaws.com

secure-dcr.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	heraldsun.com.au 17 redirects www.heraldsun.com.au origin.go.heraldsun.com.au metrics.heraldsun.com.au	1 MB
41	adsafeprotected.com cdn.adsafeprotected.com pixel.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	773 KB
26	doubleclick.net 5 redirects cm.g.doubleclick.net ad.doubleclick.net securepubads.g.doubleclick.net googleads4.g.doubleclick.net 8228261.fls.doubleclick.net googleads.g.doubleclick.net	144 KB
24	googlesyndication.com pagead2.googlesyndication.com 6ca42657b4c020436cb93f8e3f6a9444.safeframe.googlesyndication.com tpc.googlesyndication.com	75 KB
19	taboola.com 2 redirects cdn.taboola.com trc.taboola.com sync.taboola.com match.taboola.com sync-t1.taboola.com cds.taboola.com trc-events.taboola.com	148 KB
14	api.news content.api.news	202 KB
12	news.com.au 4 redirects www.heraldsun.news.com.au www.news.com.au tags.news.com.au mhr.talk.news.com.au	201 KB
11	imrworldwide.com 2 redirects secure-gl.imrworldwide.com cdn-gl.imrworldwide.com seccdn-gl.imrworldwide.com secure-dcr.imrworldwide.com	72 KB
11	newscdn.com.au resourcesssl.newscdn.com.au	76 KB
9	adnxs.com 3 redirects ib.adnxs.com acdn.adnxs.com secure.adnxs.com	10 KB
7	id5-sync.com 6 redirects id5-sync.com	11 KB
6	googletagservices.com www.googletagservices.com	172 KB
6	google.com adservice.google.com www.google.com	1 KB
6	adsrvr.org 2 redirects match.adsrvr.org js.adsrvr.org insight.adsrvr.org	6 KB
5	demdex.net 1 redirects dpm.demdex.net newscorpau.demdex.net	6 KB
5	tiqcdn.com tags.tiqcdn.com	23 KB
5	scorecardresearch.com 2 redirects sb.scorecardresearch.com	4 KB
3	google.de www.google.de	768 B
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	googleadservices.com www.googleadservices.com	36 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	60 KB
3	serving-sys.com secure-ds.serving-sys.com bs.serving-sys.com	20 KB
3	bidswitch.net 3 redirects x.bidswitch.net	1 KB
3	newscorpaustralia.com login.newscorpaustralia.com
3	amazonaws.com news-networkeditorial.s3-ap-southeast-2.amazonaws.com s3-ap-southeast-2.amazonaws.com	33 KB
2	googletagmanager.com www.googletagmanager.com	77 KB
2	licdn.com snap.licdn.com	3 KB
2	chartbeat.net ping.chartbeat.net	336 B
2	vidora.com assets.vidora.com	4 KB
2	perf-serving.com 2 redirects prod.perf-serving.com	1 KB
2	tapad.com 2 redirects pixel.tapad.com	934 B
2	creative-serving.com 2 redirects ads.creative-serving.com	1 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	1004 B
2	360yield.com 2 redirects ice.360yield.com	1013 B
2	lijit.com 1 redirects ce.lijit.com	1018 B
2	contextweb.com 1 redirects bh.contextweb.com	755 B
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com	1 KB
2	perfectmarket.com widget.perfectmarket.com	32 KB
1	t.co t.co	449 B
1	twitter.com analytics.twitter.com	650 B
1	google.nl adservice.google.nl	803 B
1	mookie1.com au-gmtdmp.mookie1.com	608 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	everesttech.net 1 redirects cm.everesttech.net	517 B
1	tealiumiq.com uconnect.tealiumiq.com	454 B
1	newscgp.com au.tags.newscgp.com	48 KB
1	chartbeat.com static.chartbeat.com	23 KB
1	bttrack.com bttrack.com	380 B
1	appier.net 1 redirects s.c.appier.net	362 B
1	digitalaudience.io 1 redirects target.digitalaudience.io	475 B
1	criteo.com 1 redirects dis.criteo.com	483 B
1	emxdgt.com e1.emxdgt.com	124 B
1	adkernel.com dsp.adkernel.com	233 B
1	smartadserver.com rtb-csync.smartadserver.com	697 B
1	storygize.net 1 redirects www.storygize.net	430 B
1	pubmatic.com simage2.pubmatic.com	885 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	web.app ts2020-indies-client.web.app	3 KB
1	fontawesome.com use.fontawesome.com	13 KB
1	reastatic.net s1.rui.au.reastatic.net	9 KB
1	speedcurve.com cdn.speedcurve.com	7 KB
0	digitaleditions.com.au Failed heraldsun.digitaleditions.com.au Failed
270	62

	Domain	Requested by
53	www.heraldsun.com.au	17 redirects www.heraldsun.com.au
19	dt.adsafeprotected.com	www.heraldsun.com.au
18	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
14	content.api.news	www.heraldsun.com.au
13	securepubads.g.doubleclick.net	tags.tiqcdn.com securepubads.g.doubleclick.net www.heraldsun.com.au
11	pixel.adsafeprotected.com	cdn.adsafeprotected.com www.heraldsun.com.au
11	resourcesssl.newscdn.com.au	www.heraldsun.com.au ts2020-indies-client.web.app
10	static.adsafeprotected.com	pixel.adsafeprotected.com www.heraldsun.com.au
8	tags.news.com.au	1 redirects tags.tiqcdn.com au.tags.newscgp.com
7	id5-sync.com	6 redirects www.heraldsun.com.au
6	www.googletagservices.com	securepubads.g.doubleclick.net
6	secure.adnxs.com	3 redirects www.heraldsun.com.au
5	www.google.com	securepubads.g.doubleclick.net www.heraldsun.com.au
5	pagead2.googlesyndication.com	ad.doubleclick.net securepubads.g.doubleclick.net www.heraldsun.com.au
5	cdn-gl.imrworldwide.com	www.heraldsun.com.au seccdn-gl.imrworldwide.com secure-gl.imrworldwide.com cdn-gl.imrworldwide.com
5	sync.taboola.com	2 redirects www.heraldsun.com.au
5	tags.tiqcdn.com	www.heraldsun.com.au tags.tiqcdn.com
5	sb.scorecardresearch.com	2 redirects cdn.taboola.com www.heraldsun.com.au
4	8228261.fls.doubleclick.net	2 redirects www.heraldsun.com.au
4	dpm.demdex.net	1 redirects www.heraldsun.com.au tags.news.com.au
4	secure-gl.imrworldwide.com	2 redirects secure-gl.imrworldwide.com www.heraldsun.com.au
4	cm.g.doubleclick.net	3 redirects www.heraldsun.com.au
4	trc.taboola.com	cdn.taboola.com www.heraldsun.com.au
4	cdn.taboola.com	www.heraldsun.com.au cdn.taboola.com
3	www.google.de	www.heraldsun.com.au
3	googleads.g.doubleclick.net	www.googleadservices.com
3	www.googleadservices.com	secure-ds.serving-sys.com www.googletagmanager.com
3	x.bidswitch.net	3 redirects
3	login.newscorpaustralia.com	www.heraldsun.com.au
2	insight.adsrvr.org	js.adsrvr.org
2	px.ads.linkedin.com	1 redirects www.heraldsun.com.au
2	www.googletagmanager.com	secure-ds.serving-sys.com
2	snap.licdn.com	www.heraldsun.com.au snap.licdn.com
2	js.adsrvr.org	secure-ds.serving-sys.com
2	ping.chartbeat.net	www.heraldsun.com.au
2	metrics.heraldsun.com.au	tags.news.com.au www.heraldsun.com.au
2	assets.vidora.com	www.heraldsun.com.au assets.vidora.com
2	secure-ds.serving-sys.com	tags.tiqcdn.com secure-ds.serving-sys.com
2	trc-events.taboola.com	www.heraldsun.com.au
2	prod.perf-serving.com	2 redirects
2	pixel.tapad.com	2 redirects
2	ads.creative-serving.com	2 redirects
2	sync.crwdcntrl.net	2 redirects
2	ice.360yield.com	2 redirects
2	sync-t1.taboola.com	www.heraldsun.com.au
2	ce.lijit.com	1 redirects www.heraldsun.com.au
2	match.adsrvr.org	2 redirects
2	ib.adnxs.com	www.heraldsun.com.au
2	bh.contextweb.com	1 redirects www.heraldsun.com.au
2	rtb.mfadsrvr.com	2 redirects
2	widget.perfectmarket.com	cdn.taboola.com widget.perfectmarket.com
2	news-networkeditorial.s3-ap-southeast-2.amazonaws.com	www.heraldsun.com.au
2	origin.go.heraldsun.com.au	www.heraldsun.com.au
2	www.news.com.au	2 redirects
1	secure-dcr.imrworldwide.com	www.heraldsun.com.au
1	t.co	www.heraldsun.com.au
1	analytics.twitter.com	static.ads-twitter.com
1	www.linkedin.com	1 redirects
1	6ca42657b4c020436cb93f8e3f6a9444.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.nl	securepubads.g.doubleclick.net
1	au-gmtdmp.mookie1.com	www.heraldsun.com.au
1	acdn.adnxs.com	www.heraldsun.com.au
1	static.ads-twitter.com	www.heraldsun.com.au
1	bs.serving-sys.com	secure-ds.serving-sys.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	googleads4.g.doubleclick.net	ad.doubleclick.net
1	cm.everesttech.net	1 redirects
1	newscorpau.demdex.net	tags.news.com.au
1	cdn.adsafeprotected.com	tags.news.com.au
1	seccdn-gl.imrworldwide.com	tags.news.com.au
1	uconnect.tealiumiq.com	www.heraldsun.com.au
1	static.hotjar.com	tags.tiqcdn.com
1	au.tags.newscgp.com	tags.tiqcdn.com
1	static.chartbeat.com	tags.tiqcdn.com
1	ad.doubleclick.net	tags.tiqcdn.com
1	cds.taboola.com	www.heraldsun.com.au
1	bttrack.com	www.heraldsun.com.au
1	s.c.appier.net	1 redirects
1	target.digitalaudience.io	1 redirects
1	dis.criteo.com	1 redirects
1	e1.emxdgt.com	www.heraldsun.com.au
1	dsp.adkernel.com	www.heraldsun.com.au
1	rtb-csync.smartadserver.com	www.heraldsun.com.au
1	www.storygize.net	1 redirects
1	simage2.pubmatic.com	www.heraldsun.com.au
1	pixel.rubiconproject.com	www.heraldsun.com.au
1	match.taboola.com	www.heraldsun.com.au
1	mhr.talk.news.com.au	www.heraldsun.com.au
1	ts2020-indies-client.web.app	www.heraldsun.com.au
1	use.fontawesome.com	cdn.taboola.com
1	s3-ap-southeast-2.amazonaws.com	www.heraldsun.com.au
1	s1.rui.au.reastatic.net	www.heraldsun.com.au
1	cdn.speedcurve.com	www.heraldsun.com.au
1	www.heraldsun.news.com.au	1 redirects
0	heraldsun.digitaleditions.com.au Failed	www.heraldsun.com.au
270	97

This site contains links to these domains. Also see Links.

Domain
www.plusrewards.com.au
myaccount.heraldsun.com.au
www.escape.com.au
supercoach.com.au
tips.com.au
supercoach.heraldsun.com.au
www.realestate.com.au
heraldsun.digitaleditions.com.au
www.facebook.com
www.twitter.com
www.instagram.com
heraldsun.com.au
myaccount.news.com.au
www.newsletters.news.com.au
www.mytributes.com.au
www.newscorpaustralia.com
www.newsphotos.com.au
www.newsconcierge.com.au
www.dailytelegraph.com.au
www.couriermail.com.au
www.adelaidenow.com.au
www.news.com.au
www.theaustralian.com.au
www.themercury.com.au
www.geelongadvertiser.com.au
www.cairnspost.com.au
www.goldcoastbulletin.com.au
www.townsvillebulletin.com.au
www.thechronicle.com.au
www.ntnews.com.au
www.weeklytimesnow.com.au
www.buysearchsell.com.au
leader.local.heraldsun.com.au
www.foxsports.com.au
www.foxtel.com.au
hipages.com.au
kayosports.com.au
www.punters.com.au
www.odds.com.au
www.racenet.com.au
apps.apple.com
play.google.com
preferences.news.com.au
vip.wordpress.com

Subject Issuer	Validity	Valid
news.com.au DigiCert SHA2 Secure Server CA	`2020-09-28` - `2021-09-28`	a year	crt.sh
a3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-11-24` - `2021-05-05`	5 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
origin.go.heraldsun.com.au Let's Encrypt Authority X3	`2020-11-02` - `2021-01-31`	3 months	crt.sh
s1.rui.au.reastatic.net Amazon	`2020-08-19` - `2021-09-18`	a year	crt.sh
*.s3-ap-southeast-2.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-07-30` - `2021-08-04`	a year	crt.sh
p.ssl.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-11-12` - `2021-02-22`	3 months	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2020-03-16` - `2021-06-15`	a year	crt.sh
web.app GTS CA 1O1	`2020-04-15` - `2021-04-14`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2020-05-07` - `2022-05-12`	2 years	crt.sh
*.smartadserver.com DigiCert Global CA G2	`2020-02-03` - `2022-02-03`	2 years	crt.sh
*.adkernel.com COMODO RSA Domain Validation Secure Server CA	`2017-11-17` - `2021-01-05`	3 years	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2020-05-18` - `2021-07-17`	a year	crt.sh
*.id5-sync.com Let's Encrypt Authority X3	`2020-09-27` - `2020-12-26`	3 months	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2019-03-19` - `2021-04-13`	2 years	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2020-06-01` - `2021-06-02`	a year	crt.sh
*.imrworldwide.com DigiCert SHA2 Secure Server CA	`2020-01-21` - `2021-02-24`	a year	crt.sh
au.tags.newscgp.com Amazon	`2020-02-08` - `2021-03-08`	a year	crt.sh
secure-ds.serving-sys.com DigiCert SHA2 Secure Server CA	`2020-01-03` - `2021-04-03`	a year	crt.sh
*.hotjar.com Amazon	`2020-01-22` - `2021-02-22`	a year	crt.sh
*.tealiumiq.com Amazon	`2020-10-23` - `2021-11-22`	a year	crt.sh
*.adsafeprotected.com Amazon	`2020-08-19` - `2021-09-18`	a year	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
*.vidora.com Amazon	`2020-04-10` - `2021-05-10`	a year	crt.sh
metrics.heraldsun.com.au DigiCert SHA2 High Assurance Server CA	`2020-04-13` - `2021-07-15`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
bs.serving-sys.com Go Daddy Secure Certificate Authority - G2	`2020-01-07` - `2022-03-08`	2 years	crt.sh
fw.adsafeprotected.com Amazon	`2020-09-09` - `2021-10-09`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-29` - `2021-04-14`	5 months	crt.sh
*.mookie1.com DigiCert SHA2 Secure Server CA	`2020-02-21` - `2021-03-22`	a year	crt.sh
*.google.nl GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-08-05` - `2021-02-05`	6 months	crt.sh
www.google.de GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2020-10-03` - `2021-11-03`	a year	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh

This page contains 39 frames:

Primary Page: https://www.heraldsun.com.au/?nk=7b33bdb693ee05575cb97324035c1442-1607487475
Frame ID: 5E2826C465768F83C3C7E746E318E918
Requests: 164 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=ckL43SJG4477nQv7Q3po3DT0D9.u7s~V&nonce=uRMCSbrxXKe5c00bA1BluYBJl17pCP8w&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
Frame ID: 21C94F489200C57D8B6F34B7D730D461
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=c5b8a9fd-274a-4bc4-8451-75997f0eed2a&tbid=36110344-25e2-4040-989e-cb2bf8fca7c3-tuct6c9d575&query=taboola_hm%3Dc5b8a9fd-274a-4bc4-8451-75997f0eed2a&isDirect=0
Frame ID: DEE59CF65E75F25C00577CBB7A9701F1
Requests: 20 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=VA7vjks2rTDs3ZRU0jV9IkpOYJ7izKio&nonce=bv8ABndHCF_CfUpZ6osD7_eN7HDRVfIS&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
Frame ID: FF648F03B0612E2F6BC353DE1F53FB90
Requests: 1 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=-DCDm-OvpB0wsaXT3Ppx-7~B_Ky~wLOJ&nonce=DGyYAuyqVu_-fHLQPfjkStNB2YlHOYhY&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
Frame ID: B51FF26547011CBBA0C2767E5D35413D
Requests: 1 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: F64E2B53659703C9AD13D6425095A3E9
Requests: 1 HTTP requests in this frame

Frame: https://secure-gl.imrworldwide.com/storageframe.html
Frame ID: FFE6DC36B9A8C2C7A157EB2CA9E59A4A
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 15E5EE622AC0922513A61854C9ED3F81
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: DD865A6BA6A7BF4E6709CE90238DC0F3
Requests: 1 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: BF10D5F5BE5486FCBAB9EA813A752947
Requests: 1 HTTP requests in this frame

Frame: https://static.ads-twitter.com/uwt.js
Frame ID: C17D56E78B2CCBE7109C17DED94FA25D
Requests: 3 HTTP requests in this frame

Frame: https://snap.licdn.com/li.lms-analytics/insight.min.js
Frame ID: 7D51BA136172B1FC8ACF0109F8DB1DB0
Requests: 3 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Frame ID: 3A496BE6C55C6490BB4692468495CFD1
Requests: 5 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: BB3DAEDBEB70D2099CE6A3C747F05AD2
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/up/pixie.js
Frame ID: 04C416F8D7799B67214F9CB9E5EDDB8B
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CIqQt8KFwO0CFZrMuwgdP-MCbA;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8693448493590.272
Frame ID: 7DF037672FA0B00E45A9C929CDBBA7BC
Requests: 1 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CIjLt8KFwO0CFTRc5Qod8UcHbQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4303101088243.193
Frame ID: B5819A37667BBA29B356009051CFD675
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-820018408
Frame ID: 3F24A1B8DAA31878C9A0606E7D6AC238
Requests: 5 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/conversion.js
Frame ID: 9FC0625DED5BD310269F98F234284195
Requests: 4 HTTP requests in this frame

Frame: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296557&src.rand=[timestamp]
Frame ID: 075F59925A8331B9D51FE4E98CD69071
Requests: 1 HTTP requests in this frame

Frame: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Frame ID: FAD15B01EF7380715805FA694D88CCBA
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssKSC0lZjmD3ABxWAqdoPuNm565LDQ1jxhsu8tmP8fMo1ORtvxp-lq1gXrllvMT_8ewHk-6KESfPzuavUgosLDcfCPgiqqfRfcoVHBFunULOJ9jhaeYC2L97E6dOZLeuWO1ib_9kQp8dMkaUTOiayN6rIY5GNpNQZCDtUv0YJPdrXgLZafh6bOE3KTCg4MiMxlqQiYMvCfgEB7u8FpR2NwwdWH9eCB5SDs2siGl4bq9rByHB1LB2e8f87ppVFh3HjDKeLbZ4tLi&sig=Cg0ArKJSzA1zd_eK-rzgEAE&adurl=
Frame ID: 9CA312628C30A85B3C4C0124916A290E
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsswgvmjpD9oTc5H0QRn5HgdCaL0ehCvZh20THW6ThxQVLfxqz_nXiHmg8QoqToRMVawZwDDNw7snof6MIy4VbH1ct6cnOVm7T4EtNZKRHxcnkBA3FX3oeG6fRB6nYGgr5JRPjBwvhTEs6bfu7qTEsIHNGICGBtyKv0jBjHbVcicl2frLX5lub1OF95o5M6K0ZXMxIPDxIfBlg8rk4xMKac4ZPJKLHrHmZw5rjge7RoXPrG2ttcqIYqxnZq3JlSO3xmXcnkcBHjM&sig=Cg0ArKJSzGchSjePDGelEAE&adurl=
Frame ID: 78D657499B05893F01C91667C88C5041
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstOTCL39aPDrJain1MmJ-WCy0Qa8Was9w2tnZFWVsbNRH4wDSiBXN1PZaCjgJmdJmcdlrVUvfugZVbLl_ucX54c_WaDO9i3_7ai4LtCJ2GrhuYbTNKM_q5wF-rOvMnwjEAIz5yjjqByttIPwYY7m2PA8ZlxPXTQgiDkF_ZxMMR8I5VwZ0sCJqa2HwG5DWwwsuUarLpvbTO6E2voXLsRgK8AgTaB4aX0yCBxR5C4QDRW0tWQ0zcnuW0u-GthFah87-F5ay-ObTuj&sig=Cg0ArKJSzLleP8QC3rIsEAE&adurl=
Frame ID: 349185E0106BC7A06C929B5EE1A730E2
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssknxs0HmdGaBgoPL6UaHk--HOLnKWUHyjghF9n7Iy2HGyML9JcL_YDEDbxaOnPItkuOJBdboWiyla33NqPB6iRPNQ1GyWMuAOQtt4fA773GXmLXa55rYJIKW8OX-1ZrYoL9wnRMxs62lKVez9bNQFFEexo0EOHaUjMzloQRwmL7BqnVNP_La3bfLGpXakP8VHE9BR2Wi8kIzOKYICwiJLpB1cXCnX-ZLtqLD40HpQ-7jA2Nb9gARYiHwQfi9LW9CtZGVVulazE&sig=Cg0ArKJSzLhM4JEDhESvEAE&adurl=
Frame ID: 959BD8DD4E16E795607DDA9CA49E4A57
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWliDPL29y8JrpfKJCdh_pyVXL5VLuyEN-3rm94yl83gE6eFq2Tt1_nm4mkdsMwPSIdGZUzMkxZ9Kdo-US8o9WmtaZ0aDN0JYBWq_fxLdQedYTRCcE_6qUwLsbo4bsJu-ckNLH-AF3EdvtKpZ96cwWtih8SUJzFL36-Z_9DXwXaEjNpERcjIKwys9rq3xfunQabYq4_v7EIxLEThdEws3EMRae68Xwn3ukUJ1Ix0DfcyjbbM0k6ABzt8WFTIivLS_TE51kbN6Y&sig=Cg0ArKJSzDHVfT4UX0plEAE&adurl=
Frame ID: 7324C6D7F3A7EA166B57968CA583D4C1
Requests: 8 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025557&pubOrder=305536031&cb=1073246723&custom=homepage&custom3=168400391&adsafe_par&impId=864f4064-39d5-11eb-8fc7-02617d9e854e
Frame ID: B3E53EC64B32FDB7AB2FADF67D182E22
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025560&pubOrder=305536031&cb=2016452232&custom=homepage&custom3=168400391&adsafe_par&impId=864f4063-39d5-11eb-8fc7-02617d9e854e
Frame ID: 88147DEB2BAF9D46C96C6D05CFAC7490
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234082178&pubOrder=305536031&cb=1466267259&custom=homepage&custom3=168400391&adsafe_par&impId=864f4066-39d5-11eb-8fc7-02617d9e854e
Frame ID: E05FBA05E404286A2AEF18EE0EAA2594
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025551&pubOrder=305536031&cb=1178989494&custom=homepage&custom3=168400391&adsafe_par&impId=864f4067-39d5-11eb-8fc7-02617d9e854e
Frame ID: AC7EDEE4C01E807171E7AE3FFE873E1F
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092456&pubOrder=305536031&cb=444226775&custom=homepage&custom3=168400391&adsafe_par&impId=864f4065-39d5-11eb-8fc7-02617d9e854e
Frame ID: C8A80F5995E075C7D08A584EA0502320
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.114.js
Frame ID: CD3B6A81C15890849C328A8AA143F3AC
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.114.js
Frame ID: B10BB8B19E0EF6884588DF9668889188
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.114.js
Frame ID: F03A2017B4B12B05AAC4A010A7BE0FD9
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.114.js
Frame ID: 3D6A707CCC0AA415CF50E7509DDF465D
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.114.js
Frame ID: 920143845359E9C25CE9AB224498BF19
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Frame ID: 42BF723C8238C40FAC6E525C17888B8F
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Frame ID: A4171B4FE55639D74AA9B9CE3A2BA937
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 679824868C4B028817D301B219586BE2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.heraldsun.news.com.au/common/story_page/0,5478,4859169%255e663,00.html HTTP 301
http://www.news.com.au/heraldsun/common/story_page/0,5478,4859169%255e663,00.html HTTP 301
https://www.news.com.au/heraldsun/common/story_page/0,5478,4859169%255e663,00.html HTTP 301
https://www.heraldsun.com.au/ HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2f HTTP 302
https://www.heraldsun.com.au/ HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&160... HTTP 302
https://www.heraldsun.com.au/?nk=7b33bdb693ee05575cb97324035c1442-1607487475 Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

270
Requests

100 %
HTTPS

19 %
IPv6

62
Domains

97
Subdomains

69
IPs

10
Countries

3768 kB
Transfer

6601 kB
Size

14
Cookies

55 Outgoing links

These are links going to different origins than the main page.

URL: https://www.plusrewards.com.au/heraldsun/offers
Title: Rewards

Search URL Search Domain Scan URL

URL: https://myaccount.heraldsun.com.au/s
Title: My account

Search URL Search Domain Scan URL

URL: https://www.escape.com.au/
Title: Travel

Search URL Search Domain Scan URL

URL: https://supercoach.com.au/
Title: SuperCoach

Search URL Search Domain Scan URL

URL: http://tips.com.au/afl/?source_code=HSWEB_TIP1271
Title: tips.com.au

Search URL Search Domain Scan URL

URL: https://supercoach.heraldsun.com.au/racing
Title: SuperCoach

Search URL Search Domain Scan URL

URL: https://supercoach.heraldsun.com.au/nrl
Title: SuperCoach

Search URL Search Domain Scan URL

URL: https://tips.com.au/nrl/
Title: tips.com.au

Search URL Search Domain Scan URL

URL: https://www.realestate.com.au/news/lauren-phillips-and-lachlan-sparks-sell-fitzroy-terrace-home/?rsf=syn:news:nca:hs:article

Search URL Search Domain Scan URL

URL: https://www.realestate.com.au/

Search URL Search Domain Scan URL

URL: https://www.escape.com.au/news/we-found-the-perfect-swimsuit-for-39/news-story/25ca90400b65b4c08cb366b64f998482

Search URL Search Domain Scan URL

URL: https://www.escape.com.au/destinations/australia/21-great-things-about-our-great-southern-land/image-gallery/f764bc460ada26c199afddd6e9d60257
Title: 21 things no one told you about Australia

Search URL Search Domain Scan URL

URL: https://www.escape.com.au/experiences/adventure/25-stunning-wildlife-photos-fround-around-the-world/image-gallery/700388a835684c1d9ab60da3e8ea4d4a
Title: 25 incredible wildlife photos stun the world

Search URL Search Domain Scan URL

URL: https://heraldsun.digitaleditions.com.au/index.php
Title: Front pageRead today's paper as it was printed.

Search URL Search Domain Scan URL

URL: https://www.facebook.com/heraldsun

Search URL Search Domain Scan URL

URL: https://www.twitter.com/theheraldsun

Search URL Search Domain Scan URL

URL: https://www.instagram.com/heraldsunphoto

Search URL Search Domain Scan URL

URL: http://heraldsun.com.au/help-rss

Search URL Search Domain Scan URL

URL: https://myaccount.news.com.au/heraldsun/help/subscriptionTerms?pkgDef=HS_GCRACA_W52&hideRegistrationTnC=true
Title: Group/Corporate subscriptions

Search URL Search Domain Scan URL

URL: https://www.newsletters.news.com.au/heraldsun
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://www.mytributes.com.au/
Title: My Tributes

Search URL Search Domain Scan URL

URL: http://www.newscorpaustralia.com/careers
Title: Job Opportunities

Search URL Search Domain Scan URL

URL: https://myaccount.news.com.au/heraldsun/help/subscriptionTerms
Title: Subscription terms

Search URL Search Domain Scan URL

URL: https://myaccount.news.com.au/heraldsun/help/subscriptionTerms?pkgDef=HS_LAPP_17A_W04#subscribe
Title: App only subscription terms

Search URL Search Domain Scan URL

URL: http://www.newsphotos.com.au/C.aspx?VP3=CMS3&VF=Home
Title: Photo Sales

Search URL Search Domain Scan URL

URL: https://www.newsconcierge.com.au/
Title: Advertise with us

Search URL Search Domain Scan URL

URL: https://www.dailytelegraph.com.au/
Title: The Daily Telegraph

Search URL Search Domain Scan URL

URL: https://www.couriermail.com.au/
Title: Courier Mail

Search URL Search Domain Scan URL

URL: http://www.adelaidenow.com.au/
Title: The Advertiser

Search URL Search Domain Scan URL

URL: https://www.news.com.au/
Title: news.com.au

Search URL Search Domain Scan URL

URL: https://www.theaustralian.com.au/
Title: The Australian

Search URL Search Domain Scan URL

URL: https://www.themercury.com.au/
Title: The Mercury

Search URL Search Domain Scan URL

URL: https://www.geelongadvertiser.com.au/
Title: Geelong Advertiser

Search URL Search Domain Scan URL

URL: https://www.cairnspost.com.au/
Title: The Cairns Post

Search URL Search Domain Scan URL

URL: https://www.goldcoastbulletin.com.au/
Title: Gold Coast Bulletin

Search URL Search Domain Scan URL

URL: https://www.townsvillebulletin.com.au/
Title: Townsville Bulletin

Search URL Search Domain Scan URL

URL: https://www.thechronicle.com.au/
Title: The Chronicle

Search URL Search Domain Scan URL

URL: https://www.ntnews.com.au/
Title: NT News

Search URL Search Domain Scan URL

URL: https://www.weeklytimesnow.com.au/
Title: The Weekly Times

Search URL Search Domain Scan URL

URL: https://www.buysearchsell.com.au/
Title: Buy Search Sell

Search URL Search Domain Scan URL

URL: http://leader.local.heraldsun.com.au/
Title: Find Your Local

Search URL Search Domain Scan URL

URL: http://www.foxsports.com.au/
Title: Foxsports

Search URL Search Domain Scan URL

URL: https://www.foxtel.com.au/index.html
Title: Foxtel

Search URL Search Domain Scan URL

URL: https://hipages.com.au/
Title: Hipages

Search URL Search Domain Scan URL

URL: https://kayosports.com.au/
Title: Kayo

Search URL Search Domain Scan URL

URL: https://www.punters.com.au/
Title: Punters

Search URL Search Domain Scan URL

URL: https://www.odds.com.au/
Title: odds.com.au

Search URL Search Domain Scan URL

URL: https://www.racenet.com.au/
Title: racenet.com.au

Search URL Search Domain Scan URL

URL: https://apps.apple.com/au/app/herald-sun/id392582225

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.newscorp.heraldsun

Search URL Search Domain Scan URL

URL: https://preferences.news.com.au/##collect
Title: Find out more about our policy and your choices, including how to opt-out.

