www.heraldsun.com.au Open in urlscan Pro
95.101.184.145 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.heraldsun.news.com.au/common/story_page/0,5478,4859169%255e663,00.html
Effective URL:
https://www.heraldsun.com.au/?nk=0dc6f49ce25a146c488ef0b7eb25e0f0-1608067232
Submission: On December 15 via api (December 15th 2020, 9:20:56 pm UTC) from CA

Summary HTTP 274 Redirects Links 55 Behaviour Indicators

Summary

This website contacted 74 IPs in 9 countries across 55 domains to perform 274 HTTP transactions. The main IP is 95.101.184.145, located in Ascension Island and belongs to AKAMAI-AS, US. The main domain is www.heraldsun.com.au.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on September 28th 2020. Valid for: a year.

This is the only time www.heraldsun.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2.16.186.40 2.16.186.40	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
36 90	95.101.184.145 95.101.184.145	16625 (AKAMAI-AS) (AKAMAI-AS)
10 17	95.101.184.236 95.101.184.236	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.114.217 151.101.114.217	54113 (FASTLY) (FASTLY)
13	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
11	23.210.249.82 23.210.249.82	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a04:fa87:fff... 2a04:fa87:fffd::c000:42d0	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2600:9000:206... 2600:9000:206f:8e00:1e:c291:240:93a1	16509 (AMAZON-02) (AMAZON-02)
2	52.95.134.190 52.95.134.190	16509 (AMAZON-02) (AMAZON-02)
1	52.95.132.175 52.95.132.175	16509 (AMAZON-02) (AMAZON-02)
2	151.101.13.181 151.101.13.181	54113 (FASTLY) (FASTLY)
1 3	23.37.53.17 23.37.53.17	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
3	104.108.60.35 104.108.60.35	16625 (AKAMAI-AS) (AKAMAI-AS)
5	23.37.61.47 23.37.61.47	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.1.195 151.101.1.195	54113 (FASTLY) (FASTLY)
3 3	18.185.197.81 18.185.197.81	16509 (AMAZON-02) (AMAZON-02)
2 9	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
2	185.33.221.52 185.33.221.52	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	172.217.22.98 172.217.22.98	15169 (GOOGLE) (GOOGLE)
1 11	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	54.72.52.19 54.72.52.19	16509 (AMAZON-02) (AMAZON-02)
1 2	72.251.249.9 72.251.249.9	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	35.161.43.127 35.161.43.127	16509 (AMAZON-02) (AMAZON-02)
1	185.86.138.114 185.86.138.114	201081 (SMARTADSE...) (SMARTADSERVER)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
1 1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	172.104.70.67 172.104.70.67	63949 (LINODE-AP...) (LINODE-AP Linode)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
3 3	52.28.21.247 52.28.21.247	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:206... 2600:9000:206f:fe00:4:77d:a0c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2 5	216.58.208.38 216.58.208.38	15169 (GOOGLE) (GOOGLE)
1	2600:9000:207... 2600:9000:2070:9600:18:1fcd:34e:d2a1	16509 (AMAZON-02) (AMAZON-02)
13	172.217.21.226 172.217.21.226	15169 (GOOGLE) (GOOGLE)
2 4	2600:9000:215... 2600:9000:2156:c600:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2600:9000:218... 2600:9000:2182:5400:2:42d9:3100:93a1	16509 (AMAZON-02) (AMAZON-02)
1	65.9.73.65 65.9.73.65	16509 (AMAZON-02) (AMAZON-02)
2	104.86.50.246 104.86.50.246	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.226.155.27 13.226.155.27	16509 (AMAZON-02) (AMAZON-02)
1	35.158.80.187 35.158.80.187	16509 (AMAZON-02) (AMAZON-02)
1	3.232.164.179 3.232.164.179	14618 (AMAZON-AES) (AMAZON-AES)
1	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE)
1	13.225.80.36 13.225.80.36	16509 (AMAZON-02) (AMAZON-02)
4	52.212.154.51 52.212.154.51	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:210... 2600:9000:2104:8c00:2:42d9:3100:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.226.155.71 13.226.155.71	16509 (AMAZON-02) (AMAZON-02)
1	65.9.73.103 65.9.73.103	16509 (AMAZON-02) (AMAZON-02)
2	35.181.18.61 35.181.18.61	16509 (AMAZON-02) (AMAZON-02)
1 1	34.250.153.194 34.250.153.194	16509 (AMAZON-02) (AMAZON-02)
11	52.215.225.80 52.215.225.80	16509 (AMAZON-02) (AMAZON-02)
1	52.18.163.167 52.18.163.167	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:817::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:825::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81d::2001	15169 (GOOGLE) (GOOGLE)
1	80.252.91.53 80.252.91.53	15830 (EQUINIX-C...) (EQUINIX-CONNECT-EMEA)
16	2a00:1450:400... 2a00:1450:4001:81f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:814::2004	15169 (GOOGLE) (GOOGLE)
2	13.226.146.155 13.226.146.155	16509 (AMAZON-02) (AMAZON-02)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
2	2a02:26f0:10c... 2a02:26f0:10c:582::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1	151.101.13.108 151.101.13.108	54113 (FASTLY) (FASTLY)
1	35.227.202.26 35.227.202.26	15169 (GOOGLE) (GOOGLE)
2 5	185.33.220.243 185.33.220.243	29990 (ASN-APPNEX) (ASN-APPNEX)
10	2600:9000:218... 2600:9000:2182:de00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a05:f500:10:... 2a05:f500:10:101::b93f:9105	14413 (LINKEDIN) (LINKEDIN)
19	3.82.234.236 3.82.234.236	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:824::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	18.200.151.216 18.200.151.216	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	34.250.98.73 34.250.98.73	16509 (AMAZON-02) (AMAZON-02)
274	74

1 2.16.186.40 (Ascension Island) 1 redirects

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-186-40.deploy.static.akamaitechnologies.com

www.heraldsun.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

90 95.101.184.145 (Ascension Island) 36 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-184-145.deploy.static.akamaitechnologies.com

www.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.heraldsun.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
content.api.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mhr.talk.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 95.101.184.236 (Ascension Island) 10 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-184-236.deploy.static.akamaitechnologies.com

tags.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.speedcurve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 23.210.249.82 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-82.deploy.static.akamaitechnologies.com

resourcesssl.newscdn.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffd::c000:42d0 (Ireland)

ASN2635 (AUTOMATTIC, US)

origin.go.heraldsun.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:8e00:1e:c291:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

s1.rui.au.reastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.134.190 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-southeast-2.amazonaws.com

news-networkeditorial.s3-ap-southeast-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.95.132.175 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-2.amazonaws.com

s3-ap-southeast-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.13.181 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

widget.perfectmarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.37.53.17 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-53-17.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.108.60.35 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-60-35.deploy.static.akamaitechnologies.com

login.newscorpaustralia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.37.61.47 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-61-47.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.195 (United States)