Search URL Search Domain Scan URL

URL: https://preferences.news.com.au/
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://preferences.news.com.au/##optout
Title: Relevant ads opt-out

Search URL Search Domain Scan URL

URL: https://preferences.news.com.au/cookies
Title: Cookie policy

Search URL Search Domain Scan URL

URL: https://vip.wordpress.com/
Title: WordPress.com VIP

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.heraldsun.news.com.au/common/story_page/0,5478,4859169%255e663,00.html HTTP 301
http://www.news.com.au/heraldsun/common/story_page/0,5478,4859169%255e663,00.html HTTP 301
https://www.news.com.au/heraldsun/common/story_page/0,5478,4859169%255e663,00.html HTTP 301
https://www.heraldsun.com.au/ HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2f HTTP 302
https://www.heraldsun.com.au/ HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&16074874751560159662 HTTP 302
https://www.heraldsun.com.au/?nk=7b33bdb693ee05575cb97324035c1442-1607487475 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1607487477957&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1607487477957&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9=&cs_ak_ss=1

Request Chain 34

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1607487477957&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1607487477957&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9=&cs_ak_ss=1

Request Chain 35

https://www.heraldsun.com.au/digitalprinteditions HTTP 301
https://idp.news.com.au/idp/services/generatetoken?target=HeraldSun&url=http%3A%2F%2Fheraldsun.digitaleditions.com.au%2F HTTP 0
http://heraldsun.digitaleditions.com.au/

Request Chain 47

https://www.heraldsun.com.au/sport HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fsport HTTP 302
https://www.heraldsun.com.au/sport

Request Chain 48

https://www.heraldsun.com.au/entertainment/confidential/sacked-showbiz-how-being-fired-fuelled-molloys-success/news-story/9e117ea97ab37c0b48ada7ed8fe6b0eb HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fentertainment%2Fconfidential%2Fsacked-showbiz-how-being-fired-fuelled-molloys-success%2Fnews-story%2F9e117ea97ab37c0b48ada7ed8fe6b0eb&memtype=anonymous&mode=premium

Request Chain 49

https://www.heraldsun.com.au/news/opinion/rita-panahi/rita-panahi-pandering-to-woke-wooden-heads-destroys-joyous-national-holiday/news-story/b151c13e550f5f6402955cee89a82f74 HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fopinion%2Frita-panahi%2Frita-panahi-pandering-to-woke-wooden-heads-destroys-joyous-national-holiday%2Fnews-story%2Fb151c13e550f5f6402955cee89a82f74&memtype=anonymous&mode=premium

Request Chain 50

https://www.heraldsun.com.au/sport/afl/afl-draft-2020-indicative-picks-order-key-questions-answered/news-story/0e6555cca4633bae7721fff4c3b15cbb HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fsport%2fafl%2fafl-draft-2020-indicative-picks-order-key-questions-answered%2fnews-story%2f0e6555cca4633bae7721fff4c3b15cbb HTTP 302
https://www.heraldsun.com.au/sport/afl/afl-draft-2020-indicative-picks-order-key-questions-answered/news-story/0e6555cca4633bae7721fff4c3b15cbb

Request Chain 51

https://www.heraldsun.com.au/sport/afl/afl-draft-2020-live-time-order-start-and-how-to-watch/live-coverage/4d9ee1a182214d0cf3ce3756582cda9a HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fsport%2fafl%2fafl-draft-2020-live-time-order-start-and-how-to-watch%2flive-coverage%2f4d9ee1a182214d0cf3ce3756582cda9a HTTP 302
https://www.heraldsun.com.au/sport/afl/afl-draft-2020-live-time-order-start-and-how-to-watch/live-coverage/4d9ee1a182214d0cf3ce3756582cda9a

Request Chain 52

https://www.heraldsun.com.au/sport/afl HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fsport%2fafl HTTP 302
https://www.heraldsun.com.au/sport/afl

Request Chain 54

https://www.heraldsun.com.au/sport/afl/news/afl-draft-2020-how-the-first-25-picks-may-fall/news-story/945935dd2a361ba1f84ca8bc2f6f37c9 HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Fafl%2Fnews%2Fafl-draft-2020-how-the-first-25-picks-may-fall%2Fnews-story%2F945935dd2a361ba1f84ca8bc2f6f37c9&memtype=anonymous&mode=premium

Request Chain 55

https://www.heraldsun.com.au/sport/afl/afl-draft-2020-dossier-interactive-profiles-stats-and-draft-range-on-all-the-top-prospects-from-around-the-country/news-story/b6eff3e0139aed53c9867837030577cb HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Fafl%2Fafl-draft-2020-dossier-interactive-profiles-stats-and-draft-range-on-all-the-top-prospects-from-around-the-country%2Fnews-story%2Fb6eff3e0139aed53c9867837030577cb&memtype=anonymous&mode=premium

Request Chain 56

https://www.heraldsun.com.au/sport/afl/western-bulldogs-believes-drafting-jamarra-uglehagan-will-attract-more-indigenous-players-to-whitten-oval/news-story/ea5f87cf0dfae34752b94b36d7024de7 HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Fafl%2Fwestern-bulldogs-believes-drafting-jamarra-uglehagan-will-attract-more-indigenous-players-to-whitten-oval%2Fnews-story%2Fea5f87cf0dfae34752b94b36d7024de7&memtype=anonymous&mode=premium

Request Chain 60

https://www.heraldsun.com.au/education/sacked-st-kevins-college-teacher-allegedly-stroked-students-cheek/news-story/b281a90af80766d699de8a25b479fbc5 HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Feducation%2Fsacked-st-kevins-college-teacher-allegedly-stroked-students-cheek%2Fnews-story%2Fb281a90af80766d699de8a25b479fbc5&memtype=anonymous&mode=premium

Request Chain 76

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=c5b8a9fd-274a-4bc4-8451-75997f0eed2a HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=c5b8a9fd-274a-4bc4-8451-75997f0eed2a&tbid=36110344-25e2-4040-989e-cb2bf8fca7c3-tuct6c9d575&query=taboola_hm%3Dc5b8a9fd-274a-4bc4-8451-75997f0eed2a&isDirect=0

Request Chain 78

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=Nte4Wgy9hHJQ&ev=1&orig=trc&pid=562107

Request Chain 80

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc= HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEOsr84_ZJQGrTwh0MfCyquM&google_cver=1

Request Chain 82

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=36110344-25e2-4040-989e-cb2bf8fca7c3-tuct6c9d575 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=0&gdpr_consent=&google_hm=36110344-25e2-4040-989e-cb2bf8fca7c3-tuct6c9d575&google_tc=

Request Chain 83

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=0abd0dc2-d2b5-443c-85d1-7f9dfe899c67

Request Chain 84

https://ce.lijit.com/merge?pid=42&3pid=36110344-25e2-4040-989e-cb2bf8fca7c3-tuct6c9d575&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=42&3pid=36110344-25e2-4040-989e-cb2bf8fca7c3-tuct6c9d575&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

Request Chain 86

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=36110344-25e2-4040-989e-cb2bf8fca7c3-tuct6c9d575 HTTP 302
https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301

Request Chain 90

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=90eedcc1-f29e-40d0-84cb-c22a17e86277

Request Chain 91

https://id5-sync.com/s/464/9.gif?puid=36110344-25e2-4040-989e-cb2bf8fca7c3-tuct6c9d575&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/464/464/7/1.gif?puid=36110344-25e2-4040-989e-cb2bf8fca7c3-tuct6c9d575&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOiDT19jGDiGpJPm7YI2s-DeecOAq2Mvi8M_wQ1w&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOiDT19jGDiGpJPm7YI2s-DeecOAq2Mvi8M_wQ1w&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/464/124/6/2.gif?puid=14fb72b9-2e53-4ded-8a06-586fbdca537c&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/19/5/3.gif?puid=ee7d2452a06503a6657b50f70e223641&gdpr=1&gdpr_consent= HTTP 302
https://target.digitalaudience.io/bakery/sync/d?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F21%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/464/21/4/4.gif?puid=6db4dfcce3464d58a80df139d65a0731&gdpr=1&gdpr_consent= HTTP 302
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/464/101/3/5.gif?puid=2ae5ebb2-a99d-4b0c-94a2-637b05094c16&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/108/2/6.gif?puid=863f8861-39d5-11eb-a599-e2dd7f45358e&gdpr=1&gdpr_consent=

Request Chain 92

https://s.c.appier.net/taboola HTTP 302
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=UHeZ_y7OCk2YR24k90_QXw

Request Chain 95

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola HTTP 302
https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola HTTP 302
https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=15d8f24a-187e-48f0-addf-4fccad4f1560&ssp=taboola&user_group=1 HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=6f57b2e2-997e-476a-8c23-1db9106bbb13

Request Chain 107

https://secure-gl.imrworldwide.com/v60.js HTTP 301
https://cdn-gl.imrworldwide.com/v60.js

Request Chain 118

https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1607487478377 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1607487478377

Request Chain 123

https://cm.everesttech.net/cm/dd?d_uuid=46036134324386065182870019191258405750 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=X9BP_AAAALI5bx-H

Request Chain 138

https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1607487479834&ci=newscorp&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&sr=1600x1200&id=lstrg-3af3f695fbb798eb8fa364ebc6321e83&tz=1 HTTP 302
https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1607487479834&ci=newscorp&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&sr=1600x1200&id=lstrg-3af3f695fbb798eb8fa364ebc6321e83&tz=1&ja=1

Request Chain 154

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8693448493590.272 HTTP 302
https://8228261.fls.doubleclick.net/activityi;dc_pre=CIqQt8KFwO0CFZrMuwgdP-MCbA;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8693448493590.272

Request Chain 155

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4303101088243.193 HTTP 302
https://8228261.fls.doubleclick.net/activityi;dc_pre=CIjLt8KFwO0CFTRc5Qod8UcHbQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4303101088243.193

Request Chain 159

https://secure.adnxs.com/px?id=879166&seg=9702347&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2

Request Chain 160

https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1

Request Chain 161

https://secure.adnxs.com/px?id=1049968&seg=15374298&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049968%26seg%3D15374298%26t%3D1

Request Chain 202

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&time=1607487481154 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252F%26time%3D1607487481154%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&time=1607487481154&liSync=true

270 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.heraldsun.com.au/
Redirect Chain

http://www.heraldsun.news.com.au/common/story_page/0,5478,4859169%255e663,00.html
http://www.news.com.au/heraldsun/common/story_page/0,5478,4859169%255e663,00.html
https://www.news.com.au/heraldsun/common/story_page/0,5478,4859169%255e663,00.html
https://www.heraldsun.com.au/
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2f
https://www.heraldsun.com.au/
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&16074874751560159662
https://www.heraldsun.com.au/?nk=7b33bdb693ee05575cb97324035c1442-1607487475

336 KB
60 KB

1901ms
1901ms

Document
text/html

104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/?nk=7b33bdb693ee05575cb97324035c1442-1607487475

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

584dd1eb9f16961dd3165312577a730ed4f66d4bda84e19ae64b4d6e42d3af83

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

:method: GET
:authority: www.heraldsun.com.au
:scheme: https
:path: /?nk=7b33bdb693ee05575cb97324035c1442-1607487475
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: n_regis=123456789
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: nginx
content-type: text/html; charset=UTF-8
set-cookie: AWSALB=ZbqCghAAow/AApYLVwnDq41gf9vyueZQuwsseUquruQvN7Nc99R1U22LH0r/SIq/0vdkQ6W6mdPkrcHeut5DL9nM/P3f1FSKSYwlYdjihOKLwOiiXNkzOl4A11EE; Expires=Wed, 16 Dec 2020 04:17:55 GMT; Path=/ nk=7b33bdb693ee05575cb97324035c1442; expires=Sat, 09 Dec 2023 04:17:57 GMT; path=/; domain=heraldsun.com.au; SameSite=None; Secure; AWSALBCORS=ZbqCghAAow/AApYLVwnDq41gf9vyueZQuwsseUquruQvN7Nc99R1U22LH0r/SIq/0vdkQ6W6mdPkrcHeut5DL9nM/P3f1FSKSYwlYdjihOKLwOiiXNkzOl4A11EE; Expires=Wed, 16 Dec 2020 04:17:55 GMT; Path=/; SameSite=None; Secure
x-powered-by: WordPress VIP <https://wpvip.com>
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
vary: User-Agent Accept-Encoding
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2f%3fnk%3d7b33bdb693ee05575cb97324035c1442-1607487475&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=&session=7b33bdb693ee05575cb97324035c1442
x-arrrg5: BlaizeHappened
x-rq: ewr4 119 85 3122
x-xss-protection: 1
x-content-type-options: nosniff
host-header: a9130478a60e5f9135f765b23f26593b
content-encoding: gzip
expires: Wed, 09 Dec 2020 04:17:57 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 09 Dec 2020 04:17:57 GMT

Redirect headers

server: AkamaiGHost
content-length: 154
content-type: text/html
location: https://www.heraldsun.com.au/?nk=7b33bdb693ee05575cb97324035c1442-1607487475
set-cookie: nk=7b33bdb693ee05575cb97324035c1442; expires=Sat, 09 Dec 2023 04:17:55 GMT; path=/; domain=news.com.au; SameSite=None; Secure;
mime-version: 1.0
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
vary: Accept-Encoding
etag: "05563c72b22b39afb384f19701c03047:1600838589.100191"
expires: Wed, 09 Dec 2020 04:17:55 GMT
cache-control: max-age=0, no-cache
pragma: no-cache
date: Wed, 09 Dec 2020 04:17:55 GMT

GET
H2 200 css-metro-desktop-lazy.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 1 B
593 B 138ms
137ms Stylesheet
text/css 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=7b33bdb693ee05575cb97324035c1442-1607487475

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-rq: ewr4 114 53 3167
last-modified: Fri, 06 Nov 2020 23:21:49 GMT
server: nginx
etag: "5fa5da8d-1"
vary: User-Agent
content-type: text/css
expires: Wed, 09 Dec 2020 04:17:58 GMT
cache-control: max-age=1
date: Wed, 09 Dec 2020 04:17:57 GMT
is-https: true
content-length: 1
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 lux.js Show response
cdn.speedcurve.com/js/ 21 KB
7 KB 74ms
22ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.speedcurve.com/js/lux.js?id=338391603

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=7b33bdb693ee05575cb97324035c1442-1607487475

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

ef024a5f6a6afe4d445fd60002ff33e71b80ca52cbaab97153e31ab62b40d379

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
content-encoding: gzip
age: 2543
x-cache: HIT
content-length: 6883
x-served-by: cache-hhn4043-HHN
access-control-allow-origin: *
last-modified: Wed, 09 Dec 2020 03:35:34 GMT
server: Apache
x-timer: S1607487478.650013,VS0,VE0
date: Wed, 09 Dec 2020 04:17:57 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Wed, 16 Dec 2020 03:35:34 GMT
cache-control: max-age=604800
x-ua-compatible: IE=edge
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 9

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/ 219 KB
33 KB 150ms
105ms Script
application/javascript 199.232.57.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=7b33bdb693ee05575cb97324035c1442-1607487475
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.57.44 Windsor, United Kingdom, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6e3e3a7fb48024d92e9e8c43b7f636b0256f69c61114735d327ca43171ad5d11

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: xaHQxRd3IZ_ierdet9nOE52MRM_0UZca
content-encoding: gzip
etag: "36646c3461d28769806876833f62d9e4"
age: 0
x-cache: HIT
content-length: 33392
x-amz-id-2: l4LDj0/89o+TYREhze46lHyiHWhR2My3GZfkS6lg+N4tPOauW3RlTUpb6La0G5rpnGCpzbnmFjc=
x-served-by: cache-lon4226-LON
last-modified: Sun, 29 Nov 2020 14:15:40 GMT
server: AmazonS3
x-timer: S1607487478.650246,VS0,VE85
date: Wed, 09 Dec 2020 04:17:57 GMT
vary: Accept-Encoding
x-amz-request-id: 940B46F7D78F23F7
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 24
x-cache-hits: 1

GET
H2 200 heraldsun.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 8 KB
4 KB 26ms
25ms Image
image/svg+xml 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

5e7b471a7b5dcd0107a7a7d6e057c7a6377f258a3bf28087ce83711e0ae4826a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 04:17:57 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 3055
x-rq: bom2 116 215 3090
last-modified: Fri, 06 Nov 2020 23:30:15 GMT
server: nginx
etag: W/"5fa5dc87-1f69"
vary: User-Agent
content-type: image/svg+xml
cache-control: max-age=2491102
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Thu, 07 Jan 2021 00:16:19 GMT

GET
H2 200 Moore-De-Goey-big.jpg
origin.go.heraldsun.com.au/wp-content/uploads/2020/12/ 148 KB
148 KB 58ms
11ms Image
image/webp 2a04:fa87:fffd::c000:42d0
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://origin.go.heraldsun.com.au/wp-content/uploads/2020/12/Moore-De-Goey-big.jpg?includeSharpen=true&crop=0px%2C314px%2C2824px%2C1589px&resize=1280%2C720&strip=all?width=1024
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:42d0 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 5685a3faf3cb4ebee266f7669cf0a41bf5dc4398355720884364b57731b0e976

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 04:17:57 GMT
x-rq: ams8 109 28 443
last-modified: Wed, 09 Dec 2020 04:16:54 GMT
server: nginx
etag: "84044b5f52394a17"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 151560
expires: Thu, 09 Dec 2021 04:16:54 GMT

GET
H2 200 9ed09a0f43a6cb06cf0a1b807e9e253c
content.api.news/v3/images/bin/ 66 KB
66 KB 396ms
75ms Image
image/jpeg 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/9ed09a0f43a6cb06cf0a1b807e9e253c?width=650
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-88-36.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 938ad8e6ec2383825911c8e43350a1e1ed1e5f0b7c0d758fac7aedb2f0c58b96

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: 9ed09a0f43a6cb06cf0a1b807e9e253c
date: Wed, 09 Dec 2020 04:17:57 GMT
last-modified: Wed, 09 Dec 2020 02:10:39 GMT
server: Akamai Image Manager
etag: b22f4bcbb7b24a17c0b4bee6623160b5-9ed09a0f43a6cb06cf0a1b807e9e253c-650
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5176354
access-control-allow-headers: x-newsapi-api-key
content-length: 67258
expires: Sun, 07 Feb 2021 02:10:31 GMT

GET
H2 200 5cec34e665ad07660ad9e6072d69f27d
content.api.news/v3/images/bin/ 3 KB
3 KB 375ms
54ms Image
image/jpeg 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/5cec34e665ad07660ad9e6072d69f27d?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-88-36.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 876e1e0ee634961bee6ed09fc958445fed4966a255a4f1ec381ecebb83cca48e

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: 5cec34e665ad07660ad9e6072d69f27d
date: Wed, 09 Dec 2020 04:17:57 GMT
last-modified: Wed, 09 Dec 2020 01:10:00 GMT
server: Akamai Image Manager
etag: 458e0cad83c3a6420f5a88dbc38685c0-5cec34e665ad07660ad9e6072d69f27d-150
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5172696
access-control-allow-headers: x-newsapi-api-key
content-length: 3008
expires: Sun, 07 Feb 2021 01:09:33 GMT

GET
H2 200 179e3bf080d3b2a0fc63648662168af6
content.api.news/v3/images/bin/ 4 KB
5 KB 389ms
68ms Image
image/jpeg 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/179e3bf080d3b2a0fc63648662168af6?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-88-36.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: fa8d4da3c903a35d97894522f566ee0f2f2b15d8bc0fa98b401a17719ee07d96

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: 179e3bf080d3b2a0fc63648662168af6
date: Wed, 09 Dec 2020 04:17:57 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 3697944563c85a49487df843aef70ba0-179e3bf080d3b2a0fc63648662168af6-150
x-serial: 1938
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5183055
last-modified: Wed, 09 Dec 2020 04:01:56 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 4599
expires: Sun, 07 Feb 2021 04:02:12 GMT

GET
H2 200 a44d43142894f18818a15fcee1c468a7
content.api.news/v3/images/bin/ 3 KB
4 KB 389ms
68ms Image
image/jpeg 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/a44d43142894f18818a15fcee1c468a7?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-88-36.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 15905de1ad9ed3855748240e4615a86c28e11d3a354e3612d37742f10d82b97d

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: a44d43142894f18818a15fcee1c468a7
date: Wed, 09 Dec 2020 04:17:57 GMT
last-modified: Wed, 09 Dec 2020 03:00:26 GMT
server: Akamai Image Manager
etag: 82444df4ec503a70340103e9008ff674-a44d43142894f18818a15fcee1c468a7-150
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5179408
access-control-allow-headers: x-newsapi-api-key
content-length: 3476
expires: Sun, 07 Feb 2021 03:01:25 GMT

GET
H2 200 2eec01c25ad7c8cdd2001cc1644bfa62
content.api.news/v3/images/bin/ 2 KB
2 KB 373ms
53ms Image
image/jpeg 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/2eec01c25ad7c8cdd2001cc1644bfa62?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-88-36.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 31bed423ce065ff8346c3bcd3e1e8586b935ffbe51bb7e8e3be3dabbe1c645b2

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: 2eec01c25ad7c8cdd2001cc1644bfa62
date: Wed, 09 Dec 2020 04:17:57 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: ecabe21ffecba7893373e706373be9c1-2eec01c25ad7c8cdd2001cc1644bfa62-150
x-serial: 1939
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5168443
last-modified: Tue, 08 Dec 2020 23:58:57 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 2135
expires: Sat, 06 Feb 2021 23:58:40 GMT

GET
H2 200 b50a2c14efc9bbcae44bc01e61e106e3
content.api.news/v3/images/bin/ 23 KB
23 KB 391ms
71ms Image
image/jpeg 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/b50a2c14efc9bbcae44bc01e61e106e3?width=650
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-88-36.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: b74acd33765c08e56b6b1f03da8a3819a1df20b1fa2da2e36d1a7f9d354dfaa7

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: b50a2c14efc9bbcae44bc01e61e106e3
date: Wed, 09 Dec 2020 04:17:57 GMT
last-modified: Wed, 09 Dec 2020 03:01:51 GMT
server: Akamai Image Manager
etag: 49de895e1d96aceb7dfb4b5aeefaa4a5-b50a2c14efc9bbcae44bc01e61e106e3-650
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5179322
access-control-allow-headers: x-newsapi-api-key
content-length: 23579
expires: Sun, 07 Feb 2021 02:59:59 GMT

GET
H2 200 edec2bff807bd7a2688b44a7bb4f5932
content.api.news/v3/images/bin/ 37 KB
37 KB 35ms
34ms Image
image/jpeg 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/edec2bff807bd7a2688b44a7bb4f5932?width=650
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-88-36.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 3259889b4030e1026d500565c0fc1b65401e9c1cbf4365dfe46c55fd6ffbb366

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: edec2bff807bd7a2688b44a7bb4f5932
date: Wed, 09 Dec 2020 04:17:57 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 1aec6b9f2004d999650dbb36113d3646-edec2bff807bd7a2688b44a7bb4f5932-650
x-serial: 1957
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5170288
last-modified: Wed, 09 Dec 2020 00:29:16 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 37511
expires: Sun, 07 Feb 2021 00:29:25 GMT

GET
H2 200 MASTER_Aquisition_LargeMP_2020offer.png
origin.go.heraldsun.com.au/wp-content/uploads/2020/11/ 155 KB
156 KB 55ms
34ms Image
image/png 2a04:fa87:fffd::c000:42d0
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://origin.go.heraldsun.com.au/wp-content/uploads/2020/11/MASTER_Aquisition_LargeMP_2020offer.png
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:42d0 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 6474d56348e7fd4196787cc15b0c60da2d0520e541c336c71ecbcfeb8be42899

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 04:17:57 GMT
x-rq: ams8 109 83 443
last-modified: Mon, 30 Nov 2020 09:12:50 GMT
server: nginx
etag: "b1ad3589acadbdc9"
x-cache: HIT
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 159222
expires: Tue, 30 Nov 2021 09:32:11 GMT

GET
H2 200 rea-logo-v4.png
s1.rui.au.reastatic.net/rui-static/img/ 8 KB
9 KB 41ms
6ms Image
image/png 2600:9000:206f:c00:1e:c291:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.rui.au.reastatic.net/rui-static/img/rea-logo-v4.png
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:c00:1e:c291:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d1bcc188f481bacf1d9ab4df424b1e041f10f45c85183d38bd2c079f0566dbda

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 03:25:47 GMT
via: 1.1 7778e859490081303ab32e0feeba8515.cloudfront.net (CloudFront)
last-modified: Fri, 11 Aug 2017 05:25:43 GMT
server: AmazonS3
age: 1644731
etag: "7fb1763135890cdfa60dcb405cd51572"
x-cache: Hit from cloudfront
x-amz-version-id: itrxET0Vrz4We1UVf0nZMlYhOyBF2D8w
cache-control: max-age=20221025
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: image/png
content-length: 8533
x-amz-cf-id: yZ8JvlaIjB0Yn4JWhsQtgWLoY94ZHIf7fGVkKOi9LFgsYDjqxtqEjQ==

GET
H/1.1 200
OK games.svg
news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/ 4 KB
5 KB 1204ms
312ms Image
image/svg+xml 52.95.134.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/games.svg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.134.222 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: e04775740ec8b9db7622970f707a9bf458ebb5385fc1d6a414312447f8e71ab7

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 09 Dec 2020 04:17:59 GMT
Last-Modified: Thu, 05 Nov 2020 03:40:33 GMT
Server: AmazonS3
x-amz-request-id: 92365ED1D4AB5227
ETag: "2fa79b1c302fa407df95b287a47e01bc"
Content-Type: image/svg+xml
x-amz-version-id: mY_fhaFXa9wAEjGJ51huxNeB77eQfnyv
Accept-Ranges: bytes
Content-Length: 4533
x-amz-id-2: z9LWQdj1ER58Bic4BjEZmUiVcgiObO5GEWXrwCrQ0KCF0sFc8s8HxXJtacj5goonixpYZlSvZZE=

GET
H/1.1 200
OK sudoku.svg
news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/ 5 KB
5 KB 1200ms
309ms Image
image/svg+xml 52.95.134.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/sudoku.svg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.134.222 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: ef5fa8602198232e4f3704cf1dc886cb295af0f9906b0c9d63777b5f49852b84

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 09 Dec 2020 04:17:59 GMT
Last-Modified: Thu, 05 Nov 2020 03:40:33 GMT
Server: AmazonS3
x-amz-request-id: 230C93B28CB3AD57
ETag: "f980b48900de5e5e318ca4e3530b2d75"
Content-Type: image/svg+xml
x-amz-version-id: EnoeaZvtrAcNuP4vk_X8AB6oSBROL97r
Accept-Ranges: bytes
Content-Length: 5207
x-amz-id-2: jWtfEtVSrhTovyBgGr7b7A6b4IhUTX2LfV2T9444N+kjIN6eVecyFZrM6kOJ53SL+K/fGD2uw20=

GET
H/1.1 200
OK NCHRS_thumb.jpg
s3-ap-southeast-2.amazonaws.com/t3-resources/prod/publications/smedia/NEWSCORPTITLES/ 22 KB
22 KB 1222ms
312ms Image
image/jpeg 52.95.132.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-ap-southeast-2.amazonaws.com/t3-resources/prod/publications/smedia/NEWSCORPTITLES/NCHRS_thumb.jpg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.227 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 796946758f534f8ce84f03a606a2e491cad0092aea5aee3a59c24eb1dcfb4f7c

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 09 Dec 2020 04:17:59 GMT
Last-Modified: Tue, 08 Dec 2020 16:52:26 GMT
Server: AmazonS3
x-amz-request-id: 8DA4E977476F298A
ETag: "0bdb8a354f504e9e55b7fea4ff888e36"
Content-Type: image/jpeg
x-amz-version-id: Hk9JCM4QonXSU6mlDLpZeMy7GElkh3cv
Accept-Ranges: bytes
Content-Length: 22530
x-amz-id-2: HgAYHQEEhAVUCW1z4qhCLM6GdyCOoUV6roHFziYnyR6kPH1tylHPoUpJJBmUso6JH6FO4vL5ulc=

GET
H2 200 heraldsun-white.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 8 KB
3 KB 32ms
30ms Image
image/svg+xml 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun-white.svg

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 04:17:57 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 2891
x-rq: ewr4 116 149 3106
last-modified: Fri, 04 Dec 2020 16:00:47 GMT
server: nginx
etag: W/"5fca5d2f-1e5e"
vary: User-Agent
content-type: image/svg+xml
cache-control: max-age=2491595
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Thu, 07 Jan 2021 00:24:32 GMT

GET
H2 200 js-critical-desktop.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 6 KB
3 KB 125ms
124ms Script
application/x-javascript 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

58216d07697cb268f0b30bd5963a1515dd4ee3b5b185151bdb99d041f0fa73fc

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 04:17:57 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 2444
x-rq: ewr4 113 21 3101
last-modified: Wed, 02 Dec 2020 23:12:02 GMT
server: nginx
etag: W/"5fc81f42-173a"
vary: User-Agent
content-type: application/x-javascript
cache-control: max-age=40
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Wed, 09 Dec 2020 04:18:37 GMT

GET
H/1.1 200
OK title-arrow.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 540 B
1 KB 76ms
24ms Image
image/svg+xml 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow.svg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=7b33bdb693ee05575cb97324035c1442-1607487475
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 09 Dec 2020 04:17:57 GMT
Last-Modified: Wed, 16 Sep 2020 23:56:43 GMT
Server: AmazonS3
x-amz-request-id: 4R7K4V2MCP8N6R9R
ETag: "4d7595f832e4962b83a9428c3723233b"
Access-Control-Allow-Methods: GET,POST
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=127149
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 540
x-amz-id-2: yFp+J8podmJKYyKRfQ/R6sCdmNKmc7oSxu2WJJo8l7sTrFyLYOhTILB0ssSzjaQiADalzLa82Ug=
Expires: Thu, 10 Dec 2020 15:37:06 GMT

GET
H/1.1 200
OK charter_bold_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 12 KB
13 KB 118ms
25ms Font
binary/octet-stream 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold_italic.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=7b33bdb693ee05575cb97324035c1442-1607487475
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 09 Dec 2020 04:17:57 GMT
Last-Modified: Fri, 25 Sep 2020 03:04:51 GMT
Server: AmazonS3
x-amz-request-id: EE3D21683166F96F
ETag: "da48b0752549dabb4675d82412c9cd2d"
Access-Control-Allow-Methods: GET,POST
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=413938
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12440
x-amz-id-2: BGzA4H6MhiNFsVMRHnDid7w0RneCV9f+L69FdEMmbqtC5J6BXqShCVeo7uP6Jum7BVtWfb2VAeI=
Expires: Sun, 13 Dec 2020 23:16:55 GMT

GET
H/1.1 200
OK source-sans-pro-regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 16 KB
16 KB 119ms
27ms Font
binary/octet-stream 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-regular.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=7b33bdb693ee05575cb97324035c1442-1607487475
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 09 Dec 2020 04:17:57 GMT
Last-Modified: Tue, 01 Sep 2020 04:31:33 GMT
Server: AmazonS3
x-amz-request-id: 34B4778288C88CAA
ETag: "899c8f78ce650d4009d42443897aa723"
Access-Control-Allow-Methods: GET,POST
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=252283
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16112
x-amz-id-2: 0V9i/JC3jV0uO9z1+RHGizGZNe8ea4s0M3lvOab3o97ikLfxhLYoNjWrU3t9GbdAE8O37bCHHcA=
Expires: Sat, 12 Dec 2020 02:22:40 GMT

GET
H/1.1 200
OK source-sans-pro-600.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 16 KB
16 KB 120ms
28ms Font
binary/octet-stream 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-600.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=7b33bdb693ee05575cb97324035c1442-1607487475
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 09 Dec 2020 04:17:57 GMT
Last-Modified: Tue, 22 Sep 2020 06:30:09 GMT
Server: AmazonS3
x-amz-request-id: B9F079BFD69B8BC1
ETag: "c85615b296302af51e683eecb5e371d4"
Access-Control-Allow-Methods: GET,POST
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=356405
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15948
x-amz-id-2: DPCyCCKT0juTREQMOkBTQL82bK8sJ1cHlMUrULDEc9V9ZluCRM4RuSFSdOhDVMhG9DNYyK1s4MM=
Expires: Sun, 13 Dec 2020 07:18:02 GMT

GET
H/1.1 200
OK charter_bold.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 11 KB
12 KB 117ms
26ms Font
binary/octet-stream 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=7b33bdb693ee05575cb97324035c1442-1607487475
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 09 Dec 2020 04:17:57 GMT
Last-Modified: Fri, 25 Sep 2020 03:04:51 GMT
Server: AmazonS3
x-amz-request-id: 03A09A05F9B00284
ETag: "c4ced7adf03d84494a6c1da275896d38"
Access-Control-Allow-Methods: GET,POST
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=419707
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11472
x-amz-id-2: 7SgQOtE5DXd+yw+muGSpBKQgUFNdC0N34VLuVoyrpGsNX+GQQMChOOxitD5N1YsghRlU3RgeUFw=
Expires: Mon, 14 Dec 2020 00:53:04 GMT

GET
H/1.1 200
OK charter_regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 11 KB
12 KB 116ms
26ms Font
binary/octet-stream 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_regular.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=7b33bdb693ee05575cb97324035c1442-1607487475
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 09 Dec 2020 04:17:57 GMT
Last-Modified: Fri, 25 Sep 2020 03:04:51 GMT
Server: AmazonS3
x-amz-request-id: 4N2W2Y6HDY8Z3Q2W
ETag: "29e85ea235248e0a7761df4fe6643e1a"
Access-Control-Allow-Methods: GET,POST
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=535971
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11372
x-amz-id-2: Z1HhaEEhR+4SW45rFV+SZJ/QiklrgDUhrbvWmFxzzpa1Kifm2MvbbI9Ateo09sYRHNLYlfgsmGM=
Expires: Tue, 15 Dec 2020 09:10:48 GMT

GET
H/1.1 200
OK title-arrow-white.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 535 B
1 KB 74ms
23ms Image
image/svg+xml 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow-white.svg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=7b33bdb693ee05575cb97324035c1442-1607487475
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 09 Dec 2020 04:17:57 GMT
Last-Modified: Thu, 17 Sep 2020 00:28:25 GMT
Server: AmazonS3
x-amz-request-id: BX6X5G9GEK1G9M4M
ETag: "b0f5ec7455ded53e84de4fee006a5110"
Access-Control-Allow-Methods: GET,POST
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=100255
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 535
x-amz-id-2: DaJA+c3KcMZ/NSCnfYFtodFhl20AOf2rAAm9dMwdtqM4FPtgkxYVKxyt+50eW/YJb1+mPpYz97g=
Expires: Thu, 10 Dec 2020 08:08:52 GMT

GET
H2 200 load.js Show response
widget.perfectmarket.com/newscorpau-aud-heraldsun/ 3 KB
2 KB 230ms
183ms Script
application/javascript 151.101.13.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/newscorpau-aud-heraldsun/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c6b30be9e2ecab19294bbf313c1b95df4ef35c8299bbabfd6e4ec67d95a12376

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 7clDTlv1b9nqXkJZmi.ciVRIswky16L3
content-encoding: gzip
etag: "1a868d280f9424f5d82876d6cf0c46b9"
age: 0
x-cache: HIT, MISS
content-length: 1123
x-amz-id-2: P6cX/FrmZL5YjZoWtCDsvSFZXayWB+VeM7dPhE5idHpHUWW2uCWQ8Op7QTl0TAn+0KXy1LaBzos=
x-served-by: cache-lax10640-LGB, cache-fra19147-FRA
last-modified: Tue, 07 Apr 2020 10:39:09 GMT
server: AmazonS3
x-timer: S1607487478.880417,VS0,VE161
date: Wed, 09 Dec 2020 04:17:58 GMT
vary: Accept-Encoding,,
x-amz-request-id: 6F6C4EBDE4F10B15
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 0

GET
H2 200 impl.20201129-9-RELEASE.js Show response
cdn.taboola.com/libtrc/ 449 KB
104 KB 21ms
21ms Script
application/javascript 199.232.57.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20201129-9-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.57.44 Windsor, United Kingdom, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 57401860e9af6c4ffccc7684a885c156af441747151ac5fda5342ab704df0898

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: AsWZCvTsnT2XhpJHrL8fjPD.D5VECsGn
content-encoding: br
etag: "e1c86c541d13fc549fc03c9f01895b8e"
age: 23757
x-cache: HIT
content-length: 105670
x-amz-id-2: ojGm3yFF9C4eFzKM0dKZmmvIOD6IjfOpPkMzfwK6CKCp2UmEV+5yP++v2Ky0qyMjEL0UfJNAeLQ=
x-served-by: cache-lon4226-LON
last-modified: Sun, 29 Nov 2020 13:39:12 GMT
server: AmazonS3-br
x-timer: S1607487478.833843,VS0,VE0
date: Wed, 09 Dec 2020 04:17:57 GMT
vary: Accept-Encoding
x-amz-request-id: 022D0ACDF9D8B1BD
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 22
x-cache-hits: 22110

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 67ms
22ms Script
application/x-javascript 95.101.55.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.55.60 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-55-60.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 09 Dec 2020 04:17:57 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Thu, 10 Dec 2020 04:17:57 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.6.3/css/ 52 KB
13 KB 61ms
28ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 04:17:57 GMT
content-encoding: gzip
last-modified: Thu, 20 Dec 2018 17:45:13 GMT
server: NetDNA-cache/2.2
etag: W/"dc93d584e41f8417f6b7163320d34329"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 json Show response
trc.taboola.com/newscorpau-aud-heraldsun/trc/3/ 3 KB
2 KB 275ms
273ms XHR
application/javascript 199.232.57.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/newscorpau-aud-heraldsun/trc/3/json?tim=05%3A17%3A57.933&lti=deflated&data=%7B%22id%22%3A936%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1606659333631%2C%22vi%22%3A1607487477909%2C%22cv%22%3A%2220201129-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A9687%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-midrail-native%3Aabp%3D0%22%2C%22uip%22%3A%22Desktop%20Mid%20Rail%20Home%20Native%22%2C%22orig_uip%22%3A%22Desktop%20Mid%20Rail%20Home%20Native%22%2C%22cd%22%3A1493.109375%2C%22mw%22%3A194%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CDesktop%20Mid%20Rail%20Home%20Native%3Dthumbnails-midrail-native%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201129-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.57.44 Windsor, United Kingdom, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4eb5376d066d64af7dd010e808753247ab04b6c58a8b91f6505db88af2b0ab2d

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 253
date: Wed, 09 Dec 2020 04:17:58 GMT
content-encoding: gzip
server: nginx
x-timer: S1607487478.947751,VS0,VE253
x-served-by: cache-lon4226-LON
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.heraldsun.com.au
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 rampart.js Show response
www.heraldsun.com.au/remote/identity/rampart/latest/ 248 KB
78 KB 135ms
134ms Script
application/x-javascript 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

27ad1c0be127da20f7b68c8e868d9a1fa6ade3308786d297a24a5651faa32a38

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: AkamaiNetStorage
etag: "f1b190419095215938ba092e3e98262e:1606882430.472598"
vary: User-Agent, Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=822
date: Wed, 09 Dec 2020 04:17:58 GMT
is-https: true
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Wed, 09 Dec 2020 04:31:40 GMT

GET
H2 200 js-metro-desktop-lazy.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 45 KB
14 KB 138ms
138ms Script
application/x-javascript 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

93b175796385750b38fd82e8e644a731aa51296a1a405fae8a12907be3e9eb39

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 04:17:58 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 14195
x-rq: ewr4 113 181 3106
last-modified: Mon, 23 Nov 2020 02:17:39 GMT
server: nginx
etag: W/"5fbb1bc3-b347"
vary: User-Agent
content-type: application/x-javascript
cache-control: max-age=16
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Wed, 09 Dec 2020 04:18:14 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1607487477957&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%2...
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1607487477957&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%...

0
528 B

35ms
22ms

Image
text/plain

95.101.55.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1607487477957&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9=&cs_ak_ss=1
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.55.60 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-55-60.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Dec 2020 04:17:58 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1607487477957&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Wed, 09 Dec 2020 04:17:57 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1607487477957&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=ht...
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1607487477957&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=h...

0
528 B

22ms
22ms

Image
text/plain

95.101.55.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1607487477957&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9=&cs_ak_ss=1
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.55.60 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-55-60.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Dec 2020 04:17:58 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1607487477957&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Wed, 09 Dec 2020 04:17:58 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET

/
heraldsun.digitaleditions.com.au/
Redirect Chain

https://www.heraldsun.com.au/digitalprinteditions
https://idp.news.com.au/idp/services/generatetoken?target=HeraldSun&url=http%3A%2F%2Fheraldsun.digitaleditions.com.au%2F
http://heraldsun.digitaleditions.com.au/

0
0

GET
H2 200 /
www.heraldsun.com.au/tributes/ 0
31 KB 1365ms
1364ms Other
text/html 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/tributes/

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx/1.12.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
etag: "871466673cea2ed2cc0bb37b29d0850c"
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-subscribed: False
is-https: true
x-forwarded-proto: https
x-device: desktop
x-ua-compatible: IE=edge,chrome=1
x-arrrg5: BlaizeHappened
server: nginx/1.12.1
date: Wed, 09 Dec 2020 04:17:59 GMT
vary: User-Agent, Accept-Encoding
x-varnish: 173418575 161403925
access-control-allow-origin: http://heraldsun.finda.production.apnarm.net.au
cache-control: max-age=157
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2ftributes%2f&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=&session=7b33bdb693ee05575cb97324035c1442
content-length: 30164
content-type: text/html; charset=utf-8
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Wed, 09 Dec 2020 04:20:36 GMT

GET
H2 200 /
www.heraldsun.com.au/subscribe/news/1/ 0
1 KB 146ms
146ms Other
text/html 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/subscribe/news/1/?int_medium=display&int_source=site-link&int_campaign=acq_onsite_login&int_content=link&sourceCode=HSWEB_ONS538

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date: Wed, 09 Dec 2020 04:17:58 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=1513
is-https: true
ssl: yes
content-length: 912
expires: Wed, 09 Dec 2020 04:43:11 GMT

GET
H2 200 /
www.heraldsun.com.au/ 0
60 KB 1974ms
1974ms Other
text/html 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 119 85 3122
server: nginx
date: Wed, 09 Dec 2020 04:18:00 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Wed, 09 Dec 2020 04:18:00 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2f&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=&session=7b33bdb693ee05575cb97324035c1442
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 leader
www.heraldsun.com.au/ 0
61 KB 1934ms
1933ms Other
text/html 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/leader

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 113 43 3167
server: nginx
date: Wed, 09 Dec 2020 04:18:00 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Wed, 09 Dec 2020 04:18:00 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fleader&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=leader&session=7b33bdb693ee05575cb97324035c1442
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 victoria
www.heraldsun.com.au/news/ 0
48 KB 2035ms
2034ms Other
text/html 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/news/victoria

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 113 203 3271
server: nginx
date: Wed, 09 Dec 2020 04:18:00 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Wed, 09 Dec 2020 04:18:00 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fvictoria&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=victoria&session=7b33bdb693ee05575cb97324035c1442
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 national
www.heraldsun.com.au/news/ 0
50 KB 1278ms
1277ms Other
text/html 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/news/national

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
content-length: 50095
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 114 53 3172
server: nginx
date: Wed, 09 Dec 2020 04:18:01 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Wed, 09 Dec 2020 04:18:01 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fnational&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=national&session=7b33bdb693ee05575cb97324035c1442
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 world
www.heraldsun.com.au/news/ 0
53 KB 1246ms
1246ms Other
text/html 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/news/world

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 112 216 3099
server: nginx
date: Wed, 09 Dec 2020 04:18:01 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Wed, 09 Dec 2020 04:18:01 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fworld&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=world&session=7b33bdb693ee05575cb97324035c1442
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 opinion
www.heraldsun.com.au/news/ 0
52 KB 1114ms
1112ms Other
text/html 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/news/opinion

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 115 233 3111
server: nginx
date: Wed, 09 Dec 2020 04:18:01 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Wed, 09 Dec 2020 04:18:01 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fopinion&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=opinion&session=7b33bdb693ee05575cb97324035c1442
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 business
www.heraldsun.com.au/ 0
50 KB 1096ms
1094ms Other
text/html 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/business

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 114 88 3108
server: nginx
date: Wed, 09 Dec 2020 04:18:01 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Wed, 09 Dec 2020 04:18:01 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fbusiness&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=business&session=7b33bdb693ee05575cb97324035c1442
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 entertainment
www.heraldsun.com.au/ 0
50 KB 1090ms
1090ms Other
text/html 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/entertainment

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
content-length: 49627
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 114 88 3108
server: nginx
date: Wed, 09 Dec 2020 04:18:01 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Wed, 09 Dec 2020 04:18:01 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fentertainment&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=entertainment&session=7b33bdb693ee05575cb97324035c1442
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 lifestyle
www.heraldsun.com.au/ 0
48 KB 987ms
987ms Other
text/html 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/lifestyle

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
content-length: 47607
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 116 215 3094
server: nginx
date: Wed, 09 Dec 2020 04:18:01 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Wed, 09 Dec 2020 04:18:01 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2flifestyle&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=lifestyle&session=7b33bdb693ee05575cb97324035c1442
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2

200

sport
www.heraldsun.com.au/
Redirect Chain

https://www.heraldsun.com.au/sport
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fsport
https://www.heraldsun.com.au/sport

0
66 KB

1555ms
1554ms

Other
text/html

104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/sport

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 119 85 3122
server: nginx
date: Wed, 09 Dec 2020 04:18:03 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Wed, 09 Dec 2020 04:18:03 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fsport&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=sport&session=7b33bdb693ee05575cb97324035c1442
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Redirect headers

pragma: no-cache
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: AkamaiNetStorage
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
etag: "8222bdfdf08f1a28312e7d161218ff2d:1551324797"
vary: User-Agent
content-type: text/html
location: https://www.heraldsun.com.au/sport
cache-control: max-age=0, no-cache, no-store
date: Wed, 09 Dec 2020 04:18:01 GMT
is-https: true
content-length: 154
expires: Wed, 09 Dec 2020 04:18:01 GMT

GET
H2

200

/
www.heraldsun.com.au/subscribe/news/1/
Redirect Chain

https://www.heraldsun.com.au/entertainment/confidential/sacked-showbiz-how-being-fired-fuelled-molloys-success/news-story/9e117ea97ab37c0b48ada7ed8fe6b0eb
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fentertainment%2Fconfidential%2Fsacked-showbiz-how-being-fired-fuelled-molloys-succ...

0
1 KB

133ms
133ms

Other
text/html

104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fentertainment%2Fconfidential%2Fsacked-showbiz-how-being-fired-fuelled-molloys-success%2Fnews-story%2F9e117ea97ab37c0b48ada7ed8fe6b0eb&memtype=anonymous&mode=premium

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date: Wed, 09 Dec 2020 04:18:01 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=2005
is-https: true
ssl: yes
content-length: 912
expires: Wed, 09 Dec 2020 04:51:26 GMT

Redirect headers

date: Wed, 09 Dec 2020 04:18:01 GMT
server: AkamaiGHost
x-arrrg5: BlaizeHappened
vary: User-Agent
location: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fentertainment%2Fconfidential%2Fsacked-showbiz-how-being-fired-fuelled-molloys-success%2Fnews-story%2F9e117ea97ab37c0b48ada7ed8fe6b0eb&memtype=anonymous&mode=premium
expires: Wed, 09 Dec 2020 04:18:01 GMT
cache-control: max-age=0
is-https: true
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fentertainment%2fconfidential%2fsacked-showbiz-how-being-fired-fuelled-molloys-success%2fnews-story%2f9e117ea97ab37c0b48ada7ed8fe6b0eb&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=9e117ea97ab37c0b48ada7ed8fe6b0eb&session=7b33bdb693ee05575cb97324035c1442
content-length: 0
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2

200

/
www.heraldsun.com.au/subscribe/news/1/
Redirect Chain

https://www.heraldsun.com.au/news/opinion/rita-panahi/rita-panahi-pandering-to-woke-wooden-heads-destroys-joyous-national-holiday/news-story/b151c13e550f5f6402955cee89a82f74
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fopinion%2Frita-panahi%2Frita-panahi-pandering-to-woke-wooden-heads-destroys...

0
1 KB

952ms
951ms

Other
text/html

104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fopinion%2Frita-panahi%2Frita-panahi-pandering-to-woke-wooden-heads-destroys-joyous-national-holiday%2Fnews-story%2Fb151c13e550f5f6402955cee89a82f74&memtype=anonymous&mode=premium

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date: Wed, 09 Dec 2020 04:18:02 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=3600
is-https: true
ssl: yes
content-length: 912
expires: Wed, 09 Dec 2020 05:18:02 GMT

Redirect headers

date: Wed, 09 Dec 2020 04:18:01 GMT
server: AkamaiGHost
x-arrrg5: BlaizeHappened
vary: User-Agent
location: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fopinion%2Frita-panahi%2Frita-panahi-pandering-to-woke-wooden-heads-destroys-joyous-national-holiday%2Fnews-story%2Fb151c13e550f5f6402955cee89a82f74&memtype=anonymous&mode=premium
expires: Wed, 09 Dec 2020 04:18:01 GMT
cache-control: max-age=0
is-https: true
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fopinion%2frita-panahi%2frita-panahi-pandering-to-woke-wooden-heads-destroys-joyous-national-holiday%2fnews-story%2fb151c13e550f5f6402955cee89a82f74&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=b151c13e550f5f6402955cee89a82f74&session=7b33bdb693ee05575cb97324035c1442
content-length: 0
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2

200

0e6555cca4633bae7721fff4c3b15cbb
www.heraldsun.com.au/sport/afl/afl-draft-2020-indicative-picks-order-key-questions-answered/news-story/
Redirect Chain

https://www.heraldsun.com.au/sport/afl/afl-draft-2020-indicative-picks-order-key-questions-answered/news-story/0e6555cca4633bae7721fff4c3b15cbb
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fsport%2fafl%2fafl-draft-2020-indicative-picks-order-key-questions-answered%2fnews-story%2f0e6555cca463...
https://www.heraldsun.com.au/sport/afl/afl-draft-2020-indicative-picks-order-key-questions-answered/news-story/0e6555cca4633bae7721fff4c3b15cbb

0
44 KB

752ms
751ms

Other
text/html

104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/sport/afl/afl-draft-2020-indicative-picks-order-key-questions-answered/news-story/0e6555cca4633bae7721fff4c3b15cbb

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 114 24 3104
server: nginx
date: Wed, 09 Dec 2020 04:18:03 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Wed, 09 Dec 2020 04:18:03 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fsport%2fafl%2fafl-draft-2020-indicative-picks-order-key-questions-answered%2fnews-story%2f0e6555cca4633bae7721fff4c3b15cbb&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=0e6555cca4633bae7721fff4c3b15cbb&session=7b33bdb693ee05575cb97324035c1442
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Redirect headers

pragma: no-cache
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: AkamaiNetStorage
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
etag: "8222bdfdf08f1a28312e7d161218ff2d:1551324797"
vary: User-Agent
content-type: text/html
location: https://www.heraldsun.com.au/sport/afl/afl-draft-2020-indicative-picks-order-key-questions-answered/news-story/0e6555cca4633bae7721fff4c3b15cbb
cache-control: max-age=0, no-cache, no-store
date: Wed, 09 Dec 2020 04:18:02 GMT
is-https: true
content-length: 154
expires: Wed, 09 Dec 2020 04:18:02 GMT

GET
H2

200

4d9ee1a182214d0cf3ce3756582cda9a
www.heraldsun.com.au/sport/afl/afl-draft-2020-live-time-order-start-and-how-to-watch/live-coverage/
Redirect Chain

https://www.heraldsun.com.au/sport/afl/afl-draft-2020-live-time-order-start-and-how-to-watch/live-coverage/4d9ee1a182214d0cf3ce3756582cda9a
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fsport%2fafl%2fafl-draft-2020-live-time-order-start-and-how-to-watch%2flive-coverage%2f4d9ee1a182214d0c...
https://www.heraldsun.com.au/sport/afl/afl-draft-2020-live-time-order-start-and-how-to-watch/live-coverage/4d9ee1a182214d0cf3ce3756582cda9a

0
56 KB

1402ms
1401ms

Other
text/html

104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/sport/afl/afl-draft-2020-live-time-order-start-and-how-to-watch/live-coverage/4d9ee1a182214d0cf3ce3756582cda9a

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 115 229 3098
server: nginx
date: Wed, 09 Dec 2020 04:18:03 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Wed, 09 Dec 2020 04:18:03 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fsport%2fafl%2fafl-draft-2020-live-time-order-start-and-how-to-watch%2flive-coverage%2f4d9ee1a182214d0cf3ce3756582cda9a&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=4d9ee1a182214d0cf3ce3756582cda9a&session=7b33bdb693ee05575cb97324035c1442
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Redirect headers

pragma: no-cache
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: AkamaiNetStorage
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
etag: "8222bdfdf08f1a28312e7d161218ff2d:1551324797"
vary: User-Agent
content-type: text/html
location: https://www.heraldsun.com.au/sport/afl/afl-draft-2020-live-time-order-start-and-how-to-watch/live-coverage/4d9ee1a182214d0cf3ce3756582cda9a
cache-control: max-age=0, no-cache, no-store
date: Wed, 09 Dec 2020 04:18:01 GMT
is-https: true
content-length: 154
expires: Wed, 09 Dec 2020 04:18:01 GMT

GET
H2

200

afl
www.heraldsun.com.au/sport/
Redirect Chain

https://www.heraldsun.com.au/sport/afl
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fsport%2fafl
https://www.heraldsun.com.au/sport/afl

0
59 KB

1263ms
1263ms

Other
text/html

104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/sport/afl

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 112 216 3099
server: nginx
date: Wed, 09 Dec 2020 04:18:03 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Wed, 09 Dec 2020 04:18:03 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fsport%2fafl&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=afl&session=7b33bdb693ee05575cb97324035c1442
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Redirect headers

pragma: no-cache
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: AkamaiNetStorage
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
etag: "8222bdfdf08f1a28312e7d161218ff2d:1551324797"
vary: User-Agent
content-type: text/html
location: https://www.heraldsun.com.au/sport/afl
cache-control: max-age=0, no-cache, no-store
date: Wed, 09 Dec 2020 04:18:01 GMT
is-https: true
content-length: 154
expires: Wed, 09 Dec 2020 04:18:01 GMT

GET
H2 200 news
www.heraldsun.com.au/sport/afl/ 0
50 KB 1467ms
1467ms Other
text/html 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/sport/afl/news

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
content-length: 49676
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 119 89 3095
server: nginx
date: Wed, 09 Dec 2020 04:18:03 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Wed, 09 Dec 2020 04:18:03 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fsport%2fafl%2fnews&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=news&session=7b33bdb693ee05575cb97324035c1442
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2

200

/
www.heraldsun.com.au/subscribe/news/1/
Redirect Chain

https://www.heraldsun.com.au/sport/afl/news/afl-draft-2020-how-the-first-25-picks-may-fall/news-story/945935dd2a361ba1f84ca8bc2f6f37c9
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Fafl%2Fnews%2Fafl-draft-2020-how-the-first-25-picks-may-fall%2Fnews-story%2...

0
1 KB

132ms
131ms

Other
text/html

104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Fafl%2Fnews%2Fafl-draft-2020-how-the-first-25-picks-may-fall%2Fnews-story%2F945935dd2a361ba1f84ca8bc2f6f37c9&memtype=anonymous&mode=premium

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date: Wed, 09 Dec 2020 04:18:03 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=3588
is-https: true
ssl: yes
content-length: 912
expires: Wed, 09 Dec 2020 05:17:51 GMT

Redirect headers

date: Wed, 09 Dec 2020 04:18:03 GMT
server: AkamaiGHost
x-arrrg5: BlaizeHappened
vary: User-Agent
location: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Fafl%2Fnews%2Fafl-draft-2020-how-the-first-25-picks-may-fall%2Fnews-story%2F945935dd2a361ba1f84ca8bc2f6f37c9&memtype=anonymous&mode=premium
expires: Wed, 09 Dec 2020 04:18:03 GMT
cache-control: max-age=0
is-https: true
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fsport%2fafl%2fnews%2fafl-draft-2020-how-the-first-25-picks-may-fall%2fnews-story%2f945935dd2a361ba1f84ca8bc2f6f37c9&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=945935dd2a361ba1f84ca8bc2f6f37c9&session=7b33bdb693ee05575cb97324035c1442
content-length: 0
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2

200

/
www.heraldsun.com.au/subscribe/news/1/
Redirect Chain

https://www.heraldsun.com.au/sport/afl/afl-draft-2020-dossier-interactive-profiles-stats-and-draft-range-on-all-the-top-prospects-from-around-the-country/news-story/b6eff3e0139aed53c9867837030577cb
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Fafl%2Fafl-draft-2020-dossier-interactive-profiles-stats-and-draft-range-on...

0
1 KB

124ms
124ms

Other
text/html

104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Fafl%2Fafl-draft-2020-dossier-interactive-profiles-stats-and-draft-range-on-all-the-top-prospects-from-around-the-country%2Fnews-story%2Fb6eff3e0139aed53c9867837030577cb&memtype=anonymous&mode=premium

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date: Wed, 09 Dec 2020 04:18:03 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=3404
is-https: true
ssl: yes
content-length: 912
expires: Wed, 09 Dec 2020 05:14:47 GMT

Redirect headers

date: Wed, 09 Dec 2020 04:18:03 GMT
server: AkamaiGHost
x-arrrg5: BlaizeHappened
vary: User-Agent
location: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Fafl%2Fafl-draft-2020-dossier-interactive-profiles-stats-and-draft-range-on-all-the-top-prospects-from-around-the-country%2Fnews-story%2Fb6eff3e0139aed53c9867837030577cb&memtype=anonymous&mode=premium
expires: Wed, 09 Dec 2020 04:18:03 GMT
cache-control: max-age=0
is-https: true
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fsport%2fafl%2fafl-draft-2020-dossier-interactive-profiles-stats-and-draft-range-on-all-the-top-prospects-from-around-the-country%2fnews-story%2fb6eff3e0139aed53c9867837030577cb&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=b6eff3e0139aed53c9867837030577cb&session=7b33bdb693ee05575cb97324035c1442
content-length: 0
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2

200

/
www.heraldsun.com.au/subscribe/news/1/
Redirect Chain

https://www.heraldsun.com.au/sport/afl/western-bulldogs-believes-drafting-jamarra-uglehagan-will-attract-more-indigenous-players-to-whitten-oval/news-story/ea5f87cf0dfae34752b94b36d7024de7
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Fafl%2Fwestern-bulldogs-believes-drafting-jamarra-uglehagan-will-attract-mo...

0
1 KB

38ms
37ms

Other
text/html

104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Fafl%2Fwestern-bulldogs-believes-drafting-jamarra-uglehagan-will-attract-more-indigenous-players-to-whitten-oval%2Fnews-story%2Fea5f87cf0dfae34752b94b36d7024de7&memtype=anonymous&mode=premium

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date: Wed, 09 Dec 2020 04:18:03 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=1182
is-https: true
ssl: yes
content-length: 912
expires: Wed, 09 Dec 2020 04:37:45 GMT

Redirect headers

date: Wed, 09 Dec 2020 04:18:03 GMT
server: AkamaiGHost
x-arrrg5: BlaizeHappened
vary: User-Agent
location: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Fafl%2Fwestern-bulldogs-believes-drafting-jamarra-uglehagan-will-attract-more-indigenous-players-to-whitten-oval%2Fnews-story%2Fea5f87cf0dfae34752b94b36d7024de7&memtype=anonymous&mode=premium
expires: Wed, 09 Dec 2020 04:18:03 GMT
cache-control: max-age=0
is-https: true
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fsport%2fafl%2fwestern-bulldogs-believes-drafting-jamarra-uglehagan-will-attract-more-indigenous-players-to-whitten-oval%2fnews-story%2fea5f87cf0dfae34752b94b36d7024de7&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=ea5f87cf0dfae34752b94b36d7024de7&session=7b33bdb693ee05575cb97324035c1442
content-length: 0
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 coronavirus
www.heraldsun.com.au/ 0
47 KB 2062ms
2060ms Other
text/html 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/coronavirus

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
content-length: 47183
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 112 151 3108
server: nginx
date: Wed, 09 Dec 2020 04:18:05 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Wed, 09 Dec 2020 04:18:05 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fcoronavirus&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=coronavirus&session=7b33bdb693ee05575cb97324035c1442
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 f6a63a991df8badb07dfaac4d0c3684a
www.heraldsun.com.au/coronavirus/rolling-coverage-six-symptomatic-travellers-tested-for-coronavirus-second-hot-hotel-to-stay-closed-for-another-week/news-story/ 0
42 KB 2067ms
2065ms Other
text/html 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/coronavirus/rolling-coverage-six-symptomatic-travellers-tested-for-coronavirus-second-hot-hotel-to-stay-closed-for-another-week/news-story/f6a63a991df8badb07dfaac4d0c3684a

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
content-length: 41544
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 112 153 3222
server: nginx
date: Wed, 09 Dec 2020 04:18:05 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Wed, 09 Dec 2020 04:18:05 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fcoronavirus%2frolling-coverage-six-symptomatic-travellers-tested-for-coronavirus-second-hot-hotel-to-stay-closed-for-another-week%2fnews-story%2ff6a63a991df8badb07dfaac4d0c3684a&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=f6a63a991df8badb07dfaac4d0c3684a&session=7b33bdb693ee05575cb97324035c1442
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 education
www.heraldsun.com.au/ 0
50 KB 2061ms
2061ms Other
text/html 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/education

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
content-length: 49851
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 113 245 3125
server: nginx
date: Wed, 09 Dec 2020 04:18:05 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Wed, 09 Dec 2020 04:18:05 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2feducation&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=education&session=7b33bdb693ee05575cb97324035c1442
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2

200

/
www.heraldsun.com.au/subscribe/news/1/
Redirect Chain

https://www.heraldsun.com.au/education/sacked-st-kevins-college-teacher-allegedly-stroked-students-cheek/news-story/b281a90af80766d699de8a25b479fbc5
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Feducation%2Fsacked-st-kevins-college-teacher-allegedly-stroked-students-cheek%2Fne...

0
1 KB

43ms
43ms

Other
text/html

104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Feducation%2Fsacked-st-kevins-college-teacher-allegedly-stroked-students-cheek%2Fnews-story%2Fb281a90af80766d699de8a25b479fbc5&memtype=anonymous&mode=premium

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date: Wed, 09 Dec 2020 04:18:04 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=2537
is-https: true
ssl: yes
content-length: 912
expires: Wed, 09 Dec 2020 05:00:21 GMT

Redirect headers

date: Wed, 09 Dec 2020 04:18:03 GMT
server: AkamaiGHost
x-arrrg5: BlaizeHappened
vary: User-Agent
location: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Feducation%2Fsacked-st-kevins-college-teacher-allegedly-stroked-students-cheek%2Fnews-story%2Fb281a90af80766d699de8a25b479fbc5&memtype=anonymous&mode=premium
expires: Wed, 09 Dec 2020 04:18:03 GMT
cache-control: max-age=0
is-https: true
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2feducation%2fsacked-st-kevins-college-teacher-allegedly-stroked-students-cheek%2fnews-story%2fb281a90af80766d699de8a25b479fbc5&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=b281a90af80766d699de8a25b479fbc5&session=7b33bdb693ee05575cb97324035c1442
content-length: 0
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 breaking-news
www.heraldsun.com.au/ 0
50 KB 1590ms
1590ms Other
text/html 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/breaking-news

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 115 246 3103
server: nginx
date: Wed, 09 Dec 2020 04:18:05 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Wed, 09 Dec 2020 04:18:05 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fbreaking-news&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=breaking-news&session=7b33bdb693ee05575cb97324035c1442
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 8e53856dba75e4fb9e621da8811b235a
www.heraldsun.com.au/breaking-news/teenager-18-arrested-by-counter-terrorism-police-in-albury/news-story/ 0
37 KB 1450ms
1449ms Other
text/html 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/breaking-news/teenager-18-arrested-by-counter-terrorism-police-in-albury/news-story/8e53856dba75e4fb9e621da8811b235a

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
content-length: 36683
x-xss-protection: 1
pragma: no-cache
x-rq: ewr4 116 215 3094
server: nginx
date: Wed, 09 Dec 2020 04:18:05 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Wed, 09 Dec 2020 04:18:05 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fbreaking-news%2fteenager-18-arrested-by-counter-terrorism-police-in-albury%2fnews-story%2f8e53856dba75e4fb9e621da8811b235a&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=8e53856dba75e4fb9e621da8811b235a&session=7b33bdb693ee05575cb97324035c1442
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 pmk-202003261.4.js Show response
widget.perfectmarket.com/newscorpau-aud-heraldsun/ 111 KB
30 KB 23ms
23ms Script
application/javascript 151.101.13.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/newscorpau-aud-heraldsun/pmk-202003261.4.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/newscorpau-aud-heraldsun/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f6f9b28ce46bc46d6dc12b7a3e09437e46b159144cf7ea835cfd4702cad05ad8

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: vvUnpxiCp2d1vGKAsSzC893juA9_vk_J
content-encoding: gzip
etag: "b7fcedf037c57085d364b689ca46f32e"
age: 9423489
x-cache: HIT, HIT
content-length: 30954
x-amz-id-2: TG49UWLSXX/7JOu+pu/KWBF6lPU+j/sA4SNskqAGNRvS7P8ejY6LRwed0jVXlMerBXwRC25qwP8=
x-served-by: cache-lax8623-LAX, cache-fra19147-FRA
last-modified: Tue, 07 Apr 2020 10:39:09 GMT
server: AmazonS3
x-timer: S1607487478.066148,VS0,VE1
date: Wed, 09 Dec 2020 04:17:58 GMT
vary: Accept-Encoding,,
x-amz-request-id: 9758181B46377FE5
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 1

GET
H2 200 authorize
login.newscorpaustralia.com/ Frame 21C9 0
0 384ms
319ms Document
text/html 184.24.22.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=ckL43SJG4477nQv7Q3po3DT0D9.u7s~V&nonce=uRMCSbrxXKe5c00bA1BluYBJl17pCP8w&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.24.22.132 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-22-132.deploy.static.akamaitechnologies.com