ASN54113 (FASTLY, US)

ts2020-indies-client.web.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.185.197.81 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-197-81.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 141.226.228.48 (Netherlands) 2 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.148.27.139 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.52 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.22.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s18-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.72.52.19 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-52-19.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.9 (Amsterdam, Netherlands) 1 redirects

ASN29791 (VOXEL-DOT-NET, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.161.43.127 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-161-43-127.us-west-2.compute.amazonaws.com

www.storygize.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.114 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (Garden City, United States)

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.104.70.67 (Tokyo, Japan) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)

s.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.28.21.247 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:fe00:4:77d:a0c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.vidora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.208.38 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s12-in-f38.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
8228261.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2070:9600:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 172.217.21.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s13-in-f226.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2156:c600:1e:a43d:b640:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2182:5400:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.73.65 (Seattle, United States)

ASN16509 (AMAZON-02, US)

au.tags.newscgp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.86.50.246 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-86-50-246.deploy.static.akamaitechnologies.com

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.155.27 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-27.dus51.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.80.187 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

uconnect.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.232.164.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-164-179.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.80.36 (Seattle, United States)

ASN16509 (AMAZON-02, US)

cdn.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.212.154.51 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-154-51.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
newscorpau.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:8c00:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)

seccdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.155.71 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-71.dus51.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.73.103 (Seattle, United States)

ASN16509 (AMAZON-02, US)

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.181.18.61 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-181-18-61.eu-west-3.compute.amazonaws.com

metrics.heraldsun.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.153.194 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-153-194.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.215.225.80 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.163.167 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-163-167.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c6fd3997f31eb85b60cae11bd13a084f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.252.91.53 (Netherlands)

ASN15830 (EQUINIX-CONNECT-EMEA, GB)

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:81f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.146.155 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-146-155.dus51.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:10c:582::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.202.26 (Mountain View, United States)

ASN15169 (GOOGLE, US)

au-gmtdmp.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.33.220.243 (Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:2182:de00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:f500:10:101::b93f:9105 (Ireland)

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 3.82.234.236 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:824::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.200.151.216 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-151-216.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.98.73 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

secure-dcr.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
73	heraldsun.com.au 34 redirects www.heraldsun.com.au origin.go.heraldsun.com.au metrics.heraldsun.com.au	3 MB
41	adsafeprotected.com cdn.adsafeprotected.com pixel.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	470 KB
25	doubleclick.net 4 redirects cm.g.doubleclick.net ad.doubleclick.net securepubads.g.doubleclick.net googleads4.g.doubleclick.net 8228261.fls.doubleclick.net googleads.g.doubleclick.net	140 KB
23	googlesyndication.com pagead2.googlesyndication.com c6fd3997f31eb85b60cae11bd13a084f.safeframe.googlesyndication.com tpc.googlesyndication.com	72 KB
23	taboola.com 2 redirects cdn.taboola.com trc.taboola.com sync.taboola.com match.taboola.com sync-t1.taboola.com cds.taboola.com trc-events.taboola.com	149 KB
21	news.com.au 13 redirects www.heraldsun.news.com.au www.news.com.au tags.news.com.au mhr.talk.news.com.au	206 KB
17	api.news content.api.news	198 KB
11	imrworldwide.com 2 redirects secure-gl.imrworldwide.com cdn-gl.imrworldwide.com seccdn-gl.imrworldwide.com secure-dcr.imrworldwide.com	72 KB
11	newscdn.com.au resourcesssl.newscdn.com.au	73 KB
8	adnxs.com 2 redirects ib.adnxs.com acdn.adnxs.com secure.adnxs.com	9 KB
6	googletagservices.com www.googletagservices.com	172 KB
6	google.com adservice.google.com www.google.com	831 B
6	adsrvr.org 2 redirects match.adsrvr.org js.adsrvr.org insight.adsrvr.org	6 KB
5	tiqcdn.com tags.tiqcdn.com	23 KB
4	demdex.net dpm.demdex.net newscorpau.demdex.net	6 KB
4	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com	61 KB
3	google.de www.google.de	704 B
3	googleadservices.com www.googleadservices.com	36 KB
3	serving-sys.com secure-ds.serving-sys.com bs.serving-sys.com	20 KB
3	bidswitch.net 3 redirects x.bidswitch.net	1 KB
3	mfadsrvr.com 3 redirects rtb.mfadsrvr.com	2 KB
3	newscorpaustralia.com login.newscorpaustralia.com
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	amazonaws.com news-networkeditorial.s3-ap-southeast-2.amazonaws.com s3-ap-southeast-2.amazonaws.com	33 KB
2	googletagmanager.com www.googletagmanager.com	76 KB
2	licdn.com snap.licdn.com	3 KB
2	vidora.com assets.vidora.com	4 KB
2	lijit.com 1 redirects ce.lijit.com	1018 B
2	contextweb.com 1 redirects bh.contextweb.com	828 B
2	perfectmarket.com widget.perfectmarket.com	32 KB
1	twitter.com analytics.twitter.com	284 B
1	linkedin.com px.ads.linkedin.com	66 B
1	t.co t.co	171 B
1	mookie1.com au-gmtdmp.mookie1.com	607 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	google.pl adservice.google.pl	169 B
1	everesttech.net 1 redirects cm.everesttech.net	517 B
1	chartbeat.net ping.chartbeat.net	168 B
1	tealiumiq.com uconnect.tealiumiq.com	454 B
1	newscgp.com au.tags.newscgp.com	48 KB
1	chartbeat.com static.chartbeat.com	23 KB
1	bttrack.com bttrack.com	380 B
1	appier.net 1 redirects s.c.appier.net	361 B
1	criteo.com 1 redirects dis.criteo.com	525 B
1	emxdgt.com e1.emxdgt.com	98 B
1	adkernel.com dsp.adkernel.com	233 B
1	smartadserver.com rtb-csync.smartadserver.com
1	storygize.net 1 redirects www.storygize.net	431 B
1	pubmatic.com simage2.pubmatic.com	885 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	web.app ts2020-indies-client.web.app	3 KB
1	fontawesome.com use.fontawesome.com	13 KB
1	reastatic.net s1.rui.au.reastatic.net	9 KB
1	speedcurve.com cdn.speedcurve.com	7 KB
0	digitaleditions.com.au Failed heraldsun.digitaleditions.com.au Failed
274	55