Software

openresty /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: login.newscorpaustralia.com
:scheme: https
:path: /authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=ckL43SJG4477nQv7Q3po3DT0D9.u7s~V&nonce=uRMCSbrxXKe5c00bA1BluYBJl17pCP8w&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

server: openresty
content-type: text/html;charset=UTF-8
ot-tracer-spanid: 2737728d421d1f5a
ot-tracer-traceid: 46e8f807479e78f1
ot-tracer-sampled: true
ot-baggage-auth0-request-id: 22077-1607487478.365-23.55.162.137-1458-490033142-9-0.000
x-auth0-requestid: cc1b5081fc03e60a093e
x-ratelimit-limit: 1000
x-ratelimit-remaining: 999
x-ratelimit-reset: 1607487479
content-encoding: gzip
strict-transport-security: max-age=31536000
x-akamai-transformed: 9 535 0 pmb=mTOE,3
expires: Wed, 09 Dec 2020 04:17:58 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 09 Dec 2020 04:17:58 GMT
content-length: 840
vary: Accept-Encoding
set-cookie: did=s%3Av0%3A84cbd420-39d5-11eb-b88d-07a4d7147384.YbBiaqFWCJ1NlFzNK0tV3wBG0qewVNQZMQabvvqO1Ls; Max-Age=31557600; Path=/; Expires=Thu, 09 Dec 2021 10:17:58 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A84cbd420-39d5-11eb-b88d-07a4d7147384.YbBiaqFWCJ1NlFzNK0tV3wBG0qewVNQZMQabvvqO1Ls; Max-Age=31557600; Path=/; Expires=Thu, 09 Dec 2021 10:17:58 GMT; HttpOnly; Secure ak_bmsc=DD523E307D9C1418F1B090BC6F8CDEAA17D5A0C7825C0000F64FD05F629B9666~plLMxJTq09Z31KreiNFHnoSc5NP6QWh966M3QhXi+lsqg2dP9Vrgo3n7v3C/Ai8ghog0mqnmigYX7DP6Pzpvom06TuwrLG7yh6HwUH0wezym/3VTAx8Krx/EJrRiIrEquRMi8cQBZc/y+FORSUgIfOLy6FXX2xUgyI/eesSEqpKI9Pa5x1IBxJiDPK0DYE0aULsI9w8ScLQYB6fxycRUHmhd9snaN3stcOZRg2nTuN6E5FjW9f7H0eCGADE7Kizn6N; expires=Wed, 09 Dec 2020 06:17:58 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=4BD76C0F251940C9A670031CE1E3B818~KrMOOPC+BhHwWNj1z0CSfrxMrUd9FBkaT+oSJQUEfmEGedGpff3ErRrrb2OxxBXanc61zHxpFzvuTeG94a7Z98UmYv5pwO3OEv8MHu/71SOXDIXJtsOrVau2GrqNxW2jDO60ps3XGhMtQpIk2ELrqNktRwtBVFnin4UZnxHu3SQlGOH93VXSaqcJ5BgQrIKfnjdiG7CaQOHSUrL+t2YRE5ZUNdGzuejLvofFKrAqSA9QEsdQZ5lUd+B4uEbdeZQV; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=678C4B033559C4F7EDBAEC79D01539B4~YAAQx6DVFzE3qSB2AQAA8Vq4RQoLxCFgdbZBxY2psxyeBIOm2fw7JAQMNn0okqDLQs0KIQOghA6NCelG7q2n0pQeSqinqvISA9KxyxNYBYiVPRFkRmidrYyuGqENrzC0OHwTbDiogxazrqgr1cwOLHT0MLw0wxAiVkhu+CCC9QjwALxBgmzBfzIR8s2ow2OsWD91dZf/EfvsS7M=; Domain=.newscorpaustralia.com; Path=/; Expires=Wed, 09 Dec 2020 08:17:58 GMT; Max-Age=14400; HttpOnly _abck=ED0D808E82295D26427EB29C045231FA~-1~YAAQx6DVFzI3qSB2AQAA8Vq4RQWDpqyo+WJHj7BIbZqXyTLTi6RK4IVHknZ+p5aTLDGAQ4bFOtDljZ//Gu9zJFtZGljprIKyncD4i9QH9DUq9e+En0mSYBAHSI6lVXJkzel78q2WCncaIc/7CMgi0KyOzD8boWbeSFX9jXXE5FTMr1jK0P++H7AMt0jyo4ybli/U2fu+py4OoaMgl7dsGlR/P9jTwVzuw6Czg7W0HxcPdTCFiAVhK0X3Vvo3VYQz9jUujJvjcgCx3jdVpMfU3MFHn9GzAsy5uyMVG892jfEASMJydejFSTJtdmm5laQcCs5zpno=~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Thu, 09 Dec 2021 04:17:58 GMT; Max-Age=31536000; Secure

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 3 KB
1 KB 183ms
133ms Script
application/x-javascript 23.8.6.251
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.sync.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.8.6.251 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a23-8-6-251.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 91d684c672c0a1dfd501546262b91d820d8c25bf5ff2968605c50123b5ebffe6

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 04:17:58 GMT
content-encoding: gzip
last-modified: Tue, 24 Nov 2020 00:03:34 GMT
server: AkamaiNetStorage
etag: "5f72e6468427e025c6b5dca9f8b47f95:1606176214.729874"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 1234
expires: Wed, 09 Dec 2020 04:22:58 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 70 KB
19 KB 57ms
57ms Script
application/x-javascript 23.8.6.251
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.8.6.251 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a23-8-6-251.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6cdc46bd741ea434a62afefedad537b39f6ca9b52aea4f5828a2b2f27c419882

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 04:17:58 GMT
content-encoding: gzip
last-modified: Tue, 24 Nov 2020 00:03:32 GMT
server: AkamaiNetStorage
etag: "2a1443c2f1e11b73ae7adcc42370eb38:1606176211.994101"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 18834
expires: Wed, 09 Dec 2020 04:22:58 GMT

GET
H2 200 indies-loader.js Show response
ts2020-indies-client.web.app/ 7 KB
3 KB 87ms
16ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://ts2020-indies-client.web.app/indies-loader.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1136fd8d6ff6f21847aab9abfab903a5a0e2f26a6f621f34af563def44ceb81c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
last-modified: Thu, 17 Sep 2020 07:41:38 GMT
x-timer: S1607487478.327811,VS0,VE0
etag: "16a0649956d88d08059c392d3f4b3b1b1b6ee7a364d1e3444626bf6439417ed3-br"
x-served-by: cache-ams21033-AMS
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Wed, 09 Dec 2020 04:17:58 GMT
accept-ranges: bytes
content-length: 2338
x-cache-hits: 1

GET
H2 200 js-vidora-client.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 6 KB
3 KB 133ms
131ms Script
application/x-javascript 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

2ba257240ffc08c6b68d4bca0a95796e0244b065df669aaa532f81064f4673b4

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 04:17:58 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 2885
x-rq: bom2 118 117 3092
last-modified: Sun, 22 Nov 2020 23:27:33 GMT
server: nginx
etag: W/"5fbaf3e5-19e5"
vary: User-Agent
content-type: application/x-javascript
cache-control: max-age=33
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Wed, 09 Dec 2020 04:18:31 GMT

GET
H2 200 comments-count Show response
mhr.talk.news.com.au/api/v1/ 1 KB
1 KB 1315ms
1231ms Fetch
application/json 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mhr.talk.news.com.au/api/v1/comments-count?ids=4d9ee1a182214d0cf3ce3756582cda9a,945935dd2a361ba1f84ca8bc2f6f37c9,b6eff3e0139aed53c9867837030577cb,ea5f87cf0dfae34752b94b36d7024de7,f6a63a991df8badb07dfaac4d0c3684a,d5fa1f146364861b4962a95fe5d0eb50,3a7cb4aac61b281321680c02d792f966,deba077c7569b328911ff9333fa6ac9d,3b86ab11f4e38655870aa573689726af,b58629ed24589ad11ea3f4b4eb2e5ad3,327325791e2a7a04bc80348ffebe12cc,039bc73ddf0baaa324aae33fbcc07017,c8a684fa0c974c69e054d699324e3ece,a8e0b4429e1326aad1d6040d0522063b,987a971b387e5de567d92523964b2272,3bd3b29269f96f1d0a5a74e55c936b1e,4308cb946638225cd8c3e9e644214a0c,79e056068800e5b8b3af921906b14f8b,1e7addc68182c38bfb7a6624771750f2,040034876bfc3866620422169007ac2d,1e5e9e89114371f4da029747fdfd948c,319d43b5c3c2ecdd5e934fe91cb3e495,400d06a4270b7ee8caa26e16e3acf40f,b2ee3725ff4ad1abdb81e0468d36575a,b151c13e550f5f6402955cee89a82f74,26777233807c811207e8529b6227465e,58f3801d2b04a4e2aa0662aae70c577d,13736db0bdb5aebfd45b1246161cf257,b2987ec6aaed660a1f1865a9a7a8a790,bdf8a4dcec269707490e48ca586fe4c6,9e117ea97ab37c0b48ada7ed8fe6b0eb,9aae9e7e85e4ea838e64e13236e8ef49,bbb7e5455260a19f7dda449e10f54e87,386a17181664551d7144fdccd9b50650,17b570ad603a15ac744aeafbc0e95796,e10f9282f918ee557d81b4cc20dc391b,94b11cedf4a8ac7b80f64027ff86f537,83b456121a908ed85a64eaead71e0fe9,6a6391b1dd041d483440d5de1fc5628d

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx/1.16.1 /

Resource Hash

351e32db125128071b5cefa2c61c68176d3307bcc4741356ab9c37e2b74d0582

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.16.1
etag: W/"5ba-E073BkLTbQ84hOku2tvpkh9D7SU"
x-download-options: noopen
x-dns-prefetch-control: off
content-type: application/json; charset=utf-8
access-control-allow-origin: *
date: Wed, 09 Dec 2020 04:17:59 GMT
x-talk-trace-id: 8556d610-39d5-11eb-b3ea-29c30447a9af
vary: Accept-Encoding
content-length: 828
x-xss-protection: 1; mode=block

GET
H2 200 3000 Show response
www.heraldsun.com.au/wp-json/api/weather/ 2 KB
2 KB 139ms
138ms Fetch
application/json 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-json/api/weather/3000

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-36.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

adf44fce7bd61faaedf33a405c6b7048cb4f6e35e5a915f11bf1ba65d72da19b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-type-options: nosniff
is-https: true
content-length: 1639
x-rq: ewr4 113 245 3125
allow: GET
expires: Wed, 09 Dec 2020 04:18:28 GMT
server: nginx
date: Wed, 09 Dec 2020 04:17:58 GMT
vary: User-Agent
content-type: application/json; charset=UTF-8
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
cache-control: max-age=30
x-robots-tag: noindex
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 290770c640fe38a0990ef3737e09186b
content.api.news/v3/images/bin/ 5 KB
6 KB 960ms
960ms Image
image/jpeg 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/290770c640fe38a0990ef3737e09186b?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-88-36.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 76ed278799c70d65970d395d083738f3a24c6d90d9a00324323120a40ec8329c

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: 290770c640fe38a0990ef3737e09186b
date: Wed, 09 Dec 2020 04:17:59 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 3dcded8010391c3a53c1cf57d1aeb2fb-290770c640fe38a0990ef3737e09186b-150
x-serial: 1124
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5183935
last-modified: Wed, 09 Dec 2020 04:17:34 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 5571
expires: Sun, 07 Feb 2021 04:16:54 GMT

GET
H2 200 08f02c9bfa90f9d855a69d7fab449b52
content.api.news/v3/images/bin/ 4 KB
5 KB 40ms
40ms Image
image/jpeg 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/08f02c9bfa90f9d855a69d7fab449b52?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-88-36.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: c4ab088565b86231459d4b94bf85c93543664f8f457e128f651f756558b6d81e

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: 08f02c9bfa90f9d855a69d7fab449b52
date: Wed, 09 Dec 2020 04:17:58 GMT
last-modified: Wed, 09 Dec 2020 00:11:42 GMT
server: Akamai Image Manager
etag: d8af456edd9128ea4f8b2d3d1e7d8523-08f02c9bfa90f9d855a69d7fab449b52-150
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5169142
access-control-allow-headers: x-newsapi-api-key
content-length: 4312
expires: Sun, 07 Feb 2021 00:10:20 GMT

GET
H2 200 a6bdbd7b3d96cfcba99c0e129af866c2
content.api.news/v3/images/bin/ 5 KB
5 KB 41ms
41ms Image
image/jpeg 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/a6bdbd7b3d96cfcba99c0e129af866c2?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-88-36.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 48937a453d0749f5bbb23ed50d3f77843dfd2944a8660fc74374e223412a4308

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: a6bdbd7b3d96cfcba99c0e129af866c2
date: Wed, 09 Dec 2020 04:17:58 GMT
last-modified: Tue, 08 Dec 2020 23:10:26 GMT
server: Akamai Image Manager
etag: e779c329151f7125ccb5fb220dee1c49-a6bdbd7b3d96cfcba99c0e129af866c2-150
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5165361
access-control-allow-headers: x-newsapi-api-key
content-length: 5191
expires: Sat, 06 Feb 2021 23:07:19 GMT

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ 23 KB
5 KB 21ms
20ms Script
application/javascript 199.232.57.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201129-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.57.44 Windsor, United Kingdom, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fe5c6e8d5d904fde8658aa207e0b0ad25206d993e9a0f114c5faa0390c1ec14f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 5kVHdVZ6jhj14v9ayeqH4XJV7vV0Kv71
content-encoding: gzip
etag: "adadd290e28882ab8fcbc82db81d04ea"
age: 4301
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4433
x-amz-id-2: 9HIaM99YYN9F/iXUzvLsTHi2/kEJmHvoKPFHhsiq+h48f1KU2BH1nRE3ZhQ8NXSg9DGlMF/vTFI=
x-served-by: cache-lon4226-LON
last-modified: Thu, 03 Dec 2020 11:05:58 GMT
server: AmazonS3
x-timer: S1607487478.231630,VS0,VE0
date: Wed, 09 Dec 2020 04:17:58 GMT
vary: Accept-Encoding
x-amz-request-id: 2BC6CE159FAB98E9
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 35
x-cache-hits: 1642

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 3 KB
966 B 22ms
21ms Stylesheet
text/css 199.232.57.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201129-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.57.44 Windsor, United Kingdom, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2cb57515497d75f4345929ae896c87c21f27d609aed94fb83f857e5b96f9835

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: tcahAQL7SM5vHmChLog9xryayd2KNhUu
content-encoding: gzip
etag: "9e155136143a96e23a99757df9aa3cc8"
age: 10621
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 728
x-amz-id-2: /N1J7AfE/tuMlwvojP9pet0cUrGZCZzxvvFBgmyQMgDtBDoORGEzJaUiiHdztwHXd+NWSlkJk44=
x-served-by: cache-lon4226-LON
last-modified: Sun, 15 Nov 2020 09:20:35 GMT
server: AmazonS3
x-timer: S1607487478.231654,VS0,VE0
date: Wed, 09 Dec 2020 04:17:58 GMT
vary: Accept-Encoding
x-amz-request-id: C3EB127F20B264A8
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 35
x-cache-hits: 3842

GET
H2

200

rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame DEE5
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=c5b8a9fd-274a-4bc4-8451-75997f0eed2a
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=c5b8a9fd-274a-4bc4-8451-75997f0eed2a&tbid=36110344-25e2-4040-989e-cb2bf8fca7c3-tuct6c9d575&query=taboola_hm%3Dc5b8a9fd-274a-...

0
147 B

77ms
31ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=c5b8a9fd-274a-4bc4-8451-75997f0eed2a&tbid=36110344-25e2-4040-989e-cb2bf8fca7c3-tuct6c9d575&query=taboola_hm%3Dc5b8a9fd-274a-4bc4-8451-75997f0eed2a&isDirect=0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 04:17:58 GMT
via: 1.1 varnish
server: nginx
x-timer: S1607487479.565510,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19145-FRA

Redirect headers

location: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=c5b8a9fd-274a-4bc4-8451-75997f0eed2a&tbid=36110344-25e2-4040-989e-cb2bf8fca7c3-tuct6c9d575&query=taboola_hm%3Dc5b8a9fd-274a-4bc4-8451-75997f0eed2a&isDirect=0
tbl-x-upstream: 10.41.24.10:10213
date: Wed, 09 Dec 2020 04:17:58 GMT
server: nginx
x-fastly-to-nlb-rtt: 1774

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame DEE5 0
239 B 93ms
23ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/gif

GET
H2

204

/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame DEE5
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=Nte4Wgy9hHJQ&ev=1&orig=trc&pid=562107

0
217 B

16ms
16ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=Nte4Wgy9hHJQ&ev=1&orig=trc&pid=562107
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.111:10213
date: Wed, 09 Dec 2020 04:17:58 GMT
server: nginx
x-fastly-to-nlb-rtt: 4818

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=Nte4Wgy9hHJQ&ev=1&orig=trc&pid=562107
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-659d447f4f-q5gj7
expires: -1

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame DEE5 43 B
693 B 50ms
15ms Image
image/gif 185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.241 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Dec 2020 04:17:58 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 732.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.116:80
AN-X-Request-Uuid: 3829b33c-231f-4727-8fbf-a4e9f8158871
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame DEE5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc=
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEOsr84_ZJQGrTwh0MfCyquM&google_cver=1

0
228 B

30ms
29ms

Image
text/plain

199.232.57.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEOsr84_ZJQGrTwh0MfCyquM&google_cver=1
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.57.44 Windsor, United Kingdom, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Wed, 09 Dec 2020 04:17:58 GMT
via: 1.1 varnish
server: nginx
x-timer: S1607487479.731724,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-lon4226-LON

Redirect headers

pragma: no-cache
date: Wed, 09 Dec 2020 04:17:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEOsr84_ZJQGrTwh0MfCyquM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Pug
simage2.pubmatic.com/AdServer/ Frame DEE5 42 B
885 B 66ms
16ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=36110344-25e2-4040-989e-cb2bf8fca7c3-tuct6c9d575:$UID
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Wed, 09 Dec 2020 04:17:58 GMT
X-lat: Pug22046:0:483
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame DEE5
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=36110344-25e2-4040-989e-cb2bf8fca7c3-tuct6c9d575
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=0&gdpr_consent=&google_hm=36110344-25e2-4040-989e-cb2bf8fca7c3-tuct6c9d575&google_tc=

170 B
201 B

50ms
35ms

Image
image/png

2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=0&gdpr_consent=&google_hm=36110344-25e2-4040-989e-cb2bf8fca7c3-tuct6c9d575&google_tc=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 04:17:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 09 Dec 2020 04:17:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=0&gdpr_consent=&google_hm=36110344-25e2-4040-989e-cb2bf8fca7c3-tuct6c9d575&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 376
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame DEE5
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=0abd0dc2-d2b5-443c-85d1-7f9dfe899c67

0
55 B

29ms
29ms

Image
text/plain

199.232.57.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=0abd0dc2-d2b5-443c-85d1-7f9dfe899c67
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.57.44 Windsor, United Kingdom, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Wed, 09 Dec 2020 04:17:58 GMT
via: 1.1 varnish
server: nginx
x-timer: S1607487479.811546,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-lon4226-LON

Redirect headers

pragma: no-cache
date: Wed, 09 Dec 2020 04:17:58 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=0abd0dc2-d2b5-443c-85d1-7f9dfe899c67
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame DEE5
Redirect Chain

https://ce.lijit.com/merge?pid=42&3pid=36110344-25e2-4040-989e-cb2bf8fca7c3-tuct6c9d575&us_privacy=&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=42&3pid=36110344-25e2-4040-989e-cb2bf8fca7c3-tuct6c9d575&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

0
433 B

17ms
17ms

Image
text/plain

216.52.2.19
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=42&3pid=36110344-25e2-4040-989e-cb2bf8fca7c3-tuct6c9d575&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Dec 2020 04:17:58 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 09 Dec 2020 04:17:58 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=42&3pid=36110344-25e2-4040-989e-cb2bf8fca7c3-tuct6c9d575&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame DEE5 49 B
333 B 89ms
89ms Image
image/gif 198.148.27.139
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=36110344-25e2-4040-989e-cb2bf8fca7c3-tuct6c9d575

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-659d447f4f-q5gj7
expires: -1

GET
H2

200

rtb-h
sync.taboola.com/sg/storygize-network/1/ Frame DEE5
Redirect Chain

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=36110344-25e2-4040-989e-cb2bf8fca7c3-tuct6c9d575
https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301

0
227 B

16ms
15ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.41.24.10:10213
date: Wed, 09 Dec 2020 04:17:59 GMT
server: nginx
x-fastly-to-nlb-rtt: 11066

Redirect headers

Location: https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
Pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
Connection: keep-alive
P3P: CP ALL ADM DEV PSAi COM OUR OTRo STP IND ONL
Content-Length: 0
expires: 0

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame DEE5 43 B
697 B 358ms
119ms Image
image/gif 199.187.193.192
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=36110344-25e2-4040-989e-cb2bf8fca7c3-tuct6c9d575&gdpr=0&gdpr_consent=
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.192 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 04:17:58 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame DEE5 42 B
233 B 268ms
88ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=281&r=%2F%2Fsync.taboola.com%2Fsg%2Fadkernelrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%7BUID%7D
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 Garden City, United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Dec 2020 04:17:59 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2 200 put
e1.emxdgt.com/ Frame DEE5 43 B
124 B 115ms
24ms Image
image/gif 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d41&uid=36110344-25e2-4040-989e-cb2bf8fca7c3-tuct6c9d575
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 04:17:58 GMT
content-length: 43
x-nosync: emp
content-type: image/gif

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame DEE5
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=90eedcc1-f29e-40d0-84cb-c22a17e86277

0
226 B

17ms
15ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=90eedcc1-f29e-40d0-84cb-c22a17e86277
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.40.20.11:10213
date: Wed, 09 Dec 2020 04:17:59 GMT
server: nginx
x-fastly-to-nlb-rtt: 9609

Redirect headers

pragma: no-cache
x-errorlevel: 0
date: Wed, 09 Dec 2020 04:17:58 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=90eedcc1-f29e-40d0-84cb-c22a17e86277
cache-control: no-cache
server-processing-duration-in-ticks: 1843
content-type: text/html; charset=utf-8
content-length: 222
expires: Wed, 09 Dec 2020 00:00:00 GMT

GET
H/1.1

200

6.gif
id5-sync.com/c/464/108/2/ Frame DEE5
Redirect Chain

https://id5-sync.com/s/464/9.gif?puid=36110344-25e2-4040-989e-cb2bf8fca7c3-tuct6c9d575&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
https://id5-sync.com/c/464/464/7/1.gif?puid=36110344-25e2-4040-989e-cb2bf8fca7c3-tuct6c9d575&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOiDT19jGDiGpJPm7YI2s-DeecOAq2Mvi8M_wQ1w&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOiDT19jGDiGpJPm7YI2s-DeecOAq2Mvi8M_wQ1w&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp...
https://id5-sync.com/cq/464/124/6/2.gif?puid=14fb72b9-2e53-4ded-8a06-586fbdca537c&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://id5-sync.com/c/464/19/5/3.gif?puid=ee7d2452a06503a6657b50f70e223641&gdpr=1&gdpr_consent=
https://target.digitalaudience.io/bakery/sync/d?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F21%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/464/21/4/4.gif?puid=6db4dfcce3464d58a80df139d65a0731&gdpr=1&gdpr_consent=
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/464/101/3/5.gif?puid=2ae5ebb2-a99d-4b0c-94a2-637b05094c16&gdpr=1&gdpr_consent=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gd...
https://id5-sync.com/c/464/108/2/6.gif?puid=863f8861-39d5-11eb-a599-e2dd7f45358e&gdpr=1&gdpr_consent=

43 B
1 KB

23ms
22ms

Image
image/gif

54.36.109.46
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/464/108/2/6.gif?puid=863f8861-39d5-11eb-a599-e2dd7f45358e&gdpr=1&gdpr_consent=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.109.46 , Germany, ASN16276 (OVH, FR),

Reverse DNS

p01.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 09 Dec 2020 04:17:59 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

date: Wed, 09 Dec 2020 04:18:00 GMT
via: 1.1 google
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://id5-sync.com/c/464/108/2/6.gif?puid=863f8861-39d5-11eb-a599-e2dd7f45358e&gdpr=1&gdpr_consent=
alt-svc: clear
content-length: 0

GET
H2

204

rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame DEE5
Redirect Chain

https://s.c.appier.net/taboola
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=UHeZ_y7OCk2YR24k90_QXw

0
218 B

16ms
15ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=UHeZ_y7OCk2YR24k90_QXw
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.40.20.14:10213
date: Wed, 09 Dec 2020 04:17:59 GMT
server: nginx
x-fastly-to-nlb-rtt: 13853

Redirect headers

location: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=UHeZ_y7OCk2YR24k90_QXw
date: Wed, 09 Dec 2020 04:17:59 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 110
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame DEE5 35 B
380 B 1307ms
101ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-ServerName: Track002-dc3
Pragma: no-cache
Date: Wed, 09 Dec 2020 04:17:24 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H/1.1 204
No Content /
cds.taboola.com/ Frame DEE5 0
123 B 271ms
88ms Image
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cds.taboola.com/?uid=36110344-25e2-4040-989e-cb2bf8fca7c3-tuct6c9d575&_r=1068926
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 09 Dec 2020 04:17:59 GMT
Cache-Control: no-store
Server: nginx
Connection: close

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame DEE5
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola
https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola
https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=15d8f24a-187e-48f0-addf-4fccad4f1560&ssp=taboola&user_group=1
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=6f57b2e2-997e-476a-8c23-1db9106bbb13

0
227 B

16ms
15ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=6f57b2e2-997e-476a-8c23-1db9106bbb13
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.40.20.11:10213
date: Wed, 09 Dec 2020 04:17:59 GMT
server: nginx
x-fastly-to-nlb-rtt: 15579

Redirect headers

location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=6f57b2e2-997e-476a-8c23-1db9106bbb13
date: Wed, 09 Dec 2020 04:17:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 204 debug
trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/ 0
275 B 17ms
16ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/debug?tim=05%3A17%3A58.223&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbnails-midrail-native&id=1785&cv=20201129-9-RELEASE&lt=deflated&pct=1
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 04:17:59 GMT
server: nginx
x-fastly-to-nlb-rtt: 8624
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.40.20.11:10213

GET
H2 204 social
trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/ 0
407 B 16ms
16ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/social?route=AM:AM:V&tvi2=2614&lti=deflated&ri=cff503f678d4b484b71509c774604ce9&sd=v2_2a17861ecab300631ca6c601d82d93f9_36110344-25e2-4040-989e-cb2bf8fca7c3-tuct6c9d575_1607487477_1607487477_CIi3jgYQgPNHGJWx4a3kLiABKAEwoQE4l-oLQJ2XEEjZ2tgDUP___________wFYAGAAaOKmqpGyrZficA&ui=36110344-25e2-4040-989e-cb2bf8fca7c3-tuct6c9d575&pi=/&wi=873729681997272865&pt=home&vi=1607487477909&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=05%3A17%3A58.231&id=6068&llvl=1&cv=20201129-9-RELEASE&
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 04:17:59 GMT
server: nginx
x-fastly-to-nlb-rtt: 7772
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.40.0.111:10213

GET
H2 200 utrack.js Show response
tags.news.com.au/prod/utrack/ 2 KB
1 KB 24ms
23ms Script
application/x-javascript 104.79.88.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/utrack/utrack.js?cb=16074874782520.4186352112463734
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.79.88.147 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-88-147.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7eab82ead1480897c3dedd5c6b4ef4ec553efacdca1ce23c3acd6bd8e9621046

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 04:17:58 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "ab4f3fe7c5c43b61d4377ef72d3952fa:1558613430"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=0, no-cache, no-store
content-type: application/x-javascript
content-length: 832
expires: Wed, 09 Dec 2020 04:17:58 GMT

GET
H2 200 mitas.js Show response
tags.news.com.au/prod/mitas/ 666 B
905 B 23ms
22ms Script
application/x-javascript 104.79.88.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/mitas/mitas.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.79.88.147 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-88-147.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 04:17:58 GMT
cache-control: max-age=62769
server: AkamaiNetStorage
content-type: application/x-javascript
etag: "83a2bbd4d3829f1d4278f4ff0988804c:1490850995"
content-length: 666
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"

GET
H2 200 B7670439;dcadv=4149947;sz=1x2;ord=640101175629.0571 Show response
ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/ 16 KB
6 KB 102ms
49ms Script
text/javascript 172.217.22.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=640101175629.0571?

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s17-in-f6.1e100.net

Software

cafe /

Resource Hash

5b2921328386190cc0c7577424ddc04c663a70f40b867f2f675ccecf1f88919c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 04:17:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5816
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 69 KB
23 KB 14ms
14ms Script
application/x-javascript 2600:9000:2104:5800:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:5800:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 06e9f93163cce0aa6698b5dbdd52d0ea860a91aa75e80d724051e67e6f0304f3

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 04:10:38 GMT
content-encoding: gzip
last-modified: Wed, 14 Oct 2020 02:30:03 GMT
server: nginx
age: 440
etag: W/"5f8662ab-112ec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 682270ef163d219cc7a50d1af232b97f.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: J-Sfztcud-ZKnMJVg6fNbyijdjvvi93016AZT3kngp1TIP_UNRWl7A==
expires: Wed, 09 Dec 2020 06:10:38 GMT

GET
H2 200 metrics.js Show response
tags.news.com.au/prod/metrics/ 177 KB
61 KB 43ms
42ms Script
application/x-javascript 104.79.88.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/metrics/metrics.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.79.88.147 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-88-147.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 120be8f5d061203ea26fd4bd2043201d6f06a7fce30cd7104e01c5dfafb48cd7

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 04:17:58 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "032ddabb406fd4179075624c01a76c5d:1606693368.080684"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=69968
content-type: application/x-javascript

GET
H2 200 tad.js Show response
tags.news.com.au/prod/tad/ 98 KB
29 KB 30ms
28ms Script
application/x-javascript 104.79.88.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/tad/tad.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.79.88.147 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-88-147.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7e4f4a23ed7a74e87caf199cb84e638f233d01a7aaa7c29b45862ed87747937f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 04:17:58 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "8c0ff937b016970cfd1482c4456bc986:1607318432.694058"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=72976
content-type: application/x-javascript
content-length: 29229

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 55 KB
19 KB 84ms
31ms Script
text/javascript 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

sffe /

Resource Hash

60377038b9f5f1ad14093f3b8916221809cd740f76553807aecfa6fe2d10d684

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 04:17:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "718 / 329 of 1000 / last-modified: 1607469089"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18974
x-xss-protection: 0
expires: Wed, 09 Dec 2020 04:17:59 GMT

GET
H2 200 prebid.js Show response
tags.news.com.au/prod/prebid/ 327 KB
98 KB 55ms
54ms Script
application/x-javascript 104.79.88.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/prebid/prebid.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.79.88.147 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-88-147.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b748ce6a5a5ea9c905bca2845dab6456c5232bead14b02fca00864562e98bfda

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 04:17:58 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "079b5880b9ed74f5d265d6b9199a2e85:1601422697.718452"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=58425
content-type: application/x-javascript

GET
H2 200 nielsen.js Show response
tags.news.com.au/prod/nielsen/ 21 KB
9 KB 25ms
24ms Script
application/x-javascript 104.79.88.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.79.88.147 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-88-147.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4b80ab49cca418a05255ac5b92d063e739e028a005581148e2da1864e08618dc

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 04:17:58 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "08f1a2bd351d21b2a8846d3a3e389576:1604537083.086393"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=56121
content-type: application/x-javascript
content-length: 8663

GET
H2

200

v60.js Show response
cdn-gl.imrworldwide.com/
Redirect Chain

https://secure-gl.imrworldwide.com/v60.js
https://cdn-gl.imrworldwide.com/v60.js

21 KB
7 KB

26ms
9ms

Script
application/javascript

2600:9000:21f3:7600:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/v60.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:7600:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 75481bc06d1b02e50fd1cc921a7838e3af6caa9b8c0745b50182ebf29f195e20

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 08 Dec 2020 19:40:09 GMT
content-encoding: gzip
last-modified: Mon, 12 Oct 2020 13:35:53 GMT
server: AmazonS3
age: 31071
etag: W/"cc7339d315e5ab16597dd66d153a0e7e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: .KrDWJ6YcsmnfI6j8sx8eWw9CjCealBE
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: d9Yv6G9fcZHwm4CXxA7PmjkTpTyzXNp8On1rC-CxT75gv5-skIWezg==

Redirect headers

date: Wed, 09 Dec 2020 04:17:59 GMT
via: 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)
server: awselb/2.0
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
content-type: text/html
location: https://cdn-gl.imrworldwide.com:443/v60.js
content-length: 134
x-amz-cf-id: TycB3TD-AJqDDU0CpTmX2jb185qM5l0A4gVqhWBbEbUFwfdDl67XMg==

GET
H/1.1 200
OK ncg.js Show response
au.tags.newscgp.com/prod/ncg/ 155 KB
48 KB 116ms
24ms Script
text/javascript 13.35.254.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.254.127 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 53c25ccb7181178c52c32fdf5e58a55d730bbfe8e45db600886adfb33d88411b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 09 Dec 2020 03:57:10 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Thu, 05 Nov 2020 07:14:18 GMT
Server: AmazonS3
Age: 1249
ETag: "ae1b1b3c735b9c3894bc20532056e9de"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc3.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA6-C1
X-Amz-Cf-Id: RwDmQSjOMI67NxUHV2_YP94_47QYe3p2QIouEnvqNmj9yZPHnENPbg==

GET
H2 200 utag.975.js Show response
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 3 KB
1 KB 23ms
23ms Script
application/x-javascript 23.8.6.251
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.975.js?utv=ut4.46.202008240621
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.8.6.251 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a23-8-6-251.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2fa62fdf8e026049d48ee5b0227b6cde543ff47ae4d3a7ee43b360f9d154305f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 04:17:58 GMT
content-encoding: gzip
last-modified: Tue, 01 Oct 2019 02:56:54 GMT
server: AkamaiNetStorage
etag: "1411faee056be1abaeee38ce4f2bded2:1569898614.604449"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1287
expires: Thu, 24 Dec 2020 04:17:58 GMT

GET
H2 200 utag.985.js Show response
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 2 KB
1 KB 23ms
22ms Script
application/x-javascript 23.8.6.251
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.985.js?utv=ut4.46.201911200449
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.8.6.251 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a23-8-6-251.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d5ba954163b526260314b95b75779981e8bc6645c4b3a7bd40cede3ba2799c80

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 04:17:58 GMT
content-encoding: gzip
last-modified: Wed, 20 Nov 2019 04:49:47 GMT
server: AkamaiNetStorage
etag: "a2af0d00bb0e150c0e6e47d44b9436d7:1574225387.905732"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 900
expires: Thu, 24 Dec 2020 04:17:58 GMT

GET
H2 200 ebOneTag.js Show response
secure-ds.serving-sys.com/SemiCachedScripts/ 52 KB
16 KB 71ms
22ms Script
application/javascript 184.31.90.174
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.90.174 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a184-31-90-174.deploy.static.akamaitechnologies.com
Software: / ARR/3.0
Resource Hash: 560ff2564fbf2bef305cf0e9533c4db2671c96297d978fd31ac0310727fe455f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 04:17:59 GMT
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 15:15:57 GMT
server
x-powered-by: ARR/3.0
etag: "84a7fce7aaabd61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=680
accept-ranges: bytes
content-length: 15848

GET
H2 200 hotjar-465845.js Show response
static.hotjar.com/c/ 4 KB
2 KB 38ms
38ms Script
application/javascript 65.9.73.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-465845.js?sv=6

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.73.87 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f7ffbc8feac97b6c986ea927adf188c1a540568e2fcc79e3b9294e70e44acdb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 04:17:59 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: AMS1-C1
etag: W/424339273ba1f8a452f7d92951d99a24
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
x-cache-hit: 1
content-length: 1639
via: 1.1 5e828cc6ff056cb59ec35c3467ec45f5.cloudfront.net (CloudFront)
x-amz-cf-id: VVKnQJ1nkg4PwRFmy7NalEzwoBQDvsLnBYxzdB7Hx0RhsxZPt3uZIw==

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
202 B 22ms
22ms Script
application/x-javascript 23.8.6.251
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsltd/hwt/202011240003&cb=1607487478298
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.8.6.251 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a23-8-6-251.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 04:17:58 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Wed, 09 Dec 2020 04:27:58 GMT

GET
H2 200 _error
uconnect.tealiumiq.com/ulog/ 43 B
454 B 318ms
22ms Image
image/gif 18.192.172.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uconnect.tealiumiq.com/ulog/_error?utid=newsltd/hwt/202011240003&e0=ge%3A%3A4%3A%3A%2F%2Ftags.tiqcdn.com%2Futag%2Fnewsltd%2Fhwt%2Fprod%2Futag.js%3A%3A_gaq%20is%20not%20defined
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.172.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 04:17:59 GMT
x-serverid: uconnect_i-0a8632345d623268f
vary: Origin
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc: _error::4:uconnect
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
x-region: eu-central-1
x-error: _error is not supported
content-type: image/gif
x-ulver: c2e2243d20a612a7b591b22eba7d34b103498546-SNAPSHOT
content-length: 43
x-uuid: b5886ef3-2811-4ace-a6f7-bf1ad20f7cfd
expires: Wed, 09 Dec 2020 04:17:59 GMT

GET
H2 200 ggcmb510.js Show response
seccdn-gl.imrworldwide.com/novms/js/2/ 12 KB
5 KB 20ms
6ms Script
application/javascript 2600:9000:21f3:7600:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://seccdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Requested by: Host: tags.news.com.au
URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:7600:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: CeKWdfuThsyzKr0NmnwAM5a0VYitilJV
content-encoding: gzip
etag: "afa0d379b1e6e0a61fad577d0043ff26"
last-modified: Tue, 17 Nov 2020 14:36:24 GMT
server: AmazonS3
age: 1234
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Wed, 09 Dec 2020 03:57:26 GMT
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: WSs_a0uGzXJZ_e-uwTWqaGsUJLmSLM29628qM4-jr5WVWbREGaRF8A==

GET
H/1.1 200
OK iasPET.1.js Show response
cdn.adsafeprotected.com/ 22 KB
7 KB 1098ms
22ms Script
application/javascript 13.225.80.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adsafeprotected.com/iasPET.1.js
Requested by: Host: tags.news.com.au
URL: https://tags.news.com.au/prod/tad/tad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.80.85 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-80-85.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 54138d578ed166d5381db70b3dd14a16830233553b6e4213402bae2fdb0564b4

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 05 Dec 2020 13:25:32 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 08 Jul 2020 20:34:30 GMT
Server: AmazonS3
Age: 312749
ETag: "a8663f72a1dbe614b19f167a59af368d"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
Cache-Control: max-age=604800
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA2-C2
X-Amz-Cf-Id: VXBy3PfzX9ryuUeguCYbG4wXm82HOb16sBAHsnKwwA8ZeGB85WMAPA==

GET
H2 200 authorize
login.newscorpaustralia.com/ Frame FF64 0
0 324ms
323ms Document
text/html 184.24.22.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=VA7vjks2rTDs3ZRU0jV9IkpOYJ7izKio&nonce=bv8ABndHCF_CfUpZ6osD7_eN7HDRVfIS&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.24.22.132 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-22-132.deploy.static.akamaitechnologies.com

Software

openresty /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: login.newscorpaustralia.com
:scheme: https
:path: /authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=VA7vjks2rTDs3ZRU0jV9IkpOYJ7izKio&nonce=bv8ABndHCF_CfUpZ6osD7_eN7HDRVfIS&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

server: openresty
content-type: text/html;charset=UTF-8
ot-tracer-spanid: 670b55d67c708e6c
ot-tracer-traceid: 12b8a7581e18f278
ot-tracer-sampled: true
ot-baggage-auth0-request-id: 22081-1607487478.491-23.55.162.137-1458-490033123-4-0.000
x-auth0-requestid: 263731283e7ef590c9d5
x-ratelimit-limit: 1000
x-ratelimit-remaining: 998
x-ratelimit-reset: 1607487479
content-encoding: gzip
strict-transport-security: max-age=31536000
x-akamai-transformed: 9 534 0 pmb=mTOE,3
expires: Wed, 09 Dec 2020 04:17:58 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 09 Dec 2020 04:17:58 GMT
content-length: 839
vary: Accept-Encoding
set-cookie: did=s%3Av0%3A84debfe0-39d5-11eb-aa15-97847e6a5456.wzbcNI8Zw7XtVkyLpx3ACztKv9YDbwOV6EoyXr2zgaE; Max-Age=31557600; Path=/; Expires=Thu, 09 Dec 2021 10:17:58 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A84debfe0-39d5-11eb-aa15-97847e6a5456.wzbcNI8Zw7XtVkyLpx3ACztKv9YDbwOV6EoyXr2zgaE; Max-Age=31557600; Path=/; Expires=Thu, 09 Dec 2021 10:17:58 GMT; HttpOnly; Secure ak_bmsc=D378877CF203EBE0CF87018CD2B13D7717D5A0C7825C0000F64FD05F912FB416~plk6mM0vLEYqcGb5C5eOkcxiI5VsvjMk8Mqn1tAOSUrxB+08jxHW569Dj+V+EaUwHv3hPJt91KHVHKRIAeUVkDzZAA45fE9B+AL00hy1p1lv/gcoUJg59lYFobhjDEjGZ6s+2ZTd+Oh8d/g1XLTzF/joapXanbXGOJh0cNgoOUSn7fj79S3G7RE6y81JsKXKNryHD7c7x9xrhO3Jz62/sTnypG7Kj1BplMjTHn0H94ICwJJBYKIoSYC5vNq7ieBoFe; expires=Wed, 09 Dec 2020 06:17:58 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=AAD25BAB0A055E9F6EE5A0A201886DEE~KrMOOPC+BhHwWNj1z0CSfkb8lx6PTEFPgsPgc3JiNSQah8slgsiOOKuSWn7sxcVG2C+v3RO58CVtIwzsefiskmX1wulOiJtafiHt7nHmuxsCxS39ygrUpZfUVe4kOPLdP2iXaG9eQl3R7jWibRchp+GEylLVfJWC3dKnYMhBMa8N8QtKtn5EMELKKhy4fkTW2Kw8UCG/7Jb8irNNUTvuPQQq6BNINrpRcJw6s+Z9FW6ENbGJmbMlil9TDvvlYTa2; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=E380479A9260A4DB941F0D7F69B2E981~YAAQx6DVFzU3qSB2AQAAdFu4RQq6WvvsUFu73qqihFpTuZBcWIZ3WnBpIvssk76kGBNag0Hc/H3Jot+O1H3KQ31TyN+0DRcv/tMo06cpiNj6llJ0lPXbASaab17UJVULmMV4VDqvR4TiFO+ScbjknA9y6DEhQB3p239ttTIDwUOCSarvWCpCkcu0dsf5SPnJSmFQKviaQ7lvgg==; Domain=.newscorpaustralia.com; Path=/; Expires=Wed, 09 Dec 2020 08:17:58 GMT; Max-Age=14400; HttpOnly _abck=F29FDC4962DD1B5A1F9114B2B43DA956~-1~YAAQx6DVFzY3qSB2AQAAdFu4RQXlMuKe1z+Fi+2wrqQG0LvOqFL9r98bv8zPet/JifT6zvMnSmbOy0XE3N4xOB1gZZwshvsdwzD1/x4IRjulswfR8oGW7Wb0/Mv8VyqunUMhQyauj9DF6BnTS+lk/bU3dlC7i7MQTBiwoM1WmivHOblgcCvGqrwTVxQYYrFGRsjHW79/vu1LnQ52i56XSi09fB1L9GiUhCcM7+awwRvMA1ed7P+6J8ceKzUwRc98jYW0nBobsI7gS1UIs7Xvcj/zVQSF+H0lE75dfB/bi+V68kIWU9LdHzJGTVZ8sIztlG2OGWI=~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Thu, 09 Dec 2021 04:17:58 GMT; Max-Age=31536000; Secure

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1607487478377
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1607487478377

5 KB
2 KB

38ms
37ms

XHR
application/json

52.49.226.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1607487478377

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.49.226.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-226-218.eu-west-1.compute.amazonaws.com

Software

Resource Hash

054698b185748a79f3ac386db842e23bf46f8fc707eb0b59665c41aed74a1731

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v086-07d90016a.edge-irl1.demdex.com 5.80.1.20201111130852 3ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: TDOFIEpgQRo=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.heraldsun.com.au
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1538
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://www.heraldsun.com.au
X-TID: bJy0z9RLQJY=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1607487478377
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 authorize
login.newscorpaustralia.com/ Frame B51F 0
0 333ms
332ms Document
text/html 184.24.22.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=-DCDm-OvpB0wsaXT3Ppx-7~B_Ky~wLOJ&nonce=DGyYAuyqVu_-fHLQPfjkStNB2YlHOYhY&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.24.22.132 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-22-132.deploy.static.akamaitechnologies.com

Software

openresty /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: login.newscorpaustralia.com
:scheme: https
:path: /authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=-DCDm-OvpB0wsaXT3Ppx-7~B_Ky~wLOJ&nonce=DGyYAuyqVu_-fHLQPfjkStNB2YlHOYhY&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

server: openresty
content-type: text/html;charset=UTF-8
ot-tracer-spanid: 46970ded2b952733
ot-tracer-traceid: 3851046a0021583e
ot-tracer-sampled: true
ot-baggage-auth0-request-id: 20458-1607487478.569-23.55.162.137-1458-489815720-23-0.000
x-auth0-requestid: 222d6658ba1f9f62cf01
x-ratelimit-limit: 1000
x-ratelimit-remaining: 997
x-ratelimit-reset: 1607487479
content-encoding: gzip
strict-transport-security: max-age=31536000
x-akamai-transformed: 9 534 0 pmb=mTOE,3
expires: Wed, 09 Dec 2020 04:17:58 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 09 Dec 2020 04:17:58 GMT
content-length: 843
vary: Accept-Encoding
set-cookie: did=s%3Av0%3A84ec2d60-39d5-11eb-8b4c-15dcd9a504aa.sInetFo9hFmoe8zAtIHvsaW08Zfmo7wTHtVP9tqSdhE; Max-Age=31557600; Path=/; Expires=Thu, 09 Dec 2021 10:17:58 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A84ec2d60-39d5-11eb-8b4c-15dcd9a504aa.sInetFo9hFmoe8zAtIHvsaW08Zfmo7wTHtVP9tqSdhE; Max-Age=31557600; Path=/; Expires=Thu, 09 Dec 2021 10:17:58 GMT; HttpOnly; Secure ak_bmsc=A366FBED94CD498DBBE1897D8D861F4E17D5A0C7825C0000F64FD05F0D231E54~plIWMMISCUghMNzPrcNdLOn2a5ECwc3C2v3OZ3rjA2Msm410zgQ4OYEEFP1ZX9AOSk6lQ5HOHhqql0sNyWkUKPXiroF3KfuwP9hfMPdfeGJzWAakqzF4VyoeCLeVG+rfwzWZcbReuQNOIb1CLTSCIX2eMFgKSFY7ILWqA9QLzrM2zSSEGEqhRz+XeCCVNY1y6BZsfDvxUTOs67zx1RLzFKQROUb7BUetd8M+EcTjSshl2C4Sq3EGqNmGrp7Qod4iS5; expires=Wed, 09 Dec 2020 06:17:58 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=7AEACE1D88CE5A58F5345654DF6F01D2~KrMOOPC+BhHwWNj1z0CSflK9wyeDrwRYvfXxu59lnwhsLPHP/3AcBvXMIquXQ3UB1KG9mP+HW6lD4p9I0ARyxxDYZycYN08+iFdtyzJRsvvfks3O/uETb9bEA9nzmiuPckTp4T3b2SmAiNMAF4+RwOgX/ZAUicKjfuuceqORUy68EycXSQalhPxNJ+p4h/63iI7Kqym4FETH3xxQ/ATvHBzsRQC7aPChW0+RHRt/uQjjM/7KTNHo82yShK0lcQCG; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=28C70859D533846E941177BB967BE125~YAAQx6DVFzk3qSB2AQAAxlu4RQqDLFs/6kMVTWuy2BZyMQH2NH+n4akid+CxyksXW4Sceicy7fV7+tUUmMTHJ2Is05mDyKiWaOTBInUyLJPgzr4g0PHnKxb5i4AyYMkvwvk6LePvHbM0Aizmgj1wSCXG0w/msN/ayfGLbf5DnpPcvwc8U2dIRN74iSl6jK57hD6vCG7mtsxPUpU=; Domain=.newscorpaustralia.com; Path=/; Expires=Wed, 09 Dec 2020 08:17:58 GMT; Max-Age=14400; HttpOnly _abck=C6556A39E699C7F882AD3A1E02450DD1~-1~YAAQx6DVFzo3qSB2AQAAxlu4RQUE0KNacPHt76imSBPiCVhGbX+qmFWW2Mp+eXc1LMdkCM4F8uIKyr6DUMoEeC7dGp/zUPG/IcocyU7J7Ak3AJANAMyKye/mwI2BmmZn0SZEtubXjb1x/jDqMXQH2xVkEnbijb5sfMuCnyEpmdxEq5It/VEqkanYxPzmNeKrHu3XoPOrckLWWskLmQsfkwFW7pZbCpdJ6uBg6K6sN3SDYvvCTqoZkLMqGhmVcrMD3Avtc4+AAi41Ps9pwy7xEejtat0cjUMdyuJMXpJJG3TcR6CP2X2CX05ZJQUSqZCiWSFMZEY=~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Thu, 09 Dec 2021 04:17:58 GMT; Max-Age=31536000; Secure

GET
H2 200 vidora-client.1.x.x.min.js Show response
assets.vidora.com/js/ 8 KB
4 KB 47ms
6ms Script
application/javascript 2600:9000:206f:c800:4:77d:a0c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:c800:4:77d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 08052c2c99dd94a7e638999360264f21fd6ea6c6e7f0c9fbaf55e11cd4fe314f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 00:14:04 GMT
content-encoding: gzip
last-modified: Wed, 08 Apr 2020 14:24:21 GMT
server: AmazonS3
age: 14636
etag: W/"09285b59e7b4661ace266ee756c7b3f3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7778e859490081303ab32e0feeba8515.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: YeVUKKDP2QPFDBvh_QmWwY92T8dDDoDC11Lo-BM4Y4gYoPrMeo7iQw==

GET
H/1.1 200
OK Cookie set dest5.html
newscorpau.demdex.net/ Frame F64E 0
0 144ms
35ms Document
text/html 34.241.138.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://newscorpau.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.241.138.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-138-222.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: newscorpau.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.heraldsun.com.au/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=46036134324386065182870019191258405750
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Thu, 19 Nov 2020 15:01:00 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=46036134324386065182870019191258405750;Path=/;Domain=.demdex.net;Expires=Mon, 07-Jun-2021 04:17:58 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: BPd6R1d1R0A=
Content-Length: 2785
Connection: keep-alive

GET
H2 200 id Show response
metrics.heraldsun.com.au/ 48 B
516 B 145ms
30ms XHR
application/x-javascript 15.237.76.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.heraldsun.com.au/id?d_visid_ver=5.1.1&d_fieldgroup=A&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&mid=46060205225307739322872406490212305516&ts=1607487478792

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.76.117 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-237-76-117.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

9897f919f6ae2c815ab3dda3a625ce0ff765674ede21ecc42a9fba2297755ef5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 09 Dec 2020 04:17:58 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-f7bfdfcfd-5v9pj
vary: Origin
x-c: master-1404.I1e61f9.M0-468
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.heraldsun.com.au
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=X9BP_AAAALI5bx-H
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=46036134324386065182870019191258405750
https://dpm.demdex.net/ibs:dpid=411&dpuuid=X9BP_AAAALI5bx-H

42 B
915 B

36ms
35ms

Image
image/gif

52.49.226.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=X9BP_AAAALI5bx-H

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.49.226.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-226-218.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v086-0ab5456b1.edge-irl1.demdex.com 5.80.1.20201111130852 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: Ep32u9PUT+w=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=X9BP_AAAALI5bx-H
Date: Wed, 09 Dec 2020 04:18:00 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 5 KB
2 KB 38ms
37ms XHR
application/json 52.49.226.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=46060205225307739322872406490212305516&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=newsnkidcookie%017b33bdb693ee05575cb97324035c1442%011&ts=1607487478941

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.49.226.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-226-218.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e8fe4173e25075caadc17665c082a96abef9a86b802e173e18667807d0cd8a86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v086-049362f03.edge-irl1.demdex.com 5.80.1.20201111130852 3ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: tnGtjmOTR5E=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.heraldsun.com.au
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1536
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 s13881604232438
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.0/ 43 B
440 B 32ms
31ms Image
image/gif 15.237.76.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.0/s13881604232438?AQB=1&ndh=1&pf=1&t=9%2F11%2F2020%205%3A17%3A58%203%20-60&cid.&newsnkidcookie.&id=7b33bdb693ee05575cb97324035c1442&as=1&.newsnkidcookie&.cid&vid=7b33bdb693ee05575cb97324035c1442&mid=46060205225307739322872406490212305516&aamlh=6&ce=UTF-8&ns=newscorpau&cdp=3&pageName=hs%7Chome%7Chomepage%7Chomepage&g=https%3A%2F%2Fwww.heraldsun.com.au%2F&cc=AUD&ch=D%3Dv4&events=event1%2Cevent8%2Cevent17%3D7%2Cevent18%2Cevent63%3D32&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=D%3Dv1&v1=news%20corp%20au&h1=news%20corp%20au%7Cherald%20sun%7Cherald%20sun%20web%7Chome&l1=hybrid%3A1%7Chybrid-leader-billboard%3A1%7Chalfpage%3A1%7Chybrid%3A2%7Chybrid-leader-portal%3A1%7Cmrec%3A1%7Croadblock-px%3A1&c2=D%3Dv2&v2=herald%20sun&c3=D%3Dv3&v3=herald%20sun%20web&c4=D%3Dv4&v4=home&c9=D%3Dv9&v9=homepage&c10=D%3Dg&v10=D%3DpageName&c11=D%3Dv11&v11=D%3Dvid&c14=D%3Dv14&v14=anonymous&c22=D%3Dv22&v22=3%3A17%20PM%7CWednesday&c24=D%3Dv24&v24=New&c30=First%20Visit&v34=D%3Dg&c45=landscape&c46=D%3Dv46&v46=not%20logged%20in&v52=1600x1200%7Cmac%20os%20x%7C10_14_5&c60=D%3Dv60&v60=32&c65=D%3Dv65&v65=false&c75=D%3Dv80&v76=no%20plugins&v77=D%3Dmid&v78=nl%7Cunknown%7Camsterdam%7C52.35%7C4.92%7Cgmt%2B1%7Cunknown&v79=nl&v80=7b33bdb693ee05575cb97324035c1442-00000000000000000000000000000000-1607487478277-76411&v111=0&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&AQE=1

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.76.117 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-237-76-117.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 04:17:58 GMT
x-content-type-options: nosniff
x-c: master-1404.I1e61f9.M0-468
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 10 Dec 2020 04:17:59 GMT
server: jag
xserver: anedge-f7bfdfcfd-ptl5j
etag: 3452053075602538496-4621654169858053783
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Tue, 08 Dec 2020 04:17:59 GMT

POST
H2 204 bulk Show response
trc.taboola.com/newscorpau-aud-heraldsun/log/3/ 0
424 B 29ms
29ms XHR
image/gif 199.232.57.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/newscorpau-aud-heraldsun/log/3/bulk?tvi2=2614&route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201129-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.57.44 Windsor, United Kingdom, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Wed, 09 Dec 2020 04:17:59 GMT
via: 1.1 varnish
server: nginx
x-timer: S1607487479.245017,VS0,VE9
x-served-by: cache-lon4226-LON
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.heraldsun.com.au
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 106ms
106ms Image
image/gif 54.205.171.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2F&u=CzFsW_B97oCZCUkHkO&d=heraldsun.com.au&g=36976&g0=home%2Chomepage%2Cno_video&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=9932&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=4347&t=QrCCUDF5S1CCAjDQW1y1i_UWSw3&V=121&i=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&tz=-60&_acct=anon&sn=1&sv=D2DrdcCEzRchCziOMOCy0NrtBlCjkB&sd=1&im=06030402&_
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.205.171.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-205-171-136.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 04:17:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20201203/r20110914/elements/html/ 6 KB
3 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201203/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=640101175629.0571?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa3748e2366d5ba5f4a7b6c8154809725b6bfb7843743837384c70f060b33503

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 02:58:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4744
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 2649
x-xss-protection: 0
server: cafe
etag: 804181672847865866
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Dec 2020 02:58:55 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ 0
117 B 34ms
32ms Other
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstDWy__cVpE-e3XKBTlggULstHiH5a9QcWhaY5Jg2epuJTHVu1PzwWtb9sTav4L4gBia13Kdy6mL6pFVvJgIcEjqQnSbqupERDPzvt7BuNaJ3Gmgno64NP1rpjksR1CfH8L9IzOOeM4JcFMM_KWHA&sig=Cg0ArKJSzEpPo0WjjcOAEAE&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20201203.53809&adurl=

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=640101175629.0571?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 09 Dec 2020 04:18:00 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 pubads_impl_2020120201.js Show response
securepubads.g.doubleclick.net/gpt/ 278 KB
98 KB 67ms
38ms Script
text/javascript 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js?21068927

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

sffe /

Resource Hash

05512d815f46a3dd0e9aaa163dad6808ea2c7d43c89fe74b821c879c4b1b5046

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 04:17:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 02 Dec 2020 09:38:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100031
x-xss-protection: 0
expires: Wed, 09 Dec 2020 04:17:59 GMT

GET
H2 200 storageframe.html
secure-gl.imrworldwide.com/ Frame FFE6 0
0 115ms
115ms Document
text/html 2600:9000:21f3:d200:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-gl.imrworldwide.com/storageframe.html
Requested by: Host: secure-gl.imrworldwide.com
URL: https://secure-gl.imrworldwide.com/v60.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:d200:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: secure-gl.imrworldwide.com
:scheme: https
:path: /storageframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

content-type: text/html
vary: Accept-Encoding
date: Wed, 09 Dec 2020 04:17:59 GMT
server: nginx
last-modified: Fri, 02 Oct 2020 19:34:09 GMT
etag: W/"5f7780b1-2b27"
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: kzCdvGCzaoGGprfy_6l_r56VwEArqtAd5bqSITshHk-NbiTbNFVUFA==

GET
H2 200 6630 Show response
secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/ 15 KB
1 KB 1081ms
22ms XHR
application/octet-stream 184.31.90.174
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/6630
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.90.174 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a184-31-90-174.deploy.static.akamaitechnologies.com
Software: ATS/7.1.0 /
Resource Hash: befd4d99b6cb8649f107a5cd1fec1055d228bdc1c001493676bb87249e9b1040

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: s9D81rRzINXxbJe2GpsceLRJAdvlBAld
content-encoding: gzip
last-modified: Mon, 30 Nov 2020 08:14:17 GMT
server: ATS/7.1.0
x-amz-request-id: 573034F4A1AB243F
etag: "622b99881112d32ffad4119cdad72daf"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=118
date: Wed, 09 Dec 2020 04:18:00 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 1050
x-amz-id-2: DDGKBvf4WGAox4f3G65181GWTeSlpv8EYYY4EcWujR4Z+A7QImPz02HxSY+ZtxlKBnGZg5FE+Cw=

GET
H2 200 modules.e8f2fe812b29ca995bc0.js Show response
script.hotjar.com/ 221 KB
58 KB 18ms
17ms Script
application/javascript 65.9.73.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.e8f2fe812b29ca995bc0.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-465845.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.73.11 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

3492bc139bf82bffa8725924455949cb36628db1491158107197f4f4829eeebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 18:02:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36956
x-cache: Hit from cloudfront
content-length: 59096
access-control-allow-origin: *
last-modified: Tue, 08 Dec 2020 17:58:32 GMT
etag: "13bf5c27d17b565cc3a6362a1a1be90f"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 f32f19f2f9b3c0c60a4ff31c809ed008.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: s0_Ej_hRkFMxn-YpA96-oT_EwN7WW892Dy4k-3sXbgrzW1oT4sOS8w==

GET
H2 200 gdpr_user_check.esi Show response
tags.news.com.au/prod/data-esi/top/ 61 B
359 B 74ms
24ms XHR
text/plain 104.79.88.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi?
Requested by: Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.79.88.147 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-88-147.deploy.static.akamaitechnologies.com
Software: AkamaiGHost /
Resource Hash: 0d65919743905ca954e12255f116be6594f5c6ec20fab63ad2295ae71da41658

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 04:17:59 GMT
server: AkamaiGHost
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
etag: "f1d1adc077c1f1f826a151ee3db530bc:1600839199.327003"
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=0, no-cache
content-length: 61
mime-version: 1.0
expires: Wed, 09 Dec 2020 04:17:59 GMT

GET
H/1.1 200
OK campaigns Show response
resourcesssl.newscdn.com.au/indies/ 7 KB
2 KB 26ms
26ms XHR
application/json 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22homepage%22,site:%22heraldsun.com.au%22,section:%22/home%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Requested by: Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: Google Frontend / Express
Resource Hash: 4ec4545ad59e9dbde642d7a701d279ab2de4bc182633de2375ef01d6c2dfff24

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 09 Dec 2020 04:18:00 GMT
Content-Encoding: gzip
ETag: W/"1b42-FbvaI/QTap9x4FONUUHcFmNCkck"
X-Powered-By: Express
X-Cache-Hits: 0
Connection: keep-alive
Content-Length: 1839
X-Served-By: cache-dca17726-DCA
Server: Google Frontend
X-Timer: S1607486994.713388,VS0,VE308
X-i: true
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
X-Cloud-Trace-Context: c2544de2b11a25081ab5eb7685a3f5e1
Cache-Control: private, max-age=604332
Function-Execution-Id: k6efkdrj1j0q
Accept-Ranges: bytes
X-Orig-Accept-Language: en-US,en;q=0.9
X-Country-Code: DE
Expires: Wed, 16 Dec 2020 04:10:12 GMT

OPTIONS
H/1.1 204
No Content campaigns
resourcesssl.newscdn.com.au/indies/ Frame 0
0 446ms
446ms Other
text/html 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22homepage%22,site:%22heraldsun.com.au%22,section:%22/home%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Protocol: HTTP/1.1
Server: 104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-206.deploy.static.akamaitechnologies.com
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.heraldsun.com.au
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Content-Type: text/html
Function-Execution-Id: bk3ge4uc2br2
Server: Google Frontend
X-Cloud-Trace-Context: 95408214596fef978b3646574fadee00
X-Country-Code: DE
X-Orig-Accept-Language: en-US
X-Powered-By: Express
Accept-Ranges: bytes
X-Served-By: cache-dca17726-DCA
X-Cache-Hits: 0
X-Timer: S1607487480.814389,VS0,VE333
Cache-Control: private, max-age=604763
Expires: Wed, 16 Dec 2020 04:17:23 GMT
Date: Wed, 09 Dec 2020 04:18:00 GMT
Connection: keep-alive
X-i: true

GET
H3-Q050 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 21 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js?21068927

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eccd35a63a7b80bbfd3a64bb7be75b327bf9292b7c603c8d31c0247962223819

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 03:28:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2960
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 8761
x-xss-protection: 0
server: cafe
etag: 16638491572200565323
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 09 Dec 2020 04:28:39 GMT

GET
H2

200

m
secure-gl.imrworldwide.com/cgi-bin/
Redirect Chain

https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1607487479834&ci=newscorp&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&sr=1600x1200&id=lstr...
https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1607487479834&ci=newscorp&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&sr=1600x1200&id=lstr...