	Domain	Requested by
70	www.heraldsun.com.au	34 redirects www.heraldsun.com.au
19	dt.adsafeprotected.com	www.heraldsun.com.au
18	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
17	content.api.news	www.heraldsun.com.au
17	tags.news.com.au	10 redirects tags.tiqcdn.com au.tags.newscgp.com
13	securepubads.g.doubleclick.net	tags.tiqcdn.com securepubads.g.doubleclick.net www.heraldsun.com.au
11	pixel.adsafeprotected.com	cdn.adsafeprotected.com www.heraldsun.com.au
11	resourcesssl.newscdn.com.au	www.heraldsun.com.au ts2020-indies-client.web.app
10	static.adsafeprotected.com	pixel.adsafeprotected.com www.heraldsun.com.au
7	cdn.taboola.com	www.heraldsun.com.au cdn.taboola.com
6	www.googletagservices.com	securepubads.g.doubleclick.net
5	secure.adnxs.com	2 redirects www.heraldsun.com.au
5	www.google.com	securepubads.g.doubleclick.net www.heraldsun.com.au
5	cdn-gl.imrworldwide.com	www.heraldsun.com.au seccdn-gl.imrworldwide.com secure-gl.imrworldwide.com cdn-gl.imrworldwide.com
5	sync.taboola.com	2 redirects www.heraldsun.com.au
5	tags.tiqcdn.com	www.heraldsun.com.au tags.tiqcdn.com
5	trc.taboola.com	cdn.taboola.com www.heraldsun.com.au
4	8228261.fls.doubleclick.net	2 redirects www.heraldsun.com.au
4	pagead2.googlesyndication.com	ad.doubleclick.net securepubads.g.doubleclick.net
4	secure-gl.imrworldwide.com	2 redirects secure-gl.imrworldwide.com www.heraldsun.com.au
3	www.google.de	www.heraldsun.com.au
3	googleads.g.doubleclick.net	www.googleadservices.com
3	www.googleadservices.com	secure-ds.serving-sys.com www.googletagmanager.com
3	dpm.demdex.net	tags.news.com.au www.heraldsun.com.au
3	x.bidswitch.net	3 redirects
3	cm.g.doubleclick.net	2 redirects www.heraldsun.com.au
3	rtb.mfadsrvr.com	3 redirects
3	login.newscorpaustralia.com	www.heraldsun.com.au
3	sb.scorecardresearch.com	1 redirects cdn.taboola.com www.heraldsun.com.au
2	insight.adsrvr.org	js.adsrvr.org
2	www.googletagmanager.com	secure-ds.serving-sys.com
2	snap.licdn.com	www.heraldsun.com.au snap.licdn.com
2	js.adsrvr.org	secure-ds.serving-sys.com
2	metrics.heraldsun.com.au	tags.news.com.au www.heraldsun.com.au
2	secure-ds.serving-sys.com	tags.tiqcdn.com secure-ds.serving-sys.com
2	assets.vidora.com	www.heraldsun.com.au assets.vidora.com
2	trc-events.taboola.com	www.heraldsun.com.au
2	sync-t1.taboola.com	www.heraldsun.com.au
2	ce.lijit.com	1 redirects www.heraldsun.com.au
2	match.adsrvr.org	2 redirects
2	ib.adnxs.com	www.heraldsun.com.au
2	bh.contextweb.com	1 redirects www.heraldsun.com.au
2	widget.perfectmarket.com	cdn.taboola.com widget.perfectmarket.com
2	news-networkeditorial.s3-ap-southeast-2.amazonaws.com	www.heraldsun.com.au
2	www.news.com.au	2 redirects
1	secure-dcr.imrworldwide.com
1	analytics.twitter.com	static.ads-twitter.com
1	px.ads.linkedin.com	www.heraldsun.com.au
1	t.co	www.heraldsun.com.au
1	au-gmtdmp.mookie1.com	www.heraldsun.com.au
1	acdn.adnxs.com	www.heraldsun.com.au
1	static.ads-twitter.com	www.heraldsun.com.au
1	bs.serving-sys.com	secure-ds.serving-sys.com
1	c6fd3997f31eb85b60cae11bd13a084f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.pl	securepubads.g.doubleclick.net
1	in.hotjar.com	script.hotjar.com
1	cm.everesttech.net	1 redirects
1	newscorpau.demdex.net	tags.news.com.au
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	seccdn-gl.imrworldwide.com	tags.news.com.au
1	cdn.adsafeprotected.com	tags.news.com.au
1	googleads4.g.doubleclick.net	ad.doubleclick.net
1	ping.chartbeat.net	www.heraldsun.com.au
1	uconnect.tealiumiq.com	www.heraldsun.com.au
1	static.hotjar.com	tags.tiqcdn.com
1	au.tags.newscgp.com	tags.tiqcdn.com
1	static.chartbeat.com	tags.tiqcdn.com
1	ad.doubleclick.net	tags.tiqcdn.com
1	cds.taboola.com	www.heraldsun.com.au
1	bttrack.com	www.heraldsun.com.au
1	s.c.appier.net	1 redirects
1	dis.criteo.com	1 redirects
1	e1.emxdgt.com	www.heraldsun.com.au
1	dsp.adkernel.com	www.heraldsun.com.au
1	rtb-csync.smartadserver.com	www.heraldsun.com.au
1	www.storygize.net	1 redirects
1	simage2.pubmatic.com	www.heraldsun.com.au
1	pixel.rubiconproject.com	www.heraldsun.com.au
1	match.taboola.com	www.heraldsun.com.au
1	ts2020-indies-client.web.app	www.heraldsun.com.au
1	mhr.talk.news.com.au	www.heraldsun.com.au
1	use.fontawesome.com	cdn.taboola.com
1	s3-ap-southeast-2.amazonaws.com	www.heraldsun.com.au
1	s1.rui.au.reastatic.net	www.heraldsun.com.au
1	origin.go.heraldsun.com.au	www.heraldsun.com.au
1	cdn.speedcurve.com	www.heraldsun.com.au
1	www.heraldsun.news.com.au	1 redirects
0	heraldsun.digitaleditions.com.au Failed	www.heraldsun.com.au
274	90

This site contains links to these domains. Also see Links.

Domain
www.plusrewards.com.au
myaccount.heraldsun.com.au
www.escape.com.au
supercoach.com.au
tips.com.au
supercoach.heraldsun.com.au
www.realestate.com.au
heraldsun.digitaleditions.com.au
www.facebook.com
www.twitter.com
www.instagram.com
heraldsun.com.au
myaccount.news.com.au
www.newsletters.news.com.au
www.mytributes.com.au
www.newscorpaustralia.com
www.newsphotos.com.au
www.newsconcierge.com.au
www.dailytelegraph.com.au
www.couriermail.com.au
www.adelaidenow.com.au
www.news.com.au
www.theaustralian.com.au
www.themercury.com.au
www.geelongadvertiser.com.au
www.cairnspost.com.au
www.goldcoastbulletin.com.au
www.townsvillebulletin.com.au
www.thechronicle.com.au
www.ntnews.com.au
www.weeklytimesnow.com.au
www.buysearchsell.com.au
leader.local.heraldsun.com.au
www.foxsports.com.au
www.foxtel.com.au
hipages.com.au
kayosports.com.au
www.punters.com.au
www.odds.com.au
www.racenet.com.au
apps.apple.com
play.google.com
preferences.news.com.au
vip.wordpress.com

Subject Issuer	Validity	Valid
news.com.au DigiCert SHA2 Secure Server CA	`2020-09-28` - `2021-09-28`	a year	crt.sh
*.speedcurve.com GlobalSign Atlas R3 DV TLS CA 2020	`2020-12-09` - `2022-01-10`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
origin.go.heraldsun.com.au Let's Encrypt Authority X3	`2020-11-02` - `2021-01-31`	3 months	crt.sh
s1.rui.au.reastatic.net Amazon	`2020-08-19` - `2021-09-18`	a year	crt.sh
*.s3-ap-southeast-2.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-07-30` - `2021-08-04`	a year	crt.sh
p.ssl.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-11-12` - `2021-02-22`	3 months	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2020-03-16` - `2021-06-15`	a year	crt.sh
web.app GTS CA 1O1	`2020-04-15` - `2021-04-14`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2020-05-07` - `2022-05-12`	2 years	crt.sh
*.smartadserver.com DigiCert Global CA G2	`2020-02-03` - `2022-02-03`	2 years	crt.sh
*.adkernel.com COMODO RSA Domain Validation Secure Server CA	`2017-11-17` - `2021-01-05`	3 years	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2020-05-18` - `2021-07-17`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2019-03-19` - `2021-04-13`	2 years	crt.sh
*.vidora.com Amazon	`2020-04-10` - `2021-05-10`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2020-06-01` - `2021-06-02`	a year	crt.sh
*.imrworldwide.com DigiCert SHA2 Secure Server CA	`2020-01-21` - `2021-02-24`	a year	crt.sh
au.tags.newscgp.com Amazon	`2020-02-08` - `2021-03-08`	a year	crt.sh
secure-ds.serving-sys.com DigiCert SHA2 Secure Server CA	`2020-01-03` - `2021-04-03`	a year	crt.sh
*.hotjar.com Amazon	`2020-01-22` - `2021-02-22`	a year	crt.sh
*.tealiumiq.com Amazon	`2020-10-23` - `2021-11-22`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
*.adsafeprotected.com Amazon	`2020-08-19` - `2021-09-18`	a year	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
metrics.heraldsun.com.au DigiCert SHA2 High Assurance Server CA	`2020-04-13` - `2021-07-15`	a year	crt.sh
fw.adsafeprotected.com Amazon	`2020-09-09` - `2021-10-09`	a year	crt.sh
*.google.pl GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
bs.serving-sys.com Go Daddy Secure Certificate Authority - G2	`2020-01-07` - `2022-03-08`	2 years	crt.sh
www.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-29` - `2021-04-14`	5 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.mookie1.com DigiCert SHA2 Secure Server CA	`2020-02-21` - `2021-03-22`	a year	crt.sh
static.adsafeprotected.com Amazon	`2020-10-03` - `2021-11-03`	a year	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-08-05` - `2021-02-05`	6 months	crt.sh
dt.adsafeprotected.com Amazon	`2020-05-20` - `2021-06-20`	a year	crt.sh
www.google.de GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh

This page contains 39 frames:

Primary Page: https://www.heraldsun.com.au/?nk=0dc6f49ce25a146c488ef0b7eb25e0f0-1608067232
Frame ID: 3F1DB55100CA680782E4E797F5B5F6DE
Requests: 168 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=snT82iOCXprDr5z58~XvkbvVQbcgpyPX&nonce=eqLzkfcw3~6f5FrGzYTtDUGkxS0G67NK&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
Frame ID: 6129FEE0D5D60EDE298381C7FFFADFD9
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=babc4993-0f84-4e49-8495-9ff691b7d5d9&tbid=0970d3b6-b50c-41c2-8222-f80217b0dc45-tuct6d2ae24&query=taboola_hm%3Dbabc4993-0f84-4e49-8495-9ff691b7d5d9&isDirect=0
Frame ID: DDF77FD15CC1ED7AD392E4E1A83D7370
Requests: 20 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=2nVoYFq6hxdpfvMz9.UFdXdrvTiJ9lKB&nonce=cN0oz5sIJjHU0S7MJIlb~0UJBRdoA~B1&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
Frame ID: 84FE518D11ED8B76B5790838FB2DF4A9
Requests: 1 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=idxvYlzM93sE~q1j9GVYrt50cwQg7BVs&nonce=XmPbYVT0LIcOd50GeNlbE_VuiIw9G2ZJ&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
Frame ID: 2791B82FA9E130397084D976F482D22C
Requests: 1 HTTP requests in this frame