44 B
491 B

122ms
121ms

Image
image/gif

2600:9000:21f3:d200:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1607487479834&ci=newscorp&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&sr=1600x1200&id=lstrg-3af3f695fbb798eb8fa364ebc6321e83&tz=1&ja=1
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:d200:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 04:18:00 GMT
via: 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA2-C2
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 44
x-amz-cf-id: rLyr6pnfCR3ACYSzpg3z7gLZm_P7NZb94Qnt-dXQgL4PbsyhLjArcw==
expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 09 Dec 2020 04:17:59 GMT
via: 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA2-C2
location: https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1607487479834&ci=newscorp&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&sr=1600x1200&id=lstrg-3af3f695fbb798eb8fa364ebc6321e83&tz=1&ja=1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: TIdEsYi2aCVedj4YdYjkefeZZy_trjuOO0vit7cIPPUTeXqUP6ZDPg==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 15E5 0
0 16ms
15ms Document
text/html 65.9.73.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-465845.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.24 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

content-type: text/html
content-length: 851
date: Wed, 04 Nov 2020 19:00:32 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified: Wed, 04 Nov 2020 16:31:53 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bf5caee39117de5337c47c748b716e80.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: dqD7DddvK7AorFC9jurv78MPPTXsC5KxODgCH15LVWY21UOqA-DXCA==
age: 2971047

GET
H2 200 glcfg510.js Show response
cdn-gl.imrworldwide.com/novms/js/2/configs/ 2 KB
1 KB 6ms
6ms Script
application/javascript 2600:9000:21f3:7600:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/configs/glcfg510.js
Requested by: Host: seccdn-gl.imrworldwide.com
URL: https://seccdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:7600:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: a9yv6FoqUOJEHV8JhhsvdvrSixeG3nZZ
content-encoding: gzip
etag: "931051f801612c3a0e2782961ac3d56c"
last-modified: Tue, 17 Nov 2020 14:36:24 GMT
server: AmazonS3
age: 2736
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Wed, 09 Dec 2020 03:33:28 GMT
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: OFgTRMAKWtHKQQDDajQvsr60Z0St8Mt2GyBAQmZM-QgX6zsUHswd8A==

GET
H2 200 PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js Show response
cdn-gl.imrworldwide.com/conf/ 32 KB
7 KB 7ms
6ms Script
application/javascript 2600:9000:21f3:7600:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Requested by: Host: secure-gl.imrworldwide.com
URL: https://secure-gl.imrworldwide.com/v60.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:7600:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6d53de17c52365eb4ce49341da6d0844aa24c93f5191d0ce0b6892b4edb78574

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: xmFgKeFzp_zbombZtbr_1DCTQXuDuCeN
content-encoding: gzip
etag: "b3ba4d2f55bcb9dab2f815325629c81b"
last-modified: Wed, 09 Dec 2020 01:18:22 GMT
server: AmazonS3
age: 152
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
cache-control: max-age=86400,s-maxage=86400
date: Wed, 09 Dec 2020 04:17:18 GMT
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: BWJrNaufjwP3N0-lj8EL4yA8C5KtALYuAmsqo1FekKz06xYdcjElJw==

GET
H2 200 nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 173 KB
50 KB 7ms
6ms Script
application/javascript 2600:9000:21f3:7600:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:7600:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 43ec631c14060e4d10a7fc3b6b96296f20e718d65fb51558370d41eda08a3ddc

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 8pyu2AVizz7qLhkNLlydOCakgrumnPjD
content-encoding: gzip
etag: "2a3ec0074402cc8fa654f381bebd2e04"
last-modified: Tue, 17 Nov 2020 14:36:24 GMT
server: AmazonS3
age: 295
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Wed, 09 Dec 2020 04:13:05 GMT
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 1lY7fv6HjcePQunLmeC1mNfSFhW5xAfmLFhjMmZUvhYyOZFabdjPrg==

GET
H2 200 ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame DD86 0
0 6ms
6ms Document
text/html 2600:9000:21f3:7600:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:7600:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: cdn-gl.imrworldwide.com
:scheme: https
:path: /novms/html/ls.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

content-type: text/html
last-modified: Tue, 17 Nov 2020 14:36:23 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: fXiAi9JTI1XHMxGqL.0MvkCakB1rMXT9
server: AmazonS3
content-encoding: gzip
date: Wed, 09 Dec 2020 03:26:43 GMT
etag: W/"7fa83dfc7b78314b137e2eb13834daa7"
cache-control: max-age=86400
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: jwg7RiwJ9xzLW3AjtIze9bHaL58NiZrSIHe4eCHrbSxKjVcYyUQH3w==
age: 3122

GET
H/1.1 200
OK style.css
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/banner-update-indie/assets/ 969 B
975 B 27ms
26ms Stylesheet
text/css 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/banner-update-indie/assets/style.css

Requested by

Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-206.deploy.static.akamaitechnologies.com

Software

Resource Hash

5b6656e316c03a551cbdeb95f1aed0acdffeb7b3ce743144573475dd3b8133fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
Content-Encoding: gzip
X-i: true
Date: Wed, 09 Dec 2020 04:18:00 GMT
Connection: keep-alive
Content-Length: 406
X-Served-By: cache-dca17738-DCA
Last-Modified: Wed, 09 Dec 2020 00:31:23 GMT
X-Timer: S1607473942.822857,VS0,VE1
ETag: "617866c501ae2baecee3c33975ca8125d4935302e86a88dedf91278f1aec543e"
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Expires: Wed, 09 Dec 2020 04:39:48 GMT
Cache-Control: max-age=1308
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H/1.1 200
OK main.js Show response
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/banner-update-indie/assets/ 3 KB
2 KB 25ms
24ms Script
text/javascript 104.75.88.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/banner-update-indie/assets/main.js

Requested by

Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.75.88.206 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-206.deploy.static.akamaitechnologies.com

Software

Resource Hash

386895aeac76b1c5ff9b99ceaf1129828535748e9dd0ff241e8f595ca13b6afb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
Content-Encoding: gzip
X-i: true
Date: Wed, 09 Dec 2020 04:18:00 GMT
Connection: keep-alive
Content-Length: 1276
X-Served-By: cache-dca17761-DCA
Last-Modified: Wed, 09 Dec 2020 00:31:23 GMT
X-Timer: S1607473953.173767,VS0,VE1
ETag: "799b8c406ecbbc260dc9ac71c011202326bd9a557b155ba1707af12579eded3c"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Expires: Wed, 09 Dec 2020 04:33:51 GMT
Cache-Control: max-age=951
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H/1.1 200 Serving Show response
bs.serving-sys.com/ 10 KB
3 KB 120ms
37ms Script
text/html 82.199.68.72
EQUINIX-CONNECT-EMEA

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?cn=ot&onetagid=6630&dispType=js&sync=0&sessionid=8968028834646372731&pageurl=$$https%3A%2F%2Fwww.heraldsun.com.au%2F$$&activityValues=$$Session%3D3618805833317801366$$&ns=0&rnd=9566215211205831
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 82.199.68.72 , Netherlands, ASN15830 (EQUINIX-CONNECT-EMEA, GB),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 748b0fd15ebfd7321d9b40df62a397a8832d0f6782676aa5f33328c14ee09416

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Dec 2020 04:18:22 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
P3P: CP="NOI DEVa OUR BUS UNI"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
Content-Type: text/html; charset=UTF-8
Content-Length: 2386
Expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 648 B
886 B 106ms
39ms XHR
application/json 54.77.231.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=10507&slot=%7Bid:ad-block-728x90-1,ss:%5B728.90,970.250,970.50,1000.100%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x250-1,ss:%5B300.250,300.600%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x250-2,ss:%5B300.250%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-1000x50-1,ss:%5B1000.50,728.1%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-728x90-2,ss:%5B728.90,1000.150%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-out-of-page,ss:%5B1.1%5D,p:/5129/ndm.hwt/home,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=633e8a30-4a98-17c3-b50a-181a09114652&url=https%253A%252F%252Fwww.heraldsun.com.au%252F
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.231.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-231-46.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 54213fdd7028506aa8216a234e9f7e2e7c0cebf6b6fc05885d433101091eba1b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 04:18:00 GMT
x-server-name: app27.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.heraldsun.com.au
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ Frame BF10 4 KB
2 KB 81ms
22ms Script
application/x-javascript 143.204.97.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.97.161 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-97-161.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 08 Dec 2020 08:57:56 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 69605
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: DXt3XqbpCYTBcVXMlJ5oklz21rRlqrOpHhUEngr9feWTd4Qce_6yGw==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ Frame C17D 5 KB
2 KB 1080ms
22ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=7b33bdb693ee05575cb97324035c1442-1607487475
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 04:18:01 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 11473
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1607487482.988318,VS0,VE0
x-served-by: cache-fra19161-FRA

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame 7D51 965 B
760 B 20ms
6ms Script
application/x-javascript 2a02:26f0:6c00:28c::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=7b33bdb693ee05575cb97324035c1442-1607487475
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28c::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 09 Dec 2020 04:18:00 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=9829
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 448

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 3A49 96 KB
38 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:818::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-707564276

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2106309b539a1d5dd1b2f6e8b8bf24fb71082cb256f91b4b30f42239ef37ef03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 04:18:00 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38971
x-xss-protection: 0
last-modified: Wed, 09 Dec 2020 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 09 Dec 2020 04:18:00 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ Frame BB3D 4 KB
2 KB 119ms
51ms Script
application/x-javascript 143.204.97.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.97.161 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-97-161.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 08 Dec 2020 08:57:56 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 69606
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: QniQJ0SAdfUeRZtyH40I5oOK1s0K8Wul-rbK_9lPTnS7a-4tq80tJQ==

GET
H/1.1 200
OK pixie.js Show response
acdn.adnxs.com/dmp/up/ Frame 04C4 7 KB
3 KB 1323ms
22ms Script
application/javascript 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/up/pixie.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=7b33bdb693ee05575cb97324035c1442-1607487475
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3883ff2a5b46193da5464f5ae5fb94169d1361cfecedbd187439d459dc669f31

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 09 Dec 2020 04:18:02 GMT
Content-Encoding: gzip
Age: 25581
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 2601
X-Served-By: cache-lga21961-LGA, cache-hhn4034-HHN
Access-Control-Allow-Origin: *
Last-Modified: Thu, 14 May 2020 21:04:36 GMT
Server: nginx/1.13.10
X-Timer: S1607487482.244655,VS0,VE0
ETag: W/"5ebdb264-1cfb"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Fri, 15 May 2020 21:04:39 GMT
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 3, 3970

GET
H3-Q050

200

activityi;dc_pre=CIqQt8KFwO0CFZrMuwgdP-MCbA;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8693448493590.272
8228261.fls.doubleclick.net/ Frame 7DF0
Redirect Chain

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8693448493590.272?
https://8228261.fls.doubleclick.net/activityi;dc_pre=CIqQt8KFwO0CFZrMuwgdP-MCbA;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=869344849359...

0
0

114ms
84ms

Document
text/html

172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8228261.fls.doubleclick.net/activityi;dc_pre=CIqQt8KFwO0CFZrMuwgdP-MCbA;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8693448493590.272?

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=7b33bdb693ee05575cb97324035c1442-1607487475

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8228261.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CIqQt8KFwO0CFZrMuwgdP-MCbA;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8693448493590.272?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 09 Dec 2020 04:18:01 GMT
expires: Wed, 09 Dec 2020 04:18:01 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 330
x-xss-protection: 0
set-cookie: IDE=AHWqTUkNUAgn_9x1hmvUgOVZlq4k5qRTFyguusf4XPeNsmYLWzT5vHi7rk-2CXIh; expires=Mon, 03-Jan-2022 04:18:01 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 09 Dec 2020 04:18:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8228261.fls.doubleclick.net/activityi;dc_pre=CIqQt8KFwO0CFZrMuwgdP-MCbA;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8693448493590.272?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050

200

activityi;dc_pre=CIjLt8KFwO0CFTRc5Qod8UcHbQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4303101088243.193
8228261.fls.doubleclick.net/ Frame B581
Redirect Chain

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4303101088243.193?
https://8228261.fls.doubleclick.net/activityi;dc_pre=CIjLt8KFwO0CFTRc5Qod8UcHbQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=430310108824...

0
0

99ms
76ms

Document
text/html

172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8228261.fls.doubleclick.net/activityi;dc_pre=CIjLt8KFwO0CFTRc5Qod8UcHbQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4303101088243.193?

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=7b33bdb693ee05575cb97324035c1442-1607487475

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8228261.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CIjLt8KFwO0CFTRc5Qod8UcHbQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4303101088243.193?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 09 Dec 2020 04:18:01 GMT
expires: Wed, 09 Dec 2020 04:18:01 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 329
x-xss-protection: 0
set-cookie: IDE=AHWqTUn_OQups9uN4g47QFlywtEzPAxfKFfsMRM4se5cijni7T1vfB0D-KGClZiD; expires=Mon, 03-Jan-2022 04:18:01 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 09 Dec 2020 04:18:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8228261.fls.doubleclick.net/activityi;dc_pre=CIjLt8KFwO0CFTRc5Qod8UcHbQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4303101088243.193?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame 3F24 96 KB
38 KB 39ms
26ms Script
application/javascript 2a00:1450:4001:818::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-820018408

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e99772ee3b4111414156aa8b0d3cc59a03e9d6512b6b701ba7e96cd646e78b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 04:18:00 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38968
x-xss-protection: 0
last-modified: Wed, 09 Dec 2020 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 09 Dec 2020 04:18:00 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame 9FC0 30 KB
12 KB 33ms
32ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

09494b789c55d639e0aabeffc59433963f0e8e766baba0fea88eae8a63c40ccd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 04:18:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11865
x-xss-protection: 0
server: cafe
etag: 18432201170715473949
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 09 Dec 2020 04:18:00 GMT

GET
H2 200 activity
au-gmtdmp.mookie1.com/t/v2/ Frame 075F 43 B
608 B 3394ms
296ms Image
image/gif 35.227.202.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296557&src.rand=[timestamp]
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.202.26 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 26.202.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 04:18:04 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame FAD1
Redirect Chain

https://secure.adnxs.com/px?id=879166&seg=9702347&t=2
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2

43 B
1 KB

79ms
23ms

Image
image/gif

37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Dec 2020 04:18:01 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 691.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.44:80
AN-X-Request-Uuid: 4d8a96c8-bb27-45dc-9d21-2db6807e76ed
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 09 Dec 2020 04:18:01 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 691.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.78:80
AN-X-Request-Uuid: 441e2edf-854b-4928-87b8-12a90c2b7817
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1

0
1 KB

101ms
22ms

Image
application/javascript

37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Dec 2020 04:18:01 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 691.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.72:80
AN-X-Request-Uuid: d5878f09-26dd-480e-aec3-f5209118919a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 09 Dec 2020 04:18:01 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 691.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.135:80
AN-X-Request-Uuid: aadee8f5-14ff-4b4f-b1ed-6c64c76184cc
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=1049968&seg=15374298&t=1
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049968%26seg%3D15374298%26t%3D1

0
1 KB

23ms
23ms

Image
application/javascript

37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049968%26seg%3D15374298%26t%3D1

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Dec 2020 04:18:01 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 691.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.10:80
AN-X-Request-Uuid: 87fdae23-6f08-4f2b-a1de-04f35a6f6554
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 09 Dec 2020 04:18:01 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 691.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.77:80
AN-X-Request-Uuid: 6383d9e9-bb59-4d84-bee9-d8280118cfd6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049968%26seg%3D15374298%26t%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 109 B
803 B 40ms
15ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=www.heraldsun.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js?21068927

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Dec 2020 04:18:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 39ms
14ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.heraldsun.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js?21068927

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Dec 2020 04:18:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 122 KB
14 KB 90ms
86ms XHR
text/plain 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=942425749130095&correlator=3030915215941854&output=ldjh&impl=fifs&hxva=1&scor=135297990063994&eid=21068927&vrg=2020120201&co=1&npa=1&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201209&iu_parts=5129%2Cndm.hwt%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%7C970x50%7C1000x100%2C300x250%7C300x600%2C300x250%2C1000x50%7C728x1%2C728x90%7C1000x150%2C1x1&ists=1&prev_scp=pos%3D1%26id%3D864f4063-39d5-11eb-8fc7-02617d9e854e%7Cpos%3D1%26id%3D864f4064-39d5-11eb-8fc7-02617d9e854e%26vw%3D40%2C50%2C60%2C70%26vw05%3D40%26grm%3D40%2C50%2C60%26pub%3D40%7Cpos%3D2%26id%3D864f4065-39d5-11eb-8fc7-02617d9e854e%7Cpos%3D1%26id%3D864f4066-39d5-11eb-8fc7-02617d9e854e%7Cpos%3D2%26id%3D864f4067-39d5-11eb-8fc7-02617d9e854e%7Cpos%3D1%26id%3D864f4068-39d5-11eb-8fc7-02617d9e854e&eri=1&cust_params=us%3Db%26s%3D0%26co%3D1%26kw%3D%26nk%3D7b33bdb693ee05575cb97324035c1442%26sec1%3Dhome%26ksgmnt%3D%26siteview%3D1%26pagetype%3Dhomepage%26adl%3Dfalse%26pvid%3D7b33bdb693ee05575cb97324035c1442-00000000000000000000000000000000-1607487478277-76411%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3D&bc=31&abxe=1&lmt=1607487480&dt=1607487480974&dlt=1607487477579&idt=2176&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C1123%2C1124%2C176%2C176%2C0&adys=28%2C462%2C8250%2C9290%2C3175%2C9932&adks=1616217045%2C2956706420%2C1415436295%2C1982096792%2C3785065344%2C3544675803&ucis=1%7C2%7C3%7C4%7C5%7C6&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x134%7C300x0%7C300x0%7C1248x0%7C1248x0%7C1600x9931&msz=728x133%7C300x276%7C1600x276%7C1000x50%7C728x90%7C1x1&ga_vid=253418739.1607487481&ga_sid=1607487481&ga_hid=2053289516&fws=640%2C640%2C128%2C128%2C128%2C128&ohw=0%2C0%2C0%2C0%2C0%2C0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js?21068927

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

50d6965e9bda0c933c1c556d1c18b280c411dfcae52ea5a00181a48bba0851f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 04:18:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14117
x-xss-protection: 0
google-lineitem-id: 4682990628,4682990628,4682990628,4682990628,4682990628,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138234025560,138234025557,138234092456,138234082178,138234025551,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.heraldsun.com.au
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
6ca42657b4c020436cb93f8e3f6a9444.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 45ms
14ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://6ca42657b4c020436cb93f8e3f6a9444.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js?21068927
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
5ms Other
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js?21068927
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame 7D51 3 KB
2 KB 10ms
6ms Script
application/x-javascript 2a02:26f0:6c00:28c::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28c::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 09 Dec 2020 04:18:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Sep 2020 20:29:41 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=31124
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1576

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/ Frame 9FC0 2 KB
1 KB 23ms
19ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/?random=1607487481001&cv=9&fst=1607487481001&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

389c3e6d63e41617b9003c624a69023dd1bb04e420da49f12937276e03c899ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 04:18:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 965
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 3A49 30 KB
12 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-707564276

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fb46ad88af0181f8aa600691dadedc2d6dd1946603b69bc36385f68efdd01a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 04:18:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12174
x-xss-protection: 0
server: cafe
etag: 1959326039972715456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 09 Dec 2020 04:18:01 GMT

GET
H3-Q050 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 3F24 30 KB
12 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-820018408

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1ec254792b6fe5cb168d2ce9cb1e35d15311d3b357b305a95cbfb12552477d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 04:18:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12175
x-xss-protection: 0
server: cafe
etag: 17536051821503146167
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 09 Dec 2020 04:18:01 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/ Frame 3A49 2 KB
1 KB 28ms
25ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/?random=1607487481053&cv=9&fst=1607487481053&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&ig=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d02ffe5e344316e9cfba6bb3525e04d8cb3394d55c325e3b2ab198cdb702d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 04:18:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1006
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/ Frame 3F24 2 KB
1 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/?random=1607487481056&cv=9&fst=1607487481056&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&ig=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

237be4650a7c501fd8bd5c93327ab072cfcfe88a01e1e7336f90b8d24de53da9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 04:18:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1006
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9CA3 0
0 33ms
33ms Fetch
image/gif 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssKSC0lZjmD3ABxWAqdoPuNm565LDQ1jxhsu8tmP8fMo1ORtvxp-lq1gXrllvMT_8ewHk-6KESfPzuavUgosLDcfCPgiqqfRfcoVHBFunULOJ9jhaeYC2L97E6dOZLeuWO1ib_9kQp8dMkaUTOiayN6rIY5GNpNQZCDtUv0YJPdrXgLZafh6bOE3KTCg4MiMxlqQiYMvCfgEB7u8FpR2NwwdWH9eCB5SDs2siGl4bq9rByHB1LB2e8f87ppVFh3HjDKeLbZ4tLi&sig=Cg0ArKJSzA1zd_eK-rzgEAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=7b33bdb693ee05575cb97324035c1442-1607487475

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Dec 2020 04:18:01 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/ Frame 9CA3 18 KB
7 KB 45ms
12ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js?21068927

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

631c6a3617e2f5860eaa62155f5200b6ca156c00438445f9862089ef785e4542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 20:40:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27426
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7483
x-xss-protection: 0
server: cafe
etag: 7789600959769866771
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Dec 2020 20:40:55 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame 9CA3 3 KB
2 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js?21068927

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 14:56:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48069
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Dec 2020 14:56:52 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9CA3 76 KB
29 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js?21068927

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a26dbd7b877b153f4afb810fe7d49ae6c1cb06bc2bc7d8c664c4c164ce465a72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 04:18:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607379317188095"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29426
x-xss-protection: 0
expires: Wed, 09 Dec 2020 04:18:01 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9CA3 0
0 42ms
13ms Image
text/html 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSe8p8vdgqN9H8wzbuIm-mvkwFwRIcWCvmm5Os2uXq_WYznwONYOyTAouPo3gcFwtW31QJi
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js?21068927
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 7114969398400660195
tpc.googlesyndication.com/simgad/ Frame 9CA3 68 B
232 B 32ms
14ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7114969398400660195

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js?21068927

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Dec 2020 16:27:29 GMT
x-content-type-options: nosniff
age: 215432
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 23 May 2018 07:39:36 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Dec 2021 16:27:29 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 78D6 0
0 32ms
31ms Fetch
image/gif 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsswgvmjpD9oTc5H0QRn5HgdCaL0ehCvZh20THW6ThxQVLfxqz_nXiHmg8QoqToRMVawZwDDNw7snof6MIy4VbH1ct6cnOVm7T4EtNZKRHxcnkBA3FX3oeG6fRB6nYGgr5JRPjBwvhTEs6bfu7qTEsIHNGICGBtyKv0jBjHbVcicl2frLX5lub1OF95o5M6K0ZXMxIPDxIfBlg8rk4xMKac4ZPJKLHrHmZw5rjge7RoXPrG2ttcqIYqxnZq3JlSO3xmXcnkcBHjM&sig=Cg0ArKJSzGchSjePDGelEAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=7b33bdb693ee05575cb97324035c1442-1607487475

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Dec 2020 04:18:01 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/ Frame 78D6 18 KB
7 KB 39ms
11ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js?21068927

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

631c6a3617e2f5860eaa62155f5200b6ca156c00438445f9862089ef785e4542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 20:40:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27426
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7483
x-xss-protection: 0
server: cafe
etag: 7789600959769866771
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Dec 2020 20:40:55 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame 78D6 3 KB
2 KB 29ms
11ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js?21068927

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 14:56:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48069
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Dec 2020 14:56:52 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 78D6 76 KB
29 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js?21068927

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a26dbd7b877b153f4afb810fe7d49ae6c1cb06bc2bc7d8c664c4c164ce465a72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 04:18:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607379317188095"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29426
x-xss-protection: 0
expires: Wed, 09 Dec 2020 04:18:01 GMT

GET
H3-Q050 200 13756812283639570429
tpc.googlesyndication.com/simgad/ Frame 78D6 68 B
169 B 32ms
14ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13756812283639570429

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js?21068927

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 22:35:36 GMT
x-content-type-options: nosniff
age: 106945
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 23 May 2018 07:40:06 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Dec 2021 22:35:36 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js?21068927

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

187f0e2d2331f649e0afc51f0567cf23ef47d57283aa928313452eb1a559efb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 04:18:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607379317188095"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28447
x-xss-protection: 0
expires: Wed, 09 Dec 2020 04:18:01 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
66 B 20ms
13ms Image
image/gif 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=942425749130095&r=300x250&w=1&h=1&a=0

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 04:18:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3491 0
0 43ms
32ms Fetch
image/gif 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstOTCL39aPDrJain1MmJ-WCy0Qa8Was9w2tnZFWVsbNRH4wDSiBXN1PZaCjgJmdJmcdlrVUvfugZVbLl_ucX54c_WaDO9i3_7ai4LtCJ2GrhuYbTNKM_q5wF-rOvMnwjEAIz5yjjqByttIPwYY7m2PA8ZlxPXTQgiDkF_ZxMMR8I5VwZ0sCJqa2HwG5DWwwsuUarLpvbTO6E2voXLsRgK8AgTaB4aX0yCBxR5C4QDRW0tWQ0zcnuW0u-GthFah87-F5ay-ObTuj&sig=Cg0ArKJSzLleP8QC3rIsEAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=7b33bdb693ee05575cb97324035c1442-1607487475

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Dec 2020 04:18:01 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 13756812283639570429
tpc.googlesyndication.com/simgad/ Frame 3491 68 B
94 B 17ms
14ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13756812283639570429

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js?21068927

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 22:35:36 GMT
x-content-type-options: nosniff
age: 106945
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 23 May 2018 07:40:06 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Dec 2021 22:35:36 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/ Frame 3491 18 KB
8 KB 17ms
5ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js?21068927

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

631c6a3617e2f5860eaa62155f5200b6ca156c00438445f9862089ef785e4542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 20:40:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27426
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7483
x-xss-protection: 0
server: cafe
etag: 7789600959769866771
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Dec 2020 20:40:55 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame 3491 3 KB
1 KB 14ms
11ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js?21068927

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 14:56:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48069
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Dec 2020 14:56:52 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3491 76 KB
29 KB 40ms
34ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js?21068927

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a26dbd7b877b153f4afb810fe7d49ae6c1cb06bc2bc7d8c664c4c164ce465a72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 04:18:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607379317188095"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29426
x-xss-protection: 0
expires: Wed, 09 Dec 2020 04:18:01 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 959B 0
0 40ms
32ms Fetch
image/gif 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssknxs0HmdGaBgoPL6UaHk--HOLnKWUHyjghF9n7Iy2HGyML9JcL_YDEDbxaOnPItkuOJBdboWiyla33NqPB6iRPNQ1GyWMuAOQtt4fA773GXmLXa55rYJIKW8OX-1ZrYoL9wnRMxs62lKVez9bNQFFEexo0EOHaUjMzloQRwmL7BqnVNP_La3bfLGpXakP8VHE9BR2Wi8kIzOKYICwiJLpB1cXCnX-ZLtqLD40HpQ-7jA2Nb9gARYiHwQfi9LW9CtZGVVulazE&sig=Cg0ArKJSzLhM4JEDhESvEAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=7b33bdb693ee05575cb97324035c1442-1607487475

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Dec 2020 04:18:01 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/ Frame 959B 18 KB
7 KB 14ms
6ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js?21068927

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

631c6a3617e2f5860eaa62155f5200b6ca156c00438445f9862089ef785e4542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 20:40:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27426
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7483
x-xss-protection: 0
server: cafe
etag: 7789600959769866771
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Dec 2020 20:40:55 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame 959B 3 KB
1 KB 15ms
10ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js?21068927

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 14:56:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48069
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Dec 2020 14:56:52 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 959B 76 KB
29 KB 28ms
24ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js?21068927

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a26dbd7b877b153f4afb810fe7d49ae6c1cb06bc2bc7d8c664c4c164ce465a72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 04:18:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607379317188095"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29426
x-xss-protection: 0
expires: Wed, 09 Dec 2020 04:18:01 GMT

GET
H2 200 13503232906761715217
tpc.googlesyndication.com/simgad/ Frame 959B 3 KB
3 KB 17ms
14ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13503232906761715217

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js?21068927

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a87453753b5611e7806718ec99a837dc8068d9eb20b4b6b3bb0d38ee2bd84d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 13:40:25 GMT
x-content-type-options: nosniff
age: 52656
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3270
x-xss-protection: 0
last-modified: Wed, 23 May 2018 04:43:28 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Dec 2021 13:40:25 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7324 0
0 36ms
31ms Fetch
image/gif 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWliDPL29y8JrpfKJCdh_pyVXL5VLuyEN-3rm94yl83gE6eFq2Tt1_nm4mkdsMwPSIdGZUzMkxZ9Kdo-US8o9WmtaZ0aDN0JYBWq_fxLdQedYTRCcE_6qUwLsbo4bsJu-ckNLH-AF3EdvtKpZ96cwWtih8SUJzFL36-Z_9DXwXaEjNpERcjIKwys9rq3xfunQabYq4_v7EIxLEThdEws3EMRae68Xwn3ukUJ1Ix0DfcyjbbM0k6ABzt8WFTIivLS_TE51kbN6Y&sig=Cg0ArKJSzDHVfT4UX0plEAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=7b33bdb693ee05575cb97324035c1442-1607487475

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Dec 2020 04:18:01 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 7114969398400660195
tpc.googlesyndication.com/simgad/ Frame 7324 68 B
242 B 20ms
13ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7114969398400660195

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js?21068927

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Dec 2020 16:27:29 GMT
x-content-type-options: nosniff
age: 215432
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 23 May 2018 07:39:36 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Dec 2021 16:27:29 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/ Frame 7324 18 KB
7 KB 18ms
13ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js?21068927

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

631c6a3617e2f5860eaa62155f5200b6ca156c00438445f9862089ef785e4542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 20:40:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27426
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7483
x-xss-protection: 0
server: cafe
etag: 7789600959769866771
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Dec 2020 20:40:55 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame 7324 3 KB
2 KB 18ms
13ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js?21068927

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 14:56:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48069
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Dec 2020 14:56:52 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7324 76 KB
29 KB 24ms
21ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js?21068927

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a26dbd7b877b153f4afb810fe7d49ae6c1cb06bc2bc7d8c664c4c164ce465a72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 04:18:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607379317188095"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29426
x-xss-protection: 0
expires: Wed, 09 Dec 2020 04:18:01 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 7324 0
0 26ms
14ms Image
text/html 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSU37UGOrq5cz-MJnoscMa__0Ei2eZnu3-H3gZ1IkrCD8OIhoScf-H_jERXXbM4KZcMmHev
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js?21068927
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2

200

collect
px.ads.linkedin.com/ Frame 7D51
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&time=1607487481154
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252F%26time%3D1607487481...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&time=1607487481154&liSync=true

0
80 B

180ms
180ms

Image
application/javascript

2a05:f500:11:101::b93f:9005
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&time=1607487481154&liSync=true
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 04:18:02 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 0
x-li-uuid: 5jEPIVnxThbAmxasIisAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-content-type-options: nosniff
linkedin-action: 1
content-length: 0
x-li-uuid: s3xwGVnxThaA0cv7KCsAAA==
pragma: no-cache
x-li-pop: afd-prod-esv5
x-msedge-ref: Ref A: 9856F535A32B4A769E431653BDFA1DBA Ref B: FRAEDGE1118 Ref C: 2020-12-09T04:18:01Z
x-frame-options: sameorigin
date: Wed, 09 Dec 2020 04:18:01 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=2592000
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&time=1607487481154&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 78D6 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c44d8ef2cde6fa45fabea4de36b83e7438cc361fd6400c11391080e0fe864be

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame B3E5 46 KB
13 KB 366ms
50ms Script
application/javascript 54.77.231.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025557&pubOrder=305536031&cb=1073246723&custom=homepage&custom3=168400391&adsafe_par&impId=864f4064-39d5-11eb-8fc7-02617d9e854e
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.231.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-231-46.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ea3ca2bb27414625ab663426c307d1e9759691f12c5f62f1d4176bc0d38dc015

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 04:18:01 GMT
content-encoding: gzip
x-server-name: app23.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
DATA 200
OK truncated
/ Frame 9CA3 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f925c630295ca8049f4fcc5968efb4ad1b1dd9e08e131b417a18f5770d73a03c

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 8814 46 KB
13 KB 370ms
68ms Script
application/javascript 54.77.231.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025560&pubOrder=305536031&cb=2016452232&custom=homepage&custom3=168400391&adsafe_par&impId=864f4063-39d5-11eb-8fc7-02617d9e854e
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.231.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-231-46.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2fd6b8fe3b5a4d5607cfdb576207ab1723f6e4aac25597feb7383f395f76aa46

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 04:18:01 GMT
content-encoding: gzip
x-server-name: app21.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 959B 0
22 B 81ms
80ms Image
image/gif 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuB_4g8hS2o9Yrx6vtNNhk1PeCC1s4JKBD3H7r3k-Zk95MuDO9HVYDg7ObjCPC96G2OW5uMAwdszUZuB_CQlbN19Vjgct9WIBMioxfGC9wgrNTsUAxlFQZYcZ4LN3O6V0LSaM-8W75dIQ5kCifEcniCiVpF-wW0kJ_-qfcVNv-TdxpQs4o5bx9KaDFf936N31KOGT0VGtmf_ycVNJWdpGt1M7oTgHpuDsa7nF_EFC97Ye6fAxDzxss8MEmH1XrYijv5y8ZUKjjNWLo&sig=Cg0ArKJSzCGTvktPguA1EAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Dec 2020 04:18:01 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 959B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86bdc74908b86755c26cdd513c43079e648fbc0ffcbd6cd19fb708b8eed3b016

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame E05F 46 KB
13 KB 355ms
74ms Script
application/javascript 54.77.231.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234082178&pubOrder=305536031&cb=1466267259&custom=homepage&custom3=168400391&adsafe_par&impId=864f4066-39d5-11eb-8fc7-02617d9e854e
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.231.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-231-46.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ed72e176e1bf4d995fcae3128ed25a14cc3b466fef0fc6d8e9d00b0a77badf3

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 04:18:01 GMT
content-encoding: gzip
x-server-name: app18.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
DATA 200
OK truncated
/ Frame 7324 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f17c987558ad978e4a46909d0f07587e51dd9623505467ab250d2a2cac96739

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame AC7E 46 KB
13 KB 327ms
54ms Script
application/javascript 54.77.231.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025551&pubOrder=305536031&cb=1178989494&custom=homepage&custom3=168400391&adsafe_par&impId=864f4067-39d5-11eb-8fc7-02617d9e854e
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.231.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-231-46.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 576adfce0bb283fe0e8fe2ca79654dd18accb128eca3bfe13431c5ebb4a3645c

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 04:18:01 GMT
content-encoding: gzip
x-server-name: app43.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
DATA 200
OK truncated
/ Frame 3491 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dbdc65e28608bfaf081253ab8e1a054168622aaf86b9a38edf27afd3cd5e2222

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame C8A8 46 KB
13 KB 327ms
72ms Script
application/javascript 54.77.231.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092456&pubOrder=305536031&cb=444226775&custom=homepage&custom3=168400391&adsafe_par&impId=864f4065-39d5-11eb-8fc7-02617d9e854e
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.231.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-231-46.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 252e315950b722517fa1932100d12ef9346d2c77c92ffdce16a03f03275c2d75