Frame: https://secure-gl.imrworldwide.com/storageframe.html
Frame ID: 3CC5EC31CA3745D17061851E25114523
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 536690F7CED8451636D70BF83D33B949
Requests: 1 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: D829BEEE4B1A0144B185B1647A6032E0
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 8B323444590B2B17F5D2E8DD0C2A56CA
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupDj4wWiD2kXKO7infa6JPAlW_XZhFMcii_Aauyhh5kJB726e9_qXM0T25sVLc9IBfylIeZwo2o5Q-GGyT2VUJqHRvlOssWF9qG4dpmg-VrBwNvAh07h-YlsSGWNJDBiKmkEnfGM0IuMY0JEEd5H6NAZxoDMlNT8cW6gOZTpBUokol9uwDl47-37SjAxTMxOSaW4iZmJRHET24m4eTYyDsY2yqfTSlQpL6oZfqG0fL3gvnfV3uYbQ5ORwp6xk-6nmF240sf8g9&sig=Cg0ArKJSzNA7ZLkbhia-EAE&adurl=
Frame ID: FA95D1196707933C0739CF8A1A6C51F8
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssqZldxNJreri5OClG2Q_tpOH-twKBRaehpwHHR_h-0WMz61oAf4p3aoqMq0Zfq985nKlrt5lKNzPXud4lBU3Yk-DBy4xByOdirEvKKIwCke4B_pzJqllEs0nrgRzM9JRWVKpmpfGnmto2WoucOvsFBhwmQLQDvdQHNdtqqRT8UgRWG_PDyb9c1GYCGvg_y107knxVnql4lcrDQCwTBg5OnX0Jl2qarKfQEBeNTZ5CB4nXw28FKB0o3XavBaGWhGYtrE2-rveW5&sig=Cg0ArKJSzCpV-B_G9UZcEAE&adurl=
Frame ID: 80FDD7B014A52D394191AF2099E1B813
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUHBZnq6ksvfok2c5X6biCNwNKTB0EeISVWkmo4qX_u_rBjUxWeKurYuJ9lJUKOneT1Fy3ze4FP9ojwd9GYoahLX1GK0ubOBeKaOKsI2Vg7hUBOMfq8FJJjPqCF-FApvkXlCC-iCfzhtupbrXLAC945Tm6UORR0ac4JXwTM2cjaxv5AISrCYgLR-KiGcIpYMjpM8Q66MWBRMmZdo7EHPskdDhZpfRBPH_ZWoEQa1mSr3H8Sq8DdqPFNWU3I5SSw_2H-r0fCp8w&sig=Cg0ArKJSzMfMxBrwQR1eEAE&adurl=
Frame ID: E98C6D3DF518BEBC681F56075BA76422
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstPcN8JCZrBDjHDhIWQ0AYyH_YxM8mYlvIJd17uczYw4CQDQa2LZqkrChilBbrXwFgl6A3ww3N0Hu6UgjSA44leiyQz7gcSnUAc6sBMdid_PVwMNgVqi2Rflxvrb4mOWltpG67Yk9TP7pqRyQqZOpFLpYQK4fo6mj-DIvBQS3QNdS0xPIvP0VLm64ogyvCvdfCQURFqNEuPqvxj15NzV9E0yMAfLHyX2BiZUrgibVNA_keRg335SRsjbTPUIDtkfiVXNnq4kJq_&sig=Cg0ArKJSzMVLu8kPWJR1EAE&adurl=
Frame ID: 2D842327AEC0D8987C6D33E0C4A287EC
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuEK3NmiSUh4vPXTtpm-sfn2H4pUVkpPNLnAw212FFbvGu63AUEIk-kfi5Z4k0FLQSGkCmx3_wtvX4J-Oa1vxmWFQtPorWyf-Xi69ocLXxFJy54XYQ1TJaSXkVZhhJqzLMZ1yRKHfAsXKomR_rNPgJYUWTxgm-bed3MHk1XxMaf7kvjk8R2eL6mHVS-KOT6ttZoVnIRfJG6QQ26Fpl7uTzcLl71PYjkkz4ySeH0vCBaFqoDoqGXloMHHUPl-8AKTvZn_TNQ6oN6&sig=Cg0ArKJSzHkdlc7S5GpPEAE&adurl=
Frame ID: 87AF266B6BA75C7504B247CBBAD3B187
Requests: 8 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025560&pubOrder=305536031&cb=1914752484&custom=homepage&custom3=168400391&adsafe_par&impId=6068a65f-3f1b-11eb-8c05-02bf2b86cc68
Frame ID: 95F17D6E57D329574163EFFD13DD5496
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025557&pubOrder=305536031&cb=1202565099&custom=homepage&custom3=168400391&adsafe_par&impId=6068a660-3f1b-11eb-8c05-02bf2b86cc68
Frame ID: D23A700C4983B53E346DCCF0C0187CD9
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092456&pubOrder=305536031&cb=1543033782&custom=homepage&custom3=168400391&adsafe_par&impId=6068a661-3f1b-11eb-8c05-02bf2b86cc68
Frame ID: 99FB003C2AE67FEF8B1E0462BEE58FD0
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025551&pubOrder=305536031&cb=1635386072&custom=homepage&custom3=168400391&adsafe_par&impId=6068a663-3f1b-11eb-8c05-02bf2b86cc68
Frame ID: F57535A806637ACEA9DC3D8A99D127C7
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234082178&pubOrder=305536031&cb=756269708&custom=homepage&custom3=168400391&adsafe_par&impId=6068a662-3f1b-11eb-8c05-02bf2b86cc68
Frame ID: 4037766F23A85F6463370C03D90EF830
Requests: 2 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: 19BCFB66CE5C099F2CD0399E4086F5A9
Requests: 1 HTTP requests in this frame

Frame: https://static.ads-twitter.com/uwt.js
Frame ID: B9986FE4F4FA9FEC9F20066E73870517
Requests: 3 HTTP requests in this frame

Frame: https://snap.licdn.com/li.lms-analytics/insight.min.js
Frame ID: 4EEB5A5BE343BAEB204B6ACEA9877A6B
Requests: 3 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Frame ID: 96A1E9CF56E527D6D16CBD839333EA01
Requests: 5 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: FAC736D023516404BCF1ED78E0242565
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/up/pixie.js
Frame ID: 4201AA5D089897F205B6B8E04504200A
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CNCAnaT10O0CFQDruwgdHD8KXg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4601730327904.956
Frame ID: 663B2256E84061A4FA9B94F3CAFBD64C
Requests: 1 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CLOGnaT10O0CFdTJuwgdr2cIBQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2332247875869.4575
Frame ID: 4BD326C35486493984ADD81D609C8B1D
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-820018408
Frame ID: A7A455E431C93FD307DA805AA3FDF7AE
Requests: 5 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/conversion.js
Frame ID: B54332AB65B8F382DB4C6F0C9E66C964
Requests: 4 HTTP requests in this frame

Frame: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296557&src.rand=[timestamp]
Frame ID: 605AB9952EA03855F32F679939C774E6
Requests: 1 HTTP requests in this frame

Frame: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Frame ID: 0FD319AB64456AAC4ADF99F101E4B338
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.114.js
Frame ID: 97208666FF33CF3CC6F3D8742E75A174
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.114.js
Frame ID: 2B9F00AE3E9A1316723A3818CA7D2DDE
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.114.js
Frame ID: D48785AF0B2224E19214B16E9E3FFE5D
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.114.js
Frame ID: E963857CDD831B1189DEA1C8BBBAAAA8
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.114.js
Frame ID: 9E2C42FF2CE34312E06762325D6D5A77
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Frame ID: 74018BCD2FFC1D77E7E6434422006F6E
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Frame ID: 401EB89D2E82B74622C571CCC0A48DDB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: C16ADF9EC6E892993D061CFE09708819
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.heraldsun.news.com.au/common/story_page/0,5478,4859169%255e663,00.html HTTP 301
http://www.news.com.au/heraldsun/common/story_page/0,5478,4859169%255e663,00.html HTTP 301
https://www.news.com.au/heraldsun/common/story_page/0,5478,4859169%255e663,00.html HTTP 301
https://www.heraldsun.com.au/ HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2f HTTP 302
https://www.heraldsun.com.au/ HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&160... HTTP 302
https://www.heraldsun.com.au/?nk=0dc6f49ce25a146c488ef0b7eb25e0f0-1608067232 Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /^\/\/static\.hotjar\.com\/c\/hotjar-/i

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /\/prebid\.js/i

Sizmek (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /serving-sys\.com\//i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

274
Requests

99 %
HTTPS

27 %
IPv6

55
Domains

90
Subdomains

74
IPs

9
Countries

5482 kB
Transfer

8740 kB
Size

5
Cookies

55 Outgoing links

These are links going to different origins than the main page.

URL: https://www.plusrewards.com.au/heraldsun/offers
Title: Rewards

Search URL Search Domain Scan URL

URL: https://myaccount.heraldsun.com.au/s
Title: My account

Search URL Search Domain Scan URL

URL: https://www.escape.com.au/
Title: Travel

Search URL Search Domain Scan URL

URL: https://supercoach.com.au/
Title: SuperCoach

Search URL Search Domain Scan URL

URL: http://tips.com.au/afl/?source_code=HSWEB_TIP1271
Title: tips.com.au

Search URL Search Domain Scan URL

URL: https://supercoach.heraldsun.com.au/racing
Title: SuperCoach

Search URL Search Domain Scan URL

URL: https://supercoach.heraldsun.com.au/nrl
Title: SuperCoach

Search URL Search Domain Scan URL

URL: https://tips.com.au/nrl/
Title: tips.com.au

Search URL Search Domain Scan URL

URL: https://www.realestate.com.au/news/garry-lyon-nicky-brownless-sell-armadale-home-at-auction-for-huge-sum/?rsf=syn:news:nca:hs:spa

Search URL Search Domain Scan URL

URL: https://www.realestate.com.au/

Search URL Search Domain Scan URL

URL: https://www.escape.com.au/destinations/asia/bali/russian-influencer-causes-outrage-with-reckless-motorcycle-stunt-in-bali/news-story/47a620c7e1fb5a54e72b3dd1b8e558e5

Search URL Search Domain Scan URL

URL: https://www.escape.com.au/news/jetstar-launches-christmas-sale-with-some-29-airfare-deals/news-story/844a323bc855bd77ab7ec13eb57a2673
Title: Jetstar drops thousands of $29 flights

Search URL Search Domain Scan URL

URL: https://www.escape.com.au/experiences/lifestyle-and-culture/the-poolside-eateries-where-youll-find-us-this-summer/news-story/a14dc8b358992ed59c7a1acf2f999249
Title: ‘The most messed up chicken and chips’

Search URL Search Domain Scan URL

URL: https://heraldsun.digitaleditions.com.au/index.php
Title: Front pageRead today's paper as it was printed.

Search URL Search Domain Scan URL

URL: https://www.facebook.com/heraldsun

Search URL Search Domain Scan URL

URL: https://www.twitter.com/theheraldsun

Search URL Search Domain Scan URL

URL: https://www.instagram.com/heraldsunphoto

Search URL Search Domain Scan URL

URL: http://heraldsun.com.au/help-rss

Search URL Search Domain Scan URL

URL: https://myaccount.news.com.au/heraldsun/help/subscriptionTerms?pkgDef=HS_GCRACA_W52&hideRegistrationTnC=true
Title: Group/Corporate subscriptions

Search URL Search Domain Scan URL

URL: https://www.newsletters.news.com.au/heraldsun
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://www.mytributes.com.au/
Title: My Tributes

Search URL Search Domain Scan URL

URL: http://www.newscorpaustralia.com/careers
Title: Job Opportunities

Search URL Search Domain Scan URL

URL: https://myaccount.news.com.au/heraldsun/help/subscriptionTerms
Title: Subscription terms

Search URL Search Domain Scan URL

URL: https://myaccount.news.com.au/heraldsun/help/subscriptionTerms?pkgDef=HS_LAPP_17A_W04#subscribe
Title: App only subscription terms

Search URL Search Domain Scan URL

URL: http://www.newsphotos.com.au/C.aspx?VP3=CMS3&VF=Home
Title: Photo Sales

Search URL Search Domain Scan URL

URL: https://www.newsconcierge.com.au/
Title: Advertise with us

Search URL Search Domain Scan URL

URL: https://www.dailytelegraph.com.au/
Title: The Daily Telegraph

Search URL Search Domain Scan URL

URL: https://www.couriermail.com.au/
Title: Courier Mail

Search URL Search Domain Scan URL

URL: http://www.adelaidenow.com.au/
Title: The Advertiser

Search URL Search Domain Scan URL

URL: https://www.news.com.au/
Title: news.com.au

Search URL Search Domain Scan URL

URL: https://www.theaustralian.com.au/
Title: The Australian

Search URL Search Domain Scan URL

URL: https://www.themercury.com.au/
Title: The Mercury

Search URL Search Domain Scan URL

URL: https://www.geelongadvertiser.com.au/
Title: Geelong Advertiser

Search URL Search Domain Scan URL

URL: https://www.cairnspost.com.au/
Title: The Cairns Post

Search URL Search Domain Scan URL

URL: https://www.goldcoastbulletin.com.au/
Title: Gold Coast Bulletin

Search URL Search Domain Scan URL

URL: https://www.townsvillebulletin.com.au/
Title: Townsville Bulletin

Search URL Search Domain Scan URL

URL: https://www.thechronicle.com.au/
Title: The Chronicle

Search URL Search Domain Scan URL

URL: https://www.ntnews.com.au/
Title: NT News

Search URL Search Domain Scan URL

URL: https://www.weeklytimesnow.com.au/
Title: The Weekly Times

Search URL Search Domain Scan URL

URL: https://www.buysearchsell.com.au/
Title: Buy Search Sell

Search URL Search Domain Scan URL

URL: http://leader.local.heraldsun.com.au/
Title: Find Your Local

Search URL Search Domain Scan URL

URL: http://www.foxsports.com.au/
Title: Foxsports

Search URL Search Domain Scan URL

URL: https://www.foxtel.com.au/index.html
Title: Foxtel

Search URL Search Domain Scan URL

URL: https://hipages.com.au/
Title: Hipages

Search URL Search Domain Scan URL

URL: https://kayosports.com.au/
Title: Kayo

Search URL Search Domain Scan URL

URL: https://www.punters.com.au/
Title: Punters

Search URL Search Domain Scan URL

URL: https://www.odds.com.au/
Title: odds.com.au

Search URL Search Domain Scan URL

URL: https://www.racenet.com.au/
Title: racenet.com.au

Search URL Search Domain Scan URL

URL: https://apps.apple.com/au/app/herald-sun/id392582225

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.newscorp.heraldsun

Search URL Search Domain Scan URL

URL: https://preferences.news.com.au/##collect
Title: Find out more about our policy and your choices, including how to opt-out.

Search URL Search Domain Scan URL

URL: https://preferences.news.com.au/
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://preferences.news.com.au/##optout
Title: Relevant ads opt-out

Search URL Search Domain Scan URL

URL: https://preferences.news.com.au/cookies
Title: Cookie policy

Search URL Search Domain Scan URL

URL: https://vip.wordpress.com/
Title: WordPress.com VIP

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.heraldsun.news.com.au/common/story_page/0,5478,4859169%255e663,00.html HTTP 301
http://www.news.com.au/heraldsun/common/story_page/0,5478,4859169%255e663,00.html HTTP 301
https://www.news.com.au/heraldsun/common/story_page/0,5478,4859169%255e663,00.html HTTP 301
https://www.heraldsun.com.au/ HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2f HTTP 302
https://www.heraldsun.com.au/ HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&16080672311428840309 HTTP 302
https://www.heraldsun.com.au/?nk=0dc6f49ce25a146c488ef0b7eb25e0f0-1608067232 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fwp-content%2fthemes%2fnewscorpau-news-dna%2fdist%2fimages%2flogos%2fheraldsun.svg HTTP 302
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg

Request Chain 29

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1608067234975&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1608067234975&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9=&cs_ak_ss=1

Request Chain 45

https://www.heraldsun.com.au/digitalprinteditions HTTP 301
https://idp.news.com.au/idp/services/generatetoken?target=HeraldSun&url=http%3A%2F%2Fheraldsun.digitaleditions.com.au%2F HTTP 0
http://heraldsun.digitaleditions.com.au/