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 04:18:01 GMT
content-encoding: gzip
x-server-name: app03.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/820018408/ Frame 3F24 42 B
66 B 98ms
28ms Image
image/gif 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/820018408/?random=1607487481056&cv=9&fst=1607486400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=2164211918&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 04:18:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/820018408/ Frame 3F24 42 B
552 B 38ms
19ms Image
image/gif 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/820018408/?random=1607487481056&cv=9&fst=1607486400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=2164211918&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 04:18:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/859754747/ Frame 9FC0 42 B
66 B 97ms
27ms Image
image/gif 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/859754747/?random=1607487481001&cv=9&fst=1607486400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=373561552&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 04:18:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/859754747/ Frame 9FC0 42 B
108 B 21ms
19ms Image
image/gif 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/859754747/?random=1607487481001&cv=9&fst=1607486400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=373561552&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 04:18:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/707564276/ Frame 3A49 42 B
530 B 93ms
26ms Image
image/gif 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/707564276/?random=1607487481053&cv=9&fst=1607486400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=357054364&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 04:18:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/707564276/ Frame 3A49 42 B
108 B 20ms
18ms Image
image/gif 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/707564276/?random=1607487481053&cv=9&fst=1607486400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=357054364&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 04:18:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9CA3 0
22 B 40ms
33ms Image
image/gif 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZUxyf0sHiF0zOEXNQ47b6d-yoDWlbppi599qEi6i9xqmdY5Qjx_uga2Saq2KvJZwYw-TYoNnXLSD5bb71ioLQ-kXTYMRM1YcyjO-wY7HfJD3PPYsj9U0UyU9U8gsJ0zQS4gpwTnrbdfFJ-vcfHQ50hPudDGHVJZsScJlSqSW1XuS4mlyxhAYG-kJabCyOVWh9Ak8stSQ6BN_0mzS71OjoLjHi_KVOR2cQNa8rofW1HR8GC-uNsPhuGMKV1zJB65xDMBd2Ur5ZRm4&sig=Cg0ArKJSzBjeXCS8eIZMEAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Dec 2020 04:18:01 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7324 0
22 B 35ms
31ms Image
image/gif 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu7XxI1McQ9KikMPYwSI78-ntP1PyH9Ivnu-20jm0svJdfZa5eorrYTtnqvWeaxe9fnCoNAesAL0afVGgRDeOETXt91UcvM3WvnOGu6YKEH6YyF2w7MvN93xwRSBWIgnqh81yShpkr4oXACvxSGwolpxUSeeuf693Ql02ds6V1JJGCYrJvVM4wmWeWWddPTZx-XphIYQBn4aeJevVgUyzMjduZsp47Orz-NebTP7Nte_oBUA-SsxWMxEsdQkXpBGCmgw6tnyxhJwkI&sig=Cg0ArKJSzC5dG32lpmjmEAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Dec 2020 04:18:01 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 78D6 0
22 B 32ms
32ms Image
image/gif 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv4vP9unc8KvzJ8TcRT9DQ1nP1nCjhISz7LrbgZbGgVFUQDacCuIxkjrO7zoQAKi48m7N0xa5iQksbTcZSbx1Cix3UpAlR9VvpCsb-N5VygSRy2SFS-LjBTwWSMi_ofIZA6zKOl4gw9OpoHeeehJHXJMZ3g9ac9qtsxdRMvtnYubFIdjMl5dW4jKc3p-Z18RjZF9LE0QPprQ3M3NXAhjD8SAaGv822q1g-q8_DiYXsOrDpjBTDjKydnzr2LWYTLEmsVlMmfgDEB5vM&sig=Cg0ArKJSzAdUz1ZsklL5EAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Dec 2020 04:18:01 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3491 0
22 B 31ms
30ms Image
image/gif 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0i3OB2NyH0Bfhv9AN1TH0Xjff-nmFYIw4b1i8sFbCCi71qh0TxRLJmh6RQETNBNDtyctHCLAaK_lEDcGKq17f0iSm8TSOle0DMWNVEeXpSi9p44RixNmlQ_oHONZNyaX0BSsk5eFrC9lhf6AR3noaTR_vQNxBN9hIazPtctLQZYlQj3lh3YuJgNof3WpFJHGLYZBwfyS81c-Jy2TrKjpBherHMTpjmeNX06-56A94fMM3Vz4oR6pk8JnRCDSgxCVy5JoeGVhMNMw&sig=Cg0ArKJSzBjOHy_80aGDEAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Dec 2020 04:18:01 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H2 200 validate
assets.vidora.com/v1/ 0
313 B 275ms
275ms Other
application/octet-stream 2600:9000:206f:c800:4:77d:a0c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidora.com/v1/validate?api_key=heraldsun.2F8773CE626E38E3517E704E87B6D52D
Requested by: Host: assets.vidora.com
URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:c800:4:77d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 09 Dec 2020 04:18:03 GMT
via: 1.1 7778e859490081303ab32e0feeba8515.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: ykvUtNEZoe-iAmyazZnlAQUgtTOiPwJ2o4rybQGokXanwwaMVbcFgQ==
expires: Wed, 09 Dec 2020 04:18:02 GMT

GET
H2 200 main.gr.19.8.148.js Show response
static.adsafeprotected.com/ Frame B3E5 176 KB
56 KB 43ms
14ms Script
application/javascript 2600:9000:2104:6200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.148.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025557&pubOrder=305536031&cb=1073246723&custom=homepage&custom3=168400391&adsafe_par&impId=864f4064-39d5-11eb-8fc7-02617d9e854e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:6200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2643ed4afec05499a0512b719a13c28b70ce6385241c8a46a2f718e2b275046e

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 22:36:18 GMT
content-encoding: gzip
age: 538904
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 02 Dec 2020 22:21:10 GMT
server: AmazonS3
etag: W/"759b8caa427845cb0f35061a0cbe8d07"
vary: Accept-Encoding
x-amz-version-id: jFlCPuWZb13F7XOq7x4jZr7K0ZmVQw0z
via: 1.1 bda076aae92eaf83374971b76c395857.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: AMS1-C1
content-type: application/javascript
x-amz-cf-id: S-SXwhUSpBu6j_gxpydbSp6ZAlXSuWvidAT5SOudN5sloQDEWXONqA==

GET
H2 200 main.gr.19.8.148.js Show response
static.adsafeprotected.com/ Frame AC7E 176 KB
56 KB 14ms
13ms Script
application/javascript 2600:9000:2104:6200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.148.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025551&pubOrder=305536031&cb=1178989494&custom=homepage&custom3=168400391&adsafe_par&impId=864f4067-39d5-11eb-8fc7-02617d9e854e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:6200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2643ed4afec05499a0512b719a13c28b70ce6385241c8a46a2f718e2b275046e

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 22:36:18 GMT
content-encoding: gzip
age: 538904
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 02 Dec 2020 22:21:10 GMT
server: AmazonS3
etag: W/"759b8caa427845cb0f35061a0cbe8d07"
vary: Accept-Encoding
x-amz-version-id: jFlCPuWZb13F7XOq7x4jZr7K0ZmVQw0z
via: 1.1 bda076aae92eaf83374971b76c395857.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: AMS1-C1
content-type: application/javascript
x-amz-cf-id: 9rhSg-GHxYMqgnohSe1MeG_7rnNExzO48rOHfmHPGD2bNVTp2U2VzQ==

GET
H2 200 main.gr.19.8.148.js Show response
static.adsafeprotected.com/ Frame 8814 176 KB
56 KB 19ms
18ms Script
application/javascript 2600:9000:2104:6200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.148.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025560&pubOrder=305536031&cb=2016452232&custom=homepage&custom3=168400391&adsafe_par&impId=864f4063-39d5-11eb-8fc7-02617d9e854e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:6200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2643ed4afec05499a0512b719a13c28b70ce6385241c8a46a2f718e2b275046e

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 22:36:18 GMT
content-encoding: gzip
age: 538904
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 02 Dec 2020 22:21:10 GMT
server: AmazonS3
etag: W/"759b8caa427845cb0f35061a0cbe8d07"
vary: Accept-Encoding
x-amz-version-id: jFlCPuWZb13F7XOq7x4jZr7K0ZmVQw0z
via: 1.1 bda076aae92eaf83374971b76c395857.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: AMS1-C1
content-type: application/javascript
x-amz-cf-id: YdPM77jMdKKZYAySb7ATAaRUBpJ7G9dhZeqcrOUjqLDDtaU10P7fAw==

GET
H2 200 main.gr.19.8.148.js Show response
static.adsafeprotected.com/ Frame C8A8 176 KB
56 KB 19ms
18ms Script
application/javascript 2600:9000:2104:6200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.148.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092456&pubOrder=305536031&cb=444226775&custom=homepage&custom3=168400391&adsafe_par&impId=864f4065-39d5-11eb-8fc7-02617d9e854e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:6200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2643ed4afec05499a0512b719a13c28b70ce6385241c8a46a2f718e2b275046e

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 22:36:18 GMT
content-encoding: gzip
age: 538904
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 02 Dec 2020 22:21:10 GMT
server: AmazonS3
etag: W/"759b8caa427845cb0f35061a0cbe8d07"
vary: Accept-Encoding
x-amz-version-id: jFlCPuWZb13F7XOq7x4jZr7K0ZmVQw0z
via: 1.1 bda076aae92eaf83374971b76c395857.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: AMS1-C1
content-type: application/javascript
x-amz-cf-id: 4E9ZGiMyn9Fu5jLaCV-GDXzJXkl9TOeY8ojyVo4-gfBQxXk3ZkL6eg==

GET
H2 200 main.gr.19.8.148.js Show response
static.adsafeprotected.com/ Frame E05F 176 KB
56 KB 33ms
32ms Script
application/javascript 2600:9000:2104:6200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.148.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234082178&pubOrder=305536031&cb=1466267259&custom=homepage&custom3=168400391&adsafe_par&impId=864f4066-39d5-11eb-8fc7-02617d9e854e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:6200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2643ed4afec05499a0512b719a13c28b70ce6385241c8a46a2f718e2b275046e

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 22:36:18 GMT
content-encoding: gzip
age: 538904
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 02 Dec 2020 22:21:10 GMT
server: AmazonS3
etag: W/"759b8caa427845cb0f35061a0cbe8d07"
vary: Accept-Encoding
x-amz-version-id: jFlCPuWZb13F7XOq7x4jZr7K0ZmVQw0z
via: 1.1 bda076aae92eaf83374971b76c395857.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: AMS1-C1
content-type: application/javascript
x-amz-cf-id: 8tv6mUPuCeB5YBf7v60iFcx1RX3Bzw1hNtQEE68WiHCsWFkWEaQ8kA==

GET
H2 200 sca.17.4.114.js Show response
static.adsafeprotected.com/ Frame CD3B 81 KB
82 KB 13ms
12ms Script
application/javascript 2600:9000:2104:6200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.4.114.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:6200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 03:12:04 GMT
via: 1.1 bda076aae92eaf83374971b76c395857.cloudfront.net (CloudFront)
age: 1386358
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 83389
last-modified: Mon, 13 Jan 2020 23:54:54 GMT
server: AmazonS3
etag: "e456dd0e5be3c2494dd734db6c5b965c"
x-amz-version-id: gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z
cache-control: max-age=315360000
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: bjA5enyGmD3j-rhRgxLIUC86y8LAuujOFbom3D5Jju4rk40pSVM_Pw==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 35ms
35ms Image
image/gif 54.77.231.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025557&pubOrder=305536031&cb=1073246723&custom=homepage&custom3=168400391&adsafe_par&impId=864f4064-39d5-11eb-8fc7-02617d9e854e&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:19566963-3d38-20b4-6607-58e116314d95,c:wmSllB,sl:outOfView,em:true,fr:true,mn:app23ie,pt:1-5-15,wc:0.0.1600.1200,ac:1273.479.1.1,am:i,cc:1273.479.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:siDXEwa+11|12|13|14|15|16|17|18|19|1a|1b|1c1|1d1|1e|1f|1g|1h|1i1|1j*.10507|1j1|1k1|1l1|1m1|1n,idMap:1j*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:254,oid:86a9e3e0-39d5-11eb-a972-0ad2739237b2,v:19.8.148,sp:1,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.231.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-231-46.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 04:18:01 GMT
x-server-name: app37.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 563ms
91ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=19566963-3d38-20b4-6607-58e116314d95&tv={c:wmSlmd,pingTime:-2,time:291,type:a,im:{pBlk:263,sf:0,pom:1,prf:{beA:372,beZ:373,mfA:605,cmA:606,inA:606,inZ:613,prA:613,prZ:618,si:625,poA:625,bl:634,poZ:634,cmZ:634,mfZ:634,loA:644,loZ:645,ltA:661,ltZ:661}},sca:{dfp:{df:0}},env:{gca:false,cca:false,gca2:false},clog:[{piv:0,vs:o,r:r,w:1,h:1,t:253}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:291,n:0,pp:0,pm:0},slEvents:[{sl:o,t:253,wc:0.0.1600.1200,ac:1273.479.1.1,am:i,cc:1273.479.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[52~0],as:[52~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:siDXEwa+11|12|13|14|15|16|17|18|19|1a|1b|1c1|1d1|1e|1f|1g|1h|1i1|1j*.10507|1j1|1k1|1l1|1m1|1n,idMap:1j*,rmeas:1,rend:0,renddet:IMG.us,slid:[google_ads_iframe_/5129/ndm.hwt/home_1,google_ads_iframe_/5129/ndm.hwt/home_1__container__,ad-block-300x250-1,newscorpau_multi_collection-3],sinceFw:36,readyFired:true}&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Dec 2020 04:18:02 GMT
X-Server-Name: dt37.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 sca.17.4.114.js Show response
static.adsafeprotected.com/ Frame B10B 81 KB
82 KB 14ms
14ms Script
application/javascript 2600:9000:2104:6200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.4.114.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:6200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 03:12:04 GMT
via: 1.1 bda076aae92eaf83374971b76c395857.cloudfront.net (CloudFront)
age: 1386358
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 83389
last-modified: Mon, 13 Jan 2020 23:54:54 GMT
server: AmazonS3
etag: "e456dd0e5be3c2494dd734db6c5b965c"
x-amz-version-id: gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z
cache-control: max-age=315360000
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: FfcdGEqA5fdvVM0LF9cwqHnqjph_tMRi-4jUxPlQp4mNCyNDwkwtng==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 34ms
34ms Image
image/gif 54.77.231.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025551&pubOrder=305536031&cb=1178989494&custom=homepage&custom3=168400391&adsafe_par&impId=864f4067-39d5-11eb-8fc7-02617d9e854e&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:bd6b2305-1709-6c3d-3404-2f43cebb481d,c:wmSlnb,sl:outOfView,em:true,fr:true,mn:app43ie,pt:1-5-15,wc:0.0.1600.1200,ac:800.3192.1.1,am:i,cc:800.3192.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:siDXEwg+11|12|13|14|15|16|17|18|19|1a|1b|1c1|1d1|1e|1f|1g|1h|1i1|1j1|1j2|1k1|1l1|1m*.10507|1m1|1n,idMap:1m*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:346,oid:86aa0a31-39d5-11eb-9d15-0a84a6b3fbb5,v:19.8.148,sp:1,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.231.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-231-46.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 04:18:01 GMT
x-server-name: app27.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 sca.17.4.114.js Show response
static.adsafeprotected.com/ Frame F03A 81 KB
82 KB 12ms
12ms Script
application/javascript 2600:9000:2104:6200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.4.114.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:6200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 03:12:04 GMT
via: 1.1 bda076aae92eaf83374971b76c395857.cloudfront.net (CloudFront)
age: 1386358
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 83389
last-modified: Mon, 13 Jan 2020 23:54:54 GMT
server: AmazonS3
etag: "e456dd0e5be3c2494dd734db6c5b965c"
x-amz-version-id: gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z
cache-control: max-age=315360000
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: oDn5GQPkJ-D6GLbhnFfIbkDbShK_C9-aKcILIO2uLA2iD4k27oWHUg==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 35ms
35ms Image
image/gif 54.77.231.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025560&pubOrder=305536031&cb=2016452232&custom=homepage&custom3=168400391&adsafe_par&impId=864f4063-39d5-11eb-8fc7-02617d9e854e&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:fcdc0099-457f-089d-b7f7-2c5c73b1728d,c:wmSlnx,sl:outOfView,em:true,fr:true,mn:app21ie,pt:1-5-15,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:siDXEws+11|12|13|14|15|16|17|18|19|1a|1b|1c1|1d1|1e|1f|1g|1h|1i*.10507|1i1|1j1|1j2|1k1|1l1|1m1|1m2|1n,idMap:1i*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:355,oid:86aa0ac3-39d5-11eb-b190-0aeb40f66fa8,v:19.8.148,sp:1,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.231.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-231-46.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 04:18:01 GMT
x-server-name: app32.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 sca.17.4.114.js Show response
static.adsafeprotected.com/ Frame 3D6A 81 KB
82 KB 12ms
12ms Script
application/javascript 2600:9000:2104:6200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.4.114.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:6200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 03:12:04 GMT
via: 1.1 bda076aae92eaf83374971b76c395857.cloudfront.net (CloudFront)
age: 1386358
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 83389
last-modified: Mon, 13 Jan 2020 23:54:54 GMT
server: AmazonS3
etag: "e456dd0e5be3c2494dd734db6c5b965c"
x-amz-version-id: gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z
cache-control: max-age=315360000
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: IMClArSjJYA-9kukC7oW60v05WslEIc-egMAKccvnkNa72IGLREhAA==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 36ms
34ms Image
image/gif 54.77.231.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092456&pubOrder=305536031&cb=444226775&custom=homepage&custom3=168400391&adsafe_par&impId=864f4065-39d5-11eb-8fc7-02617d9e854e&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:94889bf8-d01a-0a75-b8b8-6d0a36d83848,c:wmSlnK,sl:outOfView,em:true,fr:true,mn:app03ie,pt:1-5-15,wc:0.0.1600.1200,ac:1274.8285.1.1,am:i,cc:1274.8285.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:siDXEwy+11|12|13|14|15|16|17|18|19|1a|1b|1c1|1d1|1e|1f|1g|1h|1i1|1i2|1j1|1j2|1k*.10507|1k1|1l1|1m1|1m2|1n,idMap:1k*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:362,oid:86aa0a1e-39d5-11eb-a002-0a6fa201f3de,v:19.8.148,sp:1,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.231.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-231-46.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 04:18:01 GMT
x-server-name: app36.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 sca.17.4.114.js Show response
static.adsafeprotected.com/ Frame 9201 81 KB
82 KB 48ms
47ms Script
application/javascript 2600:9000:2104:6200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.4.114.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:6200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 03:12:04 GMT
via: 1.1 bda076aae92eaf83374971b76c395857.cloudfront.net (CloudFront)
age: 1386358
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 83389
last-modified: Mon, 13 Jan 2020 23:54:54 GMT
server: AmazonS3
etag: "e456dd0e5be3c2494dd734db6c5b965c"
x-amz-version-id: gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z
cache-control: max-age=315360000
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: h5eiA5oBGuY458x4xrNf1L6Z2caNwUazN8hR6oSLDMwdmqST8LdvOw==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
215 B 35ms
34ms Image
image/gif 54.77.231.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=10x10|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234082178&pubOrder=305536031&cb=1466267259&custom=homepage&custom3=168400391&adsafe_par&impId=864f4066-39d5-11eb-8fc7-02617d9e854e&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:9ec5bc9a-a39a-5e84-79a0-0a1f2806e4cd,c:wmSlnW,sl:outOfView,em:true,fr:true,mn:app18ie,pt:1-5-15,wc:0.0.1600.1200,ac:795.9316.10.10,am:i,cc:795.9316.10.10,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:siDXEwB+11|12|13|14|15|16|17|18|19|1a|1b|1c1|1d1|1e|1f|1g|1h|1i1|1i2|1j1|1j2|1k1|1k2|1l*.10507|1l1|1m1|1m2|1n,idMap:1l*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:371,oid:86aa0add-39d5-11eb-a616-0ab32f77e5b0,v:19.8.148,sp:1,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.231.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-231-46.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 04:18:01 GMT
x-server-name: app02.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 up
insight.adsrvr.org/track/ Frame 42BF 0
0 105ms
34ms Document
text/html 34.251.61.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.61.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-61-210.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

date: Wed, 09 Dec 2020 04:18:02 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 up
insight.adsrvr.org/track/ Frame A417 0
0 94ms
35ms Document
text/html 34.251.61.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.61.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-61-210.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

date: Wed, 09 Dec 2020 04:18:02 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 399ms
91ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=bd6b2305-1709-6c3d-3404-2f43cebb481d&tv={c:wmSlox,pingTime:-2,time:429,type:a,im:{sf:0,pom:1,prf:{beA:335,beZ:337,mfA:672,cmA:673,inA:673,inZ:675,prA:675,prZ:678,si:680,poA:681,poZ:685,cmZ:685,mfZ:685,loA:737,loZ:738,ltA:764,ltZ:764}},sca:{dfp:{df:0}},env:{gca:false,cca:false,gca2:false},clog:[{piv:0,vs:o,r:r,w:1,h:1,t:345}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:429,n:0,pp:0,pm:0},slEvents:[{sl:o,t:345,wc:0.0.1600.1200,ac:800.3192.1.1,am:i,cc:800.3192.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[90~0],as:[90~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:siDXEwg+11|12|13|14|15|16|17|18|19|1a|1b|1c1|1d1|1e|1f|1g|1h|1i.10507|1i1|1j1|1j2|1k.10507|1k1|1l.10507|1l1|1m*.10507|1m1|1n,idMap:1m*,rmeas:1,rend:0,renddet:IMG.us,slid:[google_ads_iframe_/5129/ndm.hwt/home_4,google_ads_iframe_/5129/ndm.hwt/home_4__container__,ad-block-728x90-2,newscorpau_ads-168],sinceFw:83,readyFired:true}&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Dec 2020 04:18:02 GMT
X-Server-Name: dt37.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 453ms
91ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=fcdc0099-457f-089d-b7f7-2c5c73b1728d&tv={c:wmSloA,pingTime:-2,time:420,type:a,im:{sf:0,pom:1,prf:{beA:375,beZ:376,mfA:720,cmA:720,inA:720,inZ:722,prA:722,prZ:726,si:730,poA:730,poZ:735,cmZ:735,mfZ:735,loA:771,loZ:772,ltA:795,ltZ:795}},sca:{dfp:{df:0}},env:{gca:false,cca:false,gca2:false},clog:[{piv:0,vs:o,r:r,w:1,h:1,t:355}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:421,n:0,pp:0,pm:0},slEvents:[{sl:o,t:355,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[75~0],as:[75~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:siDXEwg+11|12|13|14|15|16|17|18|19|1a|1b|1c1|1d1|1e|1f|1g|1h|1i*.10507|1i1|1j1|1j2|1k.10507|1k1|1l.10507|1l1|1m.10507|1m1|1m2|1n,idMap:1i*,rmeas:1,rend:0,renddet:IMG.us,slid:[google_ads_iframe_/5129/ndm.hwt/home_0,google_ads_iframe_/5129/ndm.hwt/home_0__container__,ad-block-728x90-1],sinceFw:64,readyFired:true}&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Dec 2020 04:18:02 GMT
X-Server-Name: dt37.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 266ms
91ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=94889bf8-d01a-0a75-b8b8-6d0a36d83848&tv={c:wmSloD,pingTime:-2,time:417,type:a,im:{sf:0,pom:1,prf:{beA:343,beZ:344,mfA:698,cmA:698,inA:698,inZ:699,prA:699,prZ:703,si:705,poA:705,poZ:709,cmZ:709,mfZ:709,loA:745,loZ:746,ltA:760,ltZ:760}},sca:{dfp:{df:0}},env:{gca:false,cca:false,gca2:false},clog:[{piv:0,vs:o,r:r,w:1,h:1,t:362}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:417,n:0,pp:0,pm:0},slEvents:[{sl:o,t:362,wc:0.0.1600.1200,ac:1274.8285.1.1,am:i,cc:1274.8285.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[62~0],as:[62~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:siDXEwg+11|12|13|14|15|16|17|18|19|1a|1b|1c1|1d1|1e|1f|1g|1h|1i.10507|1i1|1i2|1j1|1j2|1k*.10507|1k1|1l.10507|1l1|1m.10507|1m1|1m2|1n,idMap:1k*,rmeas:1,rend:0,renddet:IMG.us,slid:[google_ads_iframe_/5129/ndm.hwt/home_2,google_ads_iframe_/5129/ndm.hwt/home_2__container__,ad-block-300x250-2,newscorpau_ads-19,group_3_col-22],sinceFw:55,readyFired:true}&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Dec 2020 04:18:02 GMT
X-Server-Name: dt53.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 266ms
89ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=9ec5bc9a-a39a-5e84-79a0-0a1f2806e4cd&tv={c:wmSloG,pingTime:-2,time:417,type:a,im:{sf:0,pom:1,prf:{beA:366,beZ:367,mfA:729,cmA:729,inA:729,inZ:731,prA:731,prZ:734,si:736,poA:736,poZ:740,cmZ:740,mfZ:740,loA:771,loZ:772,ltA:782,ltZ:782}},sca:{dfp:{df:0}},env:{gca:false,cca:false,gca2:false},clog:[{piv:0,vs:o,r:r,w:10,h:10,t:371}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:417,n:0,pp:0,pm:0},slEvents:[{sl:o,t:370,wc:0.0.1600.1200,ac:795.9316.10.10,am:i,cc:795.9316.10.10,piv:0,obst:0,th:0,reas:r,bkn:{piv:[52~0],as:[52~10.10]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:siDXEwg+11|12|13|14|15|16|17|18|19|1a|1b|1c1|1d1|1e|1f|1g|1h|1i.10507|1i1|1i2|1j1|1j2|1k.10507|1k1|1k2|1l*.10507|1l1|1m.10507|1m1|1m2|1n,idMap:1l*,rmeas:1,rend:0,renddet:IMG.us,slid:[google_ads_iframe_/5129/ndm.hwt/home_3,google_ads_iframe_/5129/ndm.hwt/home_3__container__,ad-block-1000x50-1],sinceFw:46,readyFired:true}&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Dec 2020 04:18:02 GMT
X-Server-Name: dt57.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 adsct Show response
analytics.twitter.com/i/ Frame C17D 31 B
650 B 186ms
142ms Script
application/javascript 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o3flk&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 04:18:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 120
pragma: no-cache
last-modified: Wed, 09 Dec 2020 04:18:02 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: da5b4ede73759923b5929d539cee67c3
x-transaction: 00b782a400c7a445
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ Frame C17D 43 B
449 B 170ms
126ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o3flk&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2F

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 04:18:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 105
pragma: no-cache
last-modified: Wed, 09 Dec 2020 04:18:02 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 40c6352aab91cf9145ae73e8faf36972
x-transaction: 00599cb70030b147
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 89ms
89ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=19566963-3d38-20b4-6607-58e116314d95&tv={c:wmSlpi,time:483,type:e,im:{pWait:30},env:{ar:self.0},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:483,n:0,pp:0,pm:0},slEvents:[{sl:o,t:253,wc:0.0.1600.1200,ac:1273.479.1.1,am:i,cc:1273.479.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[244~0],as:[244~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:siDXEwa+11|12|13|14|15|16|17|18|19|1a|1b|1c1|1d1|1e|1f|1g|1h|1i.10507|1i1|1j*.10507|1j1|1k.10507|1k1|1l.10507|1l1|1m.10507|1m1|1n,idMap:1j*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Dec 2020 04:18:02 GMT
X-Server-Name: dt53.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 89ms
88ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=bd6b2305-1709-6c3d-3404-2f43cebb481d&tv={c:wmSlps,time:486,type:e,env:{ar:self.0},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:486,n:0,pp:0,pm:0},slEvents:[{sl:o,t:345,wc:0.0.1600.1200,ac:800.3192.1.1,am:i,cc:800.3192.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[147~0],as:[147~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:siDXEwg+11|12|13|14|15|16|17|18|19|1a|1b|1c1|1d1|1e|1f|1g|1h|1i.10507|1i1|1j1|1j2|1k.10507|1k1|1l.10507|1l1|1m*.10507|1m1|1n,idMap:1m*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Dec 2020 04:18:02 GMT
X-Server-Name: dt57.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 89ms
88ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=fcdc0099-457f-089d-b7f7-2c5c73b1728d&tv={c:wmSlpt,time:475,type:e,env:{ar:self.0},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:475,n:0,pp:0,pm:0},slEvents:[{sl:o,t:355,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[129~0],as:[129~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:siDXEwg+11|12|13|14|15|16|17|18|19|1a|1b|1c1|1d1|1e|1f|1g|1h|1i*.10507|1i1|1j1|1j2|1k.10507|1k1|1l.10507|1l1|1m.10507|1m1|1m2|1n,idMap:1i*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Dec 2020 04:18:02 GMT
X-Server-Name: dt37.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 89ms
88ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=94889bf8-d01a-0a75-b8b8-6d0a36d83848&tv={c:wmSlpu,time:470,type:e,env:{ar:self.0},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:470,n:0,pp:0,pm:0},slEvents:[{sl:o,t:362,wc:0.0.1600.1200,ac:1274.8285.1.1,am:i,cc:1274.8285.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[115~0],as:[115~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:siDXEwg+11|12|13|14|15|16|17|18|19|1a|1b|1c1|1d1|1e|1f|1g|1h|1i.10507|1i1|1i2|1j1|1j2|1k*.10507|1k1|1l.10507|1l1|1m.10507|1m1|1m2|1n,idMap:1k*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Dec 2020 04:18:02 GMT
X-Server-Name: dt53.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 91ms
89ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=9ec5bc9a-a39a-5e84-79a0-0a1f2806e4cd&tv={c:wmSlpv,time:468,type:e,env:{ar:self.0},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:468,n:0,pp:0,pm:0},slEvents:[{sl:o,t:370,wc:0.0.1600.1200,ac:795.9316.10.10,am:i,cc:795.9316.10.10,piv:0,obst:0,th:0,reas:r,bkn:{piv:[103~0],as:[103~10.10]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:siDXEwg+11|12|13|14|15|16|17|18|19|1a|1b|1c1|1d1|1e|1f|1g|1h|1i.10507|1i1|1i2|1j1|1j2|1k.10507|1k1|1k2|1l*.10507|1l1|1m.10507|1m1|1m2|1n,idMap:1l*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Dec 2020 04:18:02 GMT
X-Server-Name: dt57.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 103ms
90ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=19566963-3d38-20b4-6607-58e116314d95&tv={c:wmSlrA,pingTime:-10,time:624,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.4.114v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200222002220222202,sd:MTcuNC4xMTR2MTIwMHx8MTYwMHx8MXx8MXx8MjR8fDEyMDB8fDB8fDB8fDF8fGxhbmRzY2FwZS1wcmltYXJ5fHwyNHx8NC8zfHw0LzN8fDB8fDE2MDA-,no:MTcuNC4xMTR2TW96aWxsYXx8TmV0c2NhcGV8fG58fDEyfHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTYwfHxNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODMuMC40MTAzLjYxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,asp:1607487482162||2e7be563ea1d045dc0c7550be4a2bc2b||71ff54ebddb1e090fbf173d96e2342c8||0c6a8157a7db3c61ff5c6496580b87de||591d267aa626393cc4f6ac194cb60e33||69ad4667c58ef6578ec5e718bfb3feac||7d0fc7fc769d403c8a59d56d60a242e1||cf0021c4f817aa78de6df7e042743c69||1576000828}
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Dec 2020 04:18:02 GMT
X-Server-Name: dt37.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK pixie
ib.adnxs.com/ Frame 04C4 42 B
355 B 15ms
15ms Image
image/gif 185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/pixie?e=PageView&pi=4332873b-84ca-4d4d-a575-ee974bcdf99a&it=1607487482257&v=0.0.15&u=https%3A%2F%2Fwww.heraldsun.com.au%2F&r=https%3A%2F%2Fwww.heraldsun.com.au%2F&st=1607487482257&et=1607487482257&if=1
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.220.241 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: nginx/1.17.9 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 09 Dec 2020 04:18:02 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx/1.17.9
Connection: keep-alive
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 732.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 10.2.80.148:80
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 143ms
91ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=bd6b2305-1709-6c3d-3404-2f43cebb481d&tv={c:wmSlwB,pingTime:-10,time:929,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.4.114v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200222002220222202,sd:MTcuNC4xMTR2MTIwMHx8MTYwMHx8MXx8MXx8MjR8fDEyMDB8fDB8fDB8fDF8fGxhbmRzY2FwZS1wcmltYXJ5fHwyNHx8NC8zfHw0LzN8fDB8fDE2MDA-,no:MTcuNC4xMTR2TW96aWxsYXx8TmV0c2NhcGV8fG58fDEyfHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTYwfHxNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODMuMC40MTAzLjYxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,asp:1607487482162||2e7be563ea1d045dc0c7550be4a2bc2b||71ff54ebddb1e090fbf173d96e2342c8||0c6a8157a7db3c61ff5c6496580b87de||591d267aa626393cc4f6ac194cb60e33||69ad4667c58ef6578ec5e718bfb3feac||7d0fc7fc769d403c8a59d56d60a242e1||cf0021c4f817aa78de6df7e042743c69||1576000828,sca:{spg:19566963-3d38-20b4-6607-58e116314d95}}
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Dec 2020 04:18:03 GMT
X-Server-Name: dt53.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 101ms
91ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=94889bf8-d01a-0a75-b8b8-6d0a36d83848&tv={c:wmSlwG,pingTime:-10,time:916,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.4.114v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200222002220222202,sd:MTcuNC4xMTR2MTIwMHx8MTYwMHx8MXx8MXx8MjR8fDEyMDB8fDB8fDB8fDF8fGxhbmRzY2FwZS1wcmltYXJ5fHwyNHx8NC8zfHw0LzN8fDB8fDE2MDA-,no:MTcuNC4xMTR2TW96aWxsYXx8TmV0c2NhcGV8fG58fDEyfHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTYwfHxNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODMuMC40MTAzLjYxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,asp:1607487482162||2e7be563ea1d045dc0c7550be4a2bc2b||71ff54ebddb1e090fbf173d96e2342c8||0c6a8157a7db3c61ff5c6496580b87de||591d267aa626393cc4f6ac194cb60e33||69ad4667c58ef6578ec5e718bfb3feac||7d0fc7fc769d403c8a59d56d60a242e1||cf0021c4f817aa78de6df7e042743c69||1576000828,sca:{spg:19566963-3d38-20b4-6607-58e116314d95}}
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Dec 2020 04:18:03 GMT
X-Server-Name: dt57.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 105ms
91ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=9ec5bc9a-a39a-5e84-79a0-0a1f2806e4cd&tv={c:wmSlxz,pingTime:-10,time:968,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.4.114v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200222002220222202,sd:MTcuNC4xMTR2MTIwMHx8MTYwMHx8MXx8MXx8MjR8fDEyMDB8fDB8fDB8fDF8fGxhbmRzY2FwZS1wcmltYXJ5fHwyNHx8NC8zfHw0LzN8fDB8fDE2MDA-,no:MTcuNC4xMTR2TW96aWxsYXx8TmV0c2NhcGV8fG58fDEyfHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTYwfHxNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODMuMC40MTAzLjYxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,asp:1607487482162||2e7be563ea1d045dc0c7550be4a2bc2b||71ff54ebddb1e090fbf173d96e2342c8||0c6a8157a7db3c61ff5c6496580b87de||591d267aa626393cc4f6ac194cb60e33||69ad4667c58ef6578ec5e718bfb3feac||7d0fc7fc769d403c8a59d56d60a242e1||cf0021c4f817aa78de6df7e042743c69||1576000828,sca:{spg:19566963-3d38-20b4-6607-58e116314d95}}
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Dec 2020 04:18:03 GMT
X-Server-Name: dt37.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 gn
secure-dcr.imrworldwide.com/cgi-bin/ 44 B
529 B 38ms
38ms Image
image/gif 54.194.243.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_b04_homepage_S&asn=homepage&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&devmodel=&manuf=&sysname=&sysversion=&sessionId=na6fru7kzdnoyjotj3ufiwvezhyyt1607487479&prv=1&c6=vc,b04&ca=NA&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&c32=segA,NA&c33=segB,NA&c34=segC,DSK-OTT-WinPhn-OtherBrowser&c15=apn,heraldsun&sup=0&segment2=&segment1=&forward=1&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,fhxbqwd4ioimiydhzogcen9dv7jio1607487479&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16074874799112315&c30=bldv,6.0.0.563&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&devtypid=&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1607487479837&c3=st,c&c64=starttm,1607487482&adid=1607487479837&c58=isLive,false&c59=sesid,&c61=createtm,1607487481&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&c66=mediaurl,&c62=sendTime,1607487481&rnd=169103
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.243.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-243-3.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 04:18:03 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 121ms
91ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=fcdc0099-457f-089d-b7f7-2c5c73b1728d&tv={c:wmSlEk,pingTime:-10,time:1396,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.4.114v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200222002220222202,sd:MTcuNC4xMTR2MTIwMHx8MTYwMHx8MXx8MXx8MjR8fDEyMDB8fDB8fDB8fDF8fGxhbmRzY2FwZS1wcmltYXJ5fHwyNHx8NC8zfHw0LzN8fDB8fDE2MDA-,no:MTcuNC4xMTR2TW96aWxsYXx8TmV0c2NhcGV8fG58fDEyfHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTYwfHxNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODMuMC40MTAzLjYxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,asp:1607487482162||2e7be563ea1d045dc0c7550be4a2bc2b||71ff54ebddb1e090fbf173d96e2342c8||0c6a8157a7db3c61ff5c6496580b87de||591d267aa626393cc4f6ac194cb60e33||69ad4667c58ef6578ec5e718bfb3feac||7d0fc7fc769d403c8a59d56d60a242e1||cf0021c4f817aa78de6df7e042743c69||1576000828,sca:{spg:19566963-3d38-20b4-6607-58e116314d95}}
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Dec 2020 04:18:03 GMT
X-Server-Name: dt53.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 99ms
90ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=19566963-3d38-20b4-6607-58e116314d95&tv={c:wmSlF3,time:1459,type:e,env:{nr_p:1,nr_publ1:1,nr_grpm1:1},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:1459,n:0,pp:0,pm:0},slEvents:[{sl:o,t:253,wc:0.0.1600.1200,ac:1273.479.1.1,am:i,cc:1273.479.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[1220~0],as:[1220~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:890,fm:siDXEwa+11|12|13|14|15|16|17|18|19|1a|1b|1c1|1d1|1e|1f|1g|1h|1i.10507|1i1|1j*.10507|1j1|1k.10507|1k1|1l.10507|1l1|1m.10507|1m1|1n,idMap:1j*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Dec 2020 04:18:03 GMT
X-Server-Name: dt57.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 89ms
88ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=fcdc0099-457f-089d-b7f7-2c5c73b1728d&tv={c:wmSlGK,time:1546,type:e,env:{nr_p:1,nr_publ1:1,nr_grpm1:1},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:1546,n:0,pp:0,pm:0},slEvents:[{sl:o,t:355,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[1200~0],as:[1200~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:901,fm:siDXEwg+11|12|13|14|15|16|17|18|19|1a|1b|1c1|1d1|1e|1f|1g|1h|1i*.10507|1i1|1j1|1j2|1k.10507|1k1|1l.10507|1l1|1m.10507|1m1|1m2|1n,idMap:1i*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Dec 2020 04:18:03 GMT
X-Server-Name: dt37.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 40ms
26ms XHR
application/json 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020120201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js?21068927