Request Chain 49

https://www.heraldsun.com.au/leader HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fleader HTTP 302
https://www.heraldsun.com.au/leader HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fleader&16080672371885047423 HTTP 302
https://www.heraldsun.com.au/leader?nk=2234558b4a5027c5af3f1808b9c71829-1608067238

Request Chain 50

https://www.heraldsun.com.au/news/victoria HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fvictoria HTTP 302
https://www.heraldsun.com.au/news/victoria HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fvictoria&1608067237707087356 HTTP 302
https://www.heraldsun.com.au/news/victoria?nk=9142605e12d3c466f57fa3845c9ac64f-1608067238

Request Chain 51

https://www.heraldsun.com.au/news/national HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fnational&16080672371140038276 HTTP 302
https://www.heraldsun.com.au/news/national?nk=cb865e7a10fe26aca09723b00204d8fc-1608067238

Request Chain 52

https://www.heraldsun.com.au/news/world HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fworld&1608067237904024713 HTTP 302
https://www.heraldsun.com.au/news/world?nk=31b317d94f7686ba31f26f11e596e9f4-1608067238

Request Chain 53

https://www.heraldsun.com.au/news/opinion HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fopinion&16080672371136722665 HTTP 302
https://www.heraldsun.com.au/news/opinion?nk=b8a696775d83f115a6c34159d25fb3a5-1608067238

Request Chain 55

https://www.heraldsun.com.au/entertainment HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fentertainment HTTP 302
https://www.heraldsun.com.au/entertainment

Request Chain 56

https://www.heraldsun.com.au/lifestyle HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2flifestyle HTTP 302
https://www.heraldsun.com.au/lifestyle

Request Chain 57

https://www.heraldsun.com.au/sport HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fsport HTTP 302
https://www.heraldsun.com.au/sport HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fsport&16080672411375320036 HTTP 302
https://www.heraldsun.com.au/sport?nk=5855a43e5741bcb964bbd83113ab7b36-1608067242

Request Chain 58

https://www.heraldsun.com.au/uncategorized/baby-killers-ridiculous-sentence/promo/3a10d2d8ebe9c7914ba58ecb6bc330c9 HTTP 302
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2funcategorized%2fbaby-killers-ridiculous-sentence%2fpromo%2f3a10d2d8ebe9c7914ba58ecb6bc330c9 HTTP 302
https://www.heraldsun.com.au/uncategorized/baby-killers-ridiculous-sentence/promo/3a10d2d8ebe9c7914ba58ecb6bc330c9 HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2funcategorized%2fbaby-killers-ridiculous-sentence%2fpromo%2f3a10d2d8ebe9c7914ba58ecb6bc330c9&1608067241823807126 HTTP 302
https://www.heraldsun.com.au/uncategorized/baby-killers-ridiculous-sentence/promo/3a10d2d8ebe9c7914ba58ecb6bc330c9?nk=4fc997209d8e1d7962006922bf141aab-1608067242

Request Chain 59

https://www.heraldsun.com.au/lifestyle/smart/how-the-crown-has-brought-dianas-fashion-back-in-focus/news-story/29f9e8a17c9ce0d684d6fddc6f3b2ffa HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Flifestyle%2Fsmart%2Fhow-the-crown-has-brought-dianas-fashion-back-in-focus%2Fnews-story%2F29f9e8a17c9ce0d684d6fddc6f3b2ffa&memtype=anonymous&mode=premium HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fsubscribe%2fnews%2f1%2f%3fsourceCode%3dHSWEB_WRE170_a%26dest%3dhttps%253A%252F%252Fwww.heraldsun.com.au%252Flifestyle%252Fsmart%252Fhow-the-crown-has-brought-dianas-fashion-back-in-focus%252Fnews-story%252F29f9e8a17c9ce0d684d6fddc6f3b2ffa%26memtype%3danonymous%26mode%3dpremium&1608067241792478281 HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Flifestyle%2Fsmart%2Fhow-the-crown-has-brought-dianas-fashion-back-in-focus%2Fnews-story%2F29f9e8a17c9ce0d684d6fddc6f3b2ffa&memtype=anonymous&mode=premium&nk=c56642758959404669720e90b4d7e59f-1608067242

Request Chain 60

https://www.heraldsun.com.au/sport/afl/teams/collingwood/eddie-mcguire-to-step-down-as-collingwood-president-at-end-of-2021-season/news-story/73aad9593a380c1cfb3510c9e90073df HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Fafl%2Fteams%2Fcollingwood%2Feddie-mcguire-to-step-down-as-collingwood-president-at-end-of-2021-season%2Fnews-story%2F73aad9593a380c1cfb3510c9e90073df&memtype=anonymous&mode=premium HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fsubscribe%2fnews%2f1%2f%3fsourceCode%3dHSWEB_WRE170_a%26dest%3dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fsport%252Fafl%252Fteams%252Fcollingwood%252Feddie-mcguire-to-step-down-as-collingwood-president-at-end-of-2021-season%252Fnews-story%252F73aad9593a380c1cfb3510c9e90073df%26memtype%3danonymous%26mode%3dpremium&1608067241491839176 HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Fafl%2Fteams%2Fcollingwood%2Feddie-mcguire-to-step-down-as-collingwood-president-at-end-of-2021-season%2Fnews-story%2F73aad9593a380c1cfb3510c9e90073df&memtype=anonymous&mode=premium&nk=2e4fd91081df1496439c2827823fb721-1608067242

Request Chain 62

https://www.heraldsun.com.au/coronavirus/new-criteria-changes-wholl-get-covid19-vaccine-first/news-story/673af666e1eb8e6d4d0d8c72c2cdfb9f HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fnew-criteria-changes-wholl-get-covid19-vaccine-first%2Fnews-story%2F673af666e1eb8e6d4d0d8c72c2cdfb9f&memtype=anonymous&mode=premium

Request Chain 64

https://www.heraldsun.com.au/entertainment/confidential/richmond-coach-damien-harwick-has-separated-from-his-wife-danielle/news-story/4e64d940189d4534ef1398e511cbfd50 HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fentertainment%2Fconfidential%2Frichmond-coach-damien-harwick-has-separated-from-his-wife-danielle%2Fnews-story%2F4e64d940189d4534ef1398e511cbfd50&memtype=anonymous&mode=premium

Request Chain 67

https://www.heraldsun.com.au/leader/north-west/kilmore-grub-ivan-benic-pleads-guilty-to-sex-charges-after-caught-with-200000-child-porn-files/news-story/4a93aeda0e52360748563c9dceb8c60f HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west%2Fkilmore-grub-ivan-benic-pleads-guilty-to-sex-charges-after-caught-with-200000-child-porn-files%2Fnews-story%2F4a93aeda0e52360748563c9dceb8c60f&memtype=anonymous&mode=premium