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0823c8a78cfb9429eefed05939eee9e41d85f1a97ac94dcc6d2b40a3a52d1488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Dec 2020 04:18:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6485
x-xss-protection: 0

GET
H2 200 cf16035cdd3fd3ff8fe3d41dc9ed7332
content.api.news/v3/images/bin/ 14 KB
14 KB 53ms
52ms Image
image/jpeg 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/cf16035cdd3fd3ff8fe3d41dc9ed7332?width=320
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-88-36.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 8e03cae21d661b5ad81b26345e376fa1d2f22a77c7d129f3a4ecec57c6e964e2

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: cf16035cdd3fd3ff8fe3d41dc9ed7332
date: Wed, 09 Dec 2020 04:18:04 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: cc97d6fee1ab96854d72db01963ec041-cf16035cdd3fd3ff8fe3d41dc9ed7332-320
x-serial: 648
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5176367
last-modified: Wed, 09 Dec 2020 02:12:08 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 14021
expires: Sun, 07 Feb 2021 02:10:51 GMT

GET
H2 200 c567e9101060738e6a0f08766569b678
content.api.news/v3/images/bin/ 14 KB
14 KB 40ms
39ms Image
image/jpeg 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/c567e9101060738e6a0f08766569b678?width=320
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-88-36.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: a18e13f21ca3048590f98fc37bc31cc89b94383dc37673767be7d6878f0ae18d

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: c567e9101060738e6a0f08766569b678
date: Wed, 09 Dec 2020 04:18:04 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 266e624b1000056950c880d16d9929f9-c567e9101060738e6a0f08766569b678-320
x-serial: 497
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5179493
last-modified: Wed, 09 Dec 2020 03:04:13 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 14352
expires: Sun, 07 Feb 2021 03:02:57 GMT

GET
H2 200 c871ec036fe01e1900bc54f98d0a53ef
content.api.news/v3/images/bin/ 6 KB
7 KB 37ms
37ms Image
image/jpeg 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/c871ec036fe01e1900bc54f98d0a53ef?width=320
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-88-36.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: a0177b4b4071d6d394503fd26a79b8a9eefc634387a1754f84b06511ee6391de

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: c871ec036fe01e1900bc54f98d0a53ef
date: Wed, 09 Dec 2020 04:18:04 GMT
last-modified: Wed, 09 Dec 2020 00:28:55 GMT
server: Akamai Image Manager
etag: 7c040e7a0d08c78a39c4b660aadb7f9f-c871ec036fe01e1900bc54f98d0a53ef-320
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5170090
access-control-allow-headers: x-newsapi-api-key
content-length: 6463
expires: Sun, 07 Feb 2021 00:26:14 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js?21068927

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 04:18:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Wed, 09 Dec 2020 04:18:04 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 6798 0
0 6ms
6ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Wed, 09 Dec 2020 00:46:55 GMT
expires: Thu, 09 Dec 2021 00:46:55 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 12669
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 77b99b23fe71ed78bf84f3ea1e83e2ad
content.api.news/v3/images/bin/ 10 KB
10 KB 1425ms
1425ms Image
image/jpeg 104.79.88.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/77b99b23fe71ed78bf84f3ea1e83e2ad?width=320
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.79.88.36 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-88-36.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 55c6cf597e9a0d2681a3d77c7d4b2354e8e79cc4c529e10d9dfbc82861988a40

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: 77b99b23fe71ed78bf84f3ea1e83e2ad
date: Wed, 09 Dec 2020 04:18:05 GMT
last-modified: Wed, 09 Dec 2020 03:49:11 GMT
server: Akamai Image Manager
etag: 8f0c3a40794f259ad4dc0d00736d99e4-77b99b23fe71ed78bf84f3ea1e83e2ad-320
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5182270
access-control-allow-headers: x-newsapi-api-key
content-length: 10009
expires: Sun, 07 Feb 2021 03:49:15 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 21ms
20ms Image
image/gif 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020120201&jk=942425749130095&bg=!cHOlc1PNAAXKjztBylgKPN9G6aiaVgIAAAA7UgAAAApoAQcKAYnG6lsAeBk_PcsJ-BiNOxCY2BbT6kNOS1JQyaSkzwo9NGMIsXzaRBIyte0OrtVlwaInFsCDw6SGE5YHiq8-HBnPGUn1jRCbQJ0QUGPcprR9BgfVKRz1Uqu9jCQrj6ohK1kQyIiS4sViKalbZixtwJTvFPizvNfqPCmFHOQN9FGAijHqah34SFyIlTu7i6xTNAvxodyPtSnTmDJzKTEXPwDes2X27rbAGnleLSxlu8x-ukXetvBhukrRC79Pq3v-eYX7RZDw8HEWFjWAZDvUbKQOsqGYmY9LsM4HKYHm2fFE_N4ELxLhySwcmpyNaj5tO_t-zZtuJZ5VKAxJB99fF5TKsIJJZRX9MC54NONTJwajj1am1kHS8ZY-98eOMmvSHxBHnwi83HhrKT11DPvRQZ-VOFzIDFzMOsNEA50JAqYc6WCNPJ4EXSpeduP7pd-DC9nBeQrsyXRqfVimcaEKEstPwkGwM4TgyMOLnlLw-_X5tgkuP3N52YdLG-iU4YiZu5LGOWoV7ATGn5uZAb3IBvjQuGwrhjivBVymA8tosF3LD2g1UxtwhIEQtDxCtR88ZjyjsYx3lP1ucIaFmXxpioAtZ90IvSxDJ3v2q0cJhiuwrcTSp5INWadDs5twLHILr8mANn35ZGTv6h-k9b6ALVjS02fyKURUdaayVs_HK_vfxx3qut4Cbv_0TTjCdW1ynhP1Kijw9igzGG_OLSxKJw2xYsetJieWcZzycauxHiFb1J9GkvjksqYb-yazZowt80OIFLlRL_bNCATNRk2BV4Fb5s_a8qP_mdR0fHDh7gAxOUEsWYR3n1E3SycTLzFCI28BpqqhlXyjHWCij5F-Gj6lhOP1sYAJ50kLX5XjQl4i7EeDNGQE7dojE1zq4P8OI3H6jiHpDmGNmKibm7m5mjk_8hEsaMi9MF7K4POc2qpWrteIT0zy61HMS3yry-chk6uxTXQMPMhxEg_hDi-3l8csaX7f2r9okMxaSxZtCUza5RO0RWLxrfNDHsgvIUW2Oc9_ATFcnSLATJZLhL6_kaouSoxFiLIzlKuSuZMbvlw5xGNmbkcx8o5vlQt9wt8mF2cmUgt4SLyO1npYYbB9QVNz21FNbPy2DVk-

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 04:18:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 90ms
89ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=19566963-3d38-20b4-6607-58e116314d95&tv={c:wmSmHy,time:5458,type:e,env:{nr_p:5},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:5458,n:0,pp:0,pm:0},slEvents:[{sl:o,t:253,wc:0.0.1600.1200,ac:1273.479.1.1,am:i,cc:1273.479.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[5219~0],as:[5219~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:200,fm:siDXEwa+11|12|13|14|15|16|17|18|19|1a|1b|1c1|1d1|1e|1f|1g|1h|1i.10507|1i1|1j*.10507|1j1|1k.10507|1k1|1l.10507|1l1|1m.10507|1m1|1n,idMap:1j*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Dec 2020 04:18:07 GMT
X-Server-Name: dt37.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 90ms
89ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=fcdc0099-457f-089d-b7f7-2c5c73b1728d&tv={c:wmSmJc,time:5542,type:e,env:{nr_p:5},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:5542,n:0,pp:0,pm:0},slEvents:[{sl:o,t:355,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[5196~0],as:[5196~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:101,fm:siDXEwg+11|12|13|14|15|16|17|18|19|1a|1b|1c1|1d1|1e|1f|1g|1h|1i*.10507|1i1|1j1|1j2|1k.10507|1k1|1l.10507|1l1|1m.10507|1m1|1m2|1n,idMap:1i*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Dec 2020 04:18:07 GMT
X-Server-Name: dt37.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 106ms
106ms Image
image/gif 54.205.171.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2F&u=CzFsW_B97oCZCUkHkO&d=heraldsun.com.au&g=36976&g0=home%2Chomepage%2Cno_video&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=10000&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=4347&t=QrCCUDF5S1CCAjDQW1y1i_UWSw3&V=121&tz=-60&_acct=anon&sn=2&sv=D2DrdcCEzRchCziOMOCy0NrtBlCjkB&sd=1&im=06030402&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.205.171.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-205-171-136.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 04:18:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: heraldsun.digitaleditions.com.au
URL: http://heraldsun.digitaleditions.com.au/

Verdicts & Comments Add Verdict or Comment

287 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 23:53:03	Name: IDE Value: AHWqTUkNUAgn_9x1hmvUgOVZlq4k5qRTFyguusf4XPeNsmYLWzT5vHi7rk-2CXIh
.imrworldwide.com/	1970-01-19 23:53:03	Name: SSCVER Value: v1
www.heraldsun.com.au/	1970-01-19 14:41:32	Name: AWSALB Value: yfszOtRKA9htCDgEpybxMe9ec4xeJuyY+uxRbw+6M5gUk1aUiMMgGwejKYWRX2v7zwXYIFy/mx4jMh92l814QR5huM42XE35SfVbWu4aDGvUgMl1gyj0UPIb1yIN
.demdex.net/	1970-01-19 18:50:39	Name: dextp Value: 144233-1-1607487480359\|144234-1-1607487480460\|144235-1-1607487480560\|144236-1-1607487480661\|144237-1-1607487480762\|147592-1-1607487480862\|461447-1-1607487480963
.heraldsun.com.au/	1969-12-31 23:59:59	Name: tp Value: 10000
.heraldsun.com.au/	1969-12-31 23:59:59	Name: s_ppv Value: hs%257Chome%257Chomepage%257Chomepage%2C12%2C12%2C1200
www.heraldsun.com.au/	1970-01-19 14:41:32	Name: AWSALBCORS Value: yfszOtRKA9htCDgEpybxMe9ec4xeJuyY+uxRbw+6M5gUk1aUiMMgGwejKYWRX2v7zwXYIFy/mx4jMh92l814QR5huM42XE35SfVbWu4aDGvUgMl1gyj0UPIb1yIN
.imrworldwide.com/	1970-01-19 23:53:03	Name: IMRID Value: 87952d50-39d5-11eb-bc2e-3539b7850ca6
.heraldsun.com.au/	1970-01-19 15:57:51	Name: anonymous_token Value: {%22entitlements%22:anon}
.demdex.net/	1970-01-19 18:50:39	Name: demdex Value: 72203472175572113840938070431054801995
.heraldsun.com.au/	1969-12-31 23:59:59	Name: n_regis Value: 123456789
www.heraldsun.com.au/	1970-01-19 15:59:03	Name: vidoraUserId Value: m2c5d83s1ujpu5fveoa5qrin0vttjb
.heraldsun.com.au/	1970-01-20 16:48:15	Name: nk Value: 7b33bdb693ee05575cb97324035c1442
.heraldsun.com.au/	1970-01-20 08:02:39	Name: AMCV_5FE61C8B533204850A490D4D%40AdobeOrg Value: -637568504%7CMCIDTS%7C18606%7CMCMID%7C46060205225307739322872406490212305516%7CMCAAMLH-1608092278%7C6%7CMCAAMB-1608092278%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCCIDH%7C-2014649779%7CMCOPTOUT-1607494678s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18613%7CvVersion%7C5.1.1

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.taboola.com/libtrc/impl.20201129-9-RELEASE.js(Line 3) Message: Exit TRCRBox.loadScriptCallback(retry=0): no items in response - thumbnails-midrail-native
console-api	log	URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js(Line 18) Message: UTRACK loaded (from tealium)
console-api	log	URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js(Line 3) Message: vidora-client 1.3.3 68d5ea1ec45c96bafd89f1a57b8aa2345fbf87f3
console-api	log	URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js(Line 1) Message: %c Vidora API finished initializing! background: #222; color: #b9da52
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.4.114.js(Line 32) Message: a: 0.002197265625 ms

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6ca42657b4c020436cb93f8e3f6a9444.safeframe.googlesyndication.com
8228261.fls.doubleclick.net
acdn.adnxs.com
ad.doubleclick.net
ads.creative-serving.com
adservice.google.com
adservice.google.nl
analytics.twitter.com
assets.vidora.com
au-gmtdmp.mookie1.com
au.tags.newscgp.com
bh.contextweb.com
bs.serving-sys.com
bttrack.com
cdn-gl.imrworldwide.com
cdn.adsafeprotected.com
cdn.speedcurve.com
cdn.taboola.com
cds.taboola.com
ce.lijit.com
cm.everesttech.net
cm.g.doubleclick.net
content.api.news
dis.criteo.com
dpm.demdex.net
dsp.adkernel.com
dt.adsafeprotected.com
e1.emxdgt.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
heraldsun.digitaleditions.com.au
ib.adnxs.com
ice.360yield.com
id5-sync.com
insight.adsrvr.org
js.adsrvr.org
login.newscorpaustralia.com
match.adsrvr.org
match.taboola.com
metrics.heraldsun.com.au
mhr.talk.news.com.au
news-networkeditorial.s3-ap-southeast-2.amazonaws.com
newscorpau.demdex.net
origin.go.heraldsun.com.au
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.adsafeprotected.com
pixel.rubiconproject.com
pixel.tapad.com
prod.perf-serving.com
px.ads.linkedin.com
resourcesssl.newscdn.com.au
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
s.c.appier.net
s1.rui.au.reastatic.net
s3-ap-southeast-2.amazonaws.com
sb.scorecardresearch.com
script.hotjar.com
seccdn-gl.imrworldwide.com
secure-dcr.imrworldwide.com
secure-ds.serving-sys.com
secure-gl.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
snap.licdn.com
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
static.hotjar.com
sync-t1.taboola.com
sync.crwdcntrl.net
sync.taboola.com
t.co
tags.news.com.au
tags.tiqcdn.com
target.digitalaudience.io
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
ts2020-indies-client.web.app
uconnect.tealiumiq.com
use.fontawesome.com
vars.hotjar.com
widget.perfectmarket.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.heraldsun.com.au
www.heraldsun.news.com.au
www.linkedin.com
www.news.com.au
www.storygize.net
x.bidswitch.net
heraldsun.digitaleditions.com.au
104.244.36.20
104.244.42.131
104.244.42.5
104.75.88.206
104.79.88.147
104.79.88.36
13.225.80.85
13.35.254.127
141.226.224.32
141.226.228.48
143.204.97.161
15.237.76.117
151.101.1.195
151.101.113.108
151.101.114.217
151.101.12.157
151.101.13.181
151.101.13.44
172.105.220.23
172.217.16.134
172.217.18.2
172.217.22.70
174.137.133.49
178.250.0.163
18.192.172.94
18.193.136.159
18.195.155.181
18.195.73.36
184.24.22.132
184.31.90.174
185.33.220.241
185.64.189.110
192.132.33.46
198.148.27.139
199.187.193.192
199.232.57.44
2.21.242.219
216.52.2.19
216.58.207.34
23.111.9.35
23.8.6.251
2600:9000:206f:c00:1e:c291:240:93a1
2600:9000:206f:c800:4:77d:a0c0:93a1
2600:9000:2104:5800:18:1fcd:34e:d2a1
2600:9000:2104:6200:8:48e:53c0:93a1
2600:9000:21f3:7600:2:42d9:3100:93a1
2600:9000:21f3:d200:1e:a43d:b640:93a1
2620:1ec:21::14
2a00:1450:4001:809::2001
2a00:1450:4001:815::2002
2a00:1450:4001:816::2001
2a00:1450:4001:818::2008
2a00:1450:4001:81a::2003
2a00:1450:4001:81a::2004
2a02:26f0:6c00:28c::25ea
2a04:fa87:fffd::c000:42d0
2a05:f500:11:101::b93f:9005
3.122.86.213
3.123.96.39
3.124.14.91
34.241.138.222
34.251.61.210
35.161.43.127
35.227.202.26
35.227.248.159
37.252.172.37
51.255.68.100
52.209.120.242
52.49.226.218
52.95.132.227
52.95.134.222
54.171.173.220
54.194.243.3
54.205.171.136
54.36.109.46
54.77.231.46
65.9.73.11
65.9.73.24
65.9.73.87
69.173.144.139
82.199.68.72
95.101.55.60
99.81.11.244
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
054698b185748a79f3ac386db842e23bf46f8fc707eb0b59665c41aed74a1731
05512d815f46a3dd0e9aaa163dad6808ea2c7d43c89fe74b821c879c4b1b5046
06e9f93163cce0aa6698b5dbdd52d0ea860a91aa75e80d724051e67e6f0304f3
07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c
08052c2c99dd94a7e638999360264f21fd6ea6c6e7f0c9fbaf55e11cd4fe314f
0823c8a78cfb9429eefed05939eee9e41d85f1a97ac94dcc6d2b40a3a52d1488
09494b789c55d639e0aabeffc59433963f0e8e766baba0fea88eae8a63c40ccd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d65919743905ca954e12255f116be6594f5c6ec20fab63ad2295ae71da41658
1136fd8d6ff6f21847aab9abfab903a5a0e2f26a6f621f34af563def44ceb81c
120be8f5d061203ea26fd4bd2043201d6f06a7fce30cd7104e01c5dfafb48cd7
15905de1ad9ed3855748240e4615a86c28e11d3a354e3612d37742f10d82b97d
187f0e2d2331f649e0afc51f0567cf23ef47d57283aa928313452eb1a559efb4
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971
2106309b539a1d5dd1b2f6e8b8bf24fb71082cb256f91b4b30f42239ef37ef03
237be4650a7c501fd8bd5c93327ab072cfcfe88a01e1e7336f90b8d24de53da9
252e315950b722517fa1932100d12ef9346d2c77c92ffdce16a03f03275c2d75
2643ed4afec05499a0512b719a13c28b70ce6385241c8a46a2f718e2b275046e
27ad1c0be127da20f7b68c8e868d9a1fa6ade3308786d297a24a5651faa32a38
2a87453753b5611e7806718ec99a837dc8068d9eb20b4b6b3bb0d38ee2bd84d4
2ba257240ffc08c6b68d4bca0a95796e0244b065df669aaa532f81064f4673b4
2c44d8ef2cde6fa45fabea4de36b83e7438cc361fd6400c11391080e0fe864be
2fa62fdf8e026049d48ee5b0227b6cde543ff47ae4d3a7ee43b360f9d154305f
2fd6b8fe3b5a4d5607cfdb576207ab1723f6e4aac25597feb7383f395f76aa46
31bed423ce065ff8346c3bcd3e1e8586b935ffbe51bb7e8e3be3dabbe1c645b2
3259889b4030e1026d500565c0fc1b65401e9c1cbf4365dfe46c55fd6ffbb366
3492bc139bf82bffa8725924455949cb36628db1491158107197f4f4829eeebb
351e32db125128071b5cefa2c61c68176d3307bcc4741356ab9c37e2b74d0582
386895aeac76b1c5ff9b99ceaf1129828535748e9dd0ff241e8f595ca13b6afb
3883ff2a5b46193da5464f5ae5fb94169d1361cfecedbd187439d459dc669f31
389c3e6d63e41617b9003c624a69023dd1bb04e420da49f12937276e03c899ad
3f17c987558ad978e4a46909d0f07587e51dd9623505467ab250d2a2cac96739
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
43ec631c14060e4d10a7fc3b6b96296f20e718d65fb51558370d41eda08a3ddc
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
48937a453d0749f5bbb23ed50d3f77843dfd2944a8660fc74374e223412a4308
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b80ab49cca418a05255ac5b92d063e739e028a005581148e2da1864e08618dc
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4eb5376d066d64af7dd010e808753247ab04b6c58a8b91f6505db88af2b0ab2d
4ec4545ad59e9dbde642d7a701d279ab2de4bc182633de2375ef01d6c2dfff24
50d6965e9bda0c933c1c556d1c18b280c411dfcae52ea5a00181a48bba0851f9
53c25ccb7181178c52c32fdf5e58a55d730bbfe8e45db600886adfb33d88411b
54138d578ed166d5381db70b3dd14a16830233553b6e4213402bae2fdb0564b4
54213fdd7028506aa8216a234e9f7e2e7c0cebf6b6fc05885d433101091eba1b
55c6cf597e9a0d2681a3d77c7d4b2354e8e79cc4c529e10d9dfbc82861988a40
560ff2564fbf2bef305cf0e9533c4db2671c96297d978fd31ac0310727fe455f
5685a3faf3cb4ebee266f7669cf0a41bf5dc4398355720884364b57731b0e976
57401860e9af6c4ffccc7684a885c156af441747151ac5fda5342ab704df0898
576adfce0bb283fe0e8fe2ca79654dd18accb128eca3bfe13431c5ebb4a3645c
58216d07697cb268f0b30bd5963a1515dd4ee3b5b185151bdb99d041f0fa73fc
584dd1eb9f16961dd3165312577a730ed4f66d4bda84e19ae64b4d6e42d3af83
5b2921328386190cc0c7577424ddc04c663a70f40b867f2f675ccecf1f88919c
5b6656e316c03a551cbdeb95f1aed0acdffeb7b3ce743144573475dd3b8133fe
5e7b471a7b5dcd0107a7a7d6e057c7a6377f258a3bf28087ce83711e0ae4826a
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5ed72e176e1bf4d995fcae3128ed25a14cc3b466fef0fc6d8e9d00b0a77badf3
5fb46ad88af0181f8aa600691dadedc2d6dd1946603b69bc36385f68efdd01a3
60377038b9f5f1ad14093f3b8916221809cd740f76553807aecfa6fe2d10d684
631c6a3617e2f5860eaa62155f5200b6ca156c00438445f9862089ef785e4542
6474d56348e7fd4196787cc15b0c60da2d0520e541c336c71ecbcfeb8be42899
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cdc46bd741ea434a62afefedad537b39f6ca9b52aea4f5828a2b2f27c419882
6d53de17c52365eb4ce49341da6d0844aa24c93f5191d0ce0b6892b4edb78574
6e3e3a7fb48024d92e9e8c43b7f636b0256f69c61114735d327ca43171ad5d11
748b0fd15ebfd7321d9b40df62a397a8832d0f6782676aa5f33328c14ee09416
75481bc06d1b02e50fd1cc921a7838e3af6caa9b8c0745b50182ebf29f195e20
76ed278799c70d65970d395d083738f3a24c6d90d9a00324323120a40ec8329c
796946758f534f8ce84f03a606a2e491cad0092aea5aee3a59c24eb1dcfb4f7c
7d02ffe5e344316e9cfba6bb3525e04d8cb3394d55c325e3b2ab198cdb702d99
7e4f4a23ed7a74e87caf199cb84e638f233d01a7aaa7c29b45862ed87747937f
7eab82ead1480897c3dedd5c6b4ef4ec553efacdca1ce23c3acd6bd8e9621046
86bdc74908b86755c26cdd513c43079e648fbc0ffcbd6cd19fb708b8eed3b016
876e1e0ee634961bee6ed09fc958445fed4966a255a4f1ec381ecebb83cca48e
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8e03cae21d661b5ad81b26345e376fa1d2f22a77c7d129f3a4ecec57c6e964e2
91d684c672c0a1dfd501546262b91d820d8c25bf5ff2968605c50123b5ebffe6
938ad8e6ec2383825911c8e43350a1e1ed1e5f0b7c0d758fac7aedb2f0c58b96
93b175796385750b38fd82e8e644a731aa51296a1a405fae8a12907be3e9eb39
9897f919f6ae2c815ab3dda3a625ce0ff765674ede21ecc42a9fba2297755ef5
a0177b4b4071d6d394503fd26a79b8a9eefc634387a1754f84b06511ee6391de
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a18e13f21ca3048590f98fc37bc31cc89b94383dc37673767be7d6878f0ae18d
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a26dbd7b877b153f4afb810fe7d49ae6c1cb06bc2bc7d8c664c4c164ce465a72
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3
ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96
adf44fce7bd61faaedf33a405c6b7048cb4f6e35e5a915f11bf1ba65d72da19b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2cb57515497d75f4345929ae896c87c21f27d609aed94fb83f857e5b96f9835
b748ce6a5a5ea9c905bca2845dab6456c5232bead14b02fca00864562e98bfda
b74acd33765c08e56b6b1f03da8a3819a1df20b1fa2da2e36d1a7f9d354dfaa7
befd4d99b6cb8649f107a5cd1fec1055d228bdc1c001493676bb87249e9b1040
c4ab088565b86231459d4b94bf85c93543664f8f457e128f651f756558b6d81e
c6b30be9e2ecab19294bbf313c1b95df4ef35c8299bbabfd6e4ec67d95a12376
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d1bcc188f481bacf1d9ab4df424b1e041f10f45c85183d38bd2c079f0566dbda
d5ba954163b526260314b95b75779981e8bc6645c4b3a7bd40cede3ba2799c80
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0
dbdc65e28608bfaf081253ab8e1a054168622aaf86b9a38edf27afd3cd5e2222
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e04775740ec8b9db7622970f707a9bf458ebb5385fc1d6a414312447f8e71ab7
e1ec254792b6fe5cb168d2ce9cb1e35d15311d3b357b305a95cbfb12552477d0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596
e8fe4173e25075caadc17665c082a96abef9a86b802e173e18667807d0cd8a86
e99772ee3b4111414156aa8b0d3cc59a03e9d6512b6b701ba7e96cd646e78b49
ea3ca2bb27414625ab663426c307d1e9759691f12c5f62f1d4176bc0d38dc015
eccd35a63a7b80bbfd3a64bb7be75b327bf9292b7c603c8d31c0247962223819
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef024a5f6a6afe4d445fd60002ff33e71b80ca52cbaab97153e31ab62b40d379
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5fa8602198232e4f3704cf1dc886cb295af0f9906b0c9d63777b5f49852b84
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d
f6f9b28ce46bc46d6dc12b7a3e09437e46b159144cf7ea835cfd4702cad05ad8
f7ffbc8feac97b6c986ea927adf188c1a540568e2fcc79e3b9294e70e44acdb7
f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2
f925c630295ca8049f4fcc5968efb4ad1b1dd9e08e131b417a18f5770d73a03c
fa3748e2366d5ba5f4a7b6c8154809725b6bfb7843743837384c70f060b33503
fa8d4da3c903a35d97894522f566ee0f2f2b15d8bc0fa98b401a17719ee07d96
fe5c6e8d5d904fde8658aa207e0b0ad25206d993e9a0f114c5faa0390c1ec14f

www.heraldsun.com.au Open in urlscan Pro 104.79.88.36 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

270 Requests

100 %HTTPS

19 %IPv6

62 Domains

97 Subdomains

69 IPs

10 Countries

3768 kBTransfer

6601 kBSize

14 Cookies

55 Outgoing links

Page URL History

Redirected requests

270 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.heraldsun.com.au Open in urlscan Pro
104.79.88.36 Public Scan

Screenshot
Live screenshot

Full Image

270
Requests

100 %
HTTPS

19 %
IPv6

62
Domains

97
Subdomains

69
IPs

10
Countries

3768 kB
Transfer

6601 kB
Size

14
Cookies

270 HTTP transactions
5 data transactions