Request Chain 69

https://www.heraldsun.com.au/education/schools-hub/dunce-teachers-to-be-weeded-out-with-tough-test/news-story/70981f845b774d62bd0f3da3bd3f187b HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Feducation%2Fschools-hub%2Fdunce-teachers-to-be-weeded-out-with-tough-test%2Fnews-story%2F70981f845b774d62bd0f3da3bd3f187b&memtype=anonymous&mode=premium

Request Chain 71

https://www.heraldsun.com.au/truecrimeaustralia/police-courts/topflight-lawyers-no-guarantee-of-freedom-for-mokbel/news-story/6396ffebd9404299d8adaebb8844e65b HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a_TCA_PC&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Ftruecrimeaustralia%2Fpolice-courts%2Ftopflight-lawyers-no-guarantee-of-freedom-for-mokbel%2Fnews-story%2F6396ffebd9404299d8adaebb8844e65b&memtype=anonymous&mode=premium

Request Chain 72

https://www.heraldsun.com.au/news/victoria/melbourne-suburbs-where-2020-homebuyers-have-spent-the-most-corelogic/news-story/4bd91cc6da693eed17dbf7832e18bb3b HTTP 302
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fvictoria%2Fmelbourne-suburbs-where-2020-homebuyers-have-spent-the-most-corelogic%2Fnews-story%2F4bd91cc6da693eed17dbf7832e18bb3b&memtype=anonymous&mode=premium

Request Chain 80

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=babc4993-0f84-4e49-8495-9ff691b7d5d9 HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=babc4993-0f84-4e49-8495-9ff691b7d5d9&tbid=0970d3b6-b50c-41c2-8222-f80217b0dc45-tuct6d2ae24&query=taboola_hm%3Dbabc4993-0f84-4e49-8495-9ff691b7d5d9&isDirect=0

Request Chain 82

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=dTBJgbTMdkUW&ev=1&orig=trc&pid=562107

Request Chain 84

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc= HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEOGOeRtkbxjJG-SHo6lkYMM&google_cver=1

Request Chain 86

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=0970d3b6-b50c-41c2-8222-f80217b0dc45-tuct6d2ae24

Request Chain 87

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=2b140fc7-7023-40b2-b4fb-df2826229b3d

Request Chain 88

https://ce.lijit.com/merge?pid=42&3pid=4f76d468-e25a-4419-a2c7-06f5da22d33e-tuct6d2ae23&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=42&3pid=4f76d468-e25a-4419-a2c7-06f5da22d33e-tuct6d2ae23&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

Request Chain 90

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=4f76d468-e25a-4419-a2c7-06f5da22d33e-tuct6d2ae23 HTTP 302
https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301

Request Chain 94

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=badde154-74f2-47eb-996d-17a9c7b5f9fd

Request Chain 95

https://id5-sync.com/s/464/9.gif?puid=4f76d468-e25a-4419-a2c7-06f5da22d33e-tuct6d2ae23&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/464/464/7/1.gif?puid=4f76d468-e25a-4419-a2c7-06f5da22d33e-tuct6d2ae23&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOSfD_wnUOjJ1KAeVnSpRAnaaA3H9fX7Qx0nkI4g&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOSfD_wnUOjJ1KAeVnSpRAnaaA3H9fX7Qx0nkI4g&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/464/124/6/2.gif?puid=90c32524-a9e5-4061-9382-20b6f2bcf331&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/19/5/3.gif?puid=52bd6856215f80e96e13d4840d1532f5&gdpr=1&gdpr_consent= HTTP 302
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/464/101/4/4.gif?puid=3aa013af-5b0f-4d18-87c2-46c7a20aaa1c&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/108/3/5.gif?puid=60d26483-3f1b-11eb-a599-e2dd7f45358e&gdpr=1&gdpr_consent= HTTP 302
https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F2%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 301
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F2%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F2%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/464/146/2/6.gif?puid=66c409b5-7b64-4759-9ff7-2171d2fa2aa1&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=2831/tp=GDMP?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F398%2F1%2F7.gif%3Fpuid%3D%24%7Bbase64_profileid%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=2831/tp=GDMP?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F398%2F1%2F7.gif%3Fpuid%3D%24%7Bbase64_profileid%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NTJiZDY4NTYyMTVmODBlOTZlMTNkNDg0MGQxNTMyZjU&google_redir=https://id5-sync.com/c/464/398/1/7.gif?puid=NTJiZDY4NTYyMTVmODBlOTZlMTNkNDg0MGQxNTMyZjU&gdpr=1&gdpr_consent=

Request Chain 96

https://s.c.appier.net/taboola HTTP 302
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=zTm1g3ZkB9O88KX6pCjZXw

Request Chain 99

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=fc814e30-dfce-47c4-bfec-8011539b4335 HTTP 302
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=babc4993-0f84-4e49-8495-9ff691b7d5d9&ssp=taboola HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=fc814e30-dfce-47c4-bfec-8011539b4335

Request Chain 115

https://secure-gl.imrworldwide.com/v60.js HTTP 301
https://cdn-gl.imrworldwide.com/v60.js

Request Chain 138

https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1608067237575&ci=newscorp&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&sr=1600x1200&id=lstrg-65d737e65ce8ad676aa49dfb6683b60d&tz=1 HTTP 302
https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1608067237575&ci=newscorp&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&sr=1600x1200&id=lstrg-65d737e65ce8ad676aa49dfb6683b60d&tz=1&ja=1

Request Chain 141

https://cm.everesttech.net/cm/dd?d_uuid=50096280279805635112254100952025242537 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=X9kopQAAAH2JGx__

Request Chain 209

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4601730327904.956 HTTP 302
https://8228261.fls.doubleclick.net/activityi;dc_pre=CNCAnaT10O0CFQDruwgdHD8KXg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4601730327904.956

Request Chain 210

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2332247875869.4575 HTTP 302
https://8228261.fls.doubleclick.net/activityi;dc_pre=CLOGnaT10O0CFdTJuwgdr2cIBQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2332247875869.4575

Request Chain 214

https://secure.adnxs.com/px?id=879166&seg=9702347&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2

Request Chain 215

https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1

274 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.heraldsun.com.au/
Redirect Chain

http://www.heraldsun.news.com.au/common/story_page/0,5478,4859169%255e663,00.html
http://www.news.com.au/heraldsun/common/story_page/0,5478,4859169%255e663,00.html
https://www.news.com.au/heraldsun/common/story_page/0,5478,4859169%255e663,00.html
https://www.heraldsun.com.au/
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2f
https://www.heraldsun.com.au/
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&16080672311428840309
https://www.heraldsun.com.au/?nk=0dc6f49ce25a146c488ef0b7eb25e0f0-1608067232

332 KB
60 KB

1721ms
1721ms

Document
text/html

95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/?nk=0dc6f49ce25a146c488ef0b7eb25e0f0-1608067232

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-184-145.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

71c7cd191835f93c320a2008401a7972c6cfc96a04493fa92bc7d3e38d39b717

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

:method: GET
:authority: www.heraldsun.com.au
:scheme: https
:path: /?nk=0dc6f49ce25a146c488ef0b7eb25e0f0-1608067232
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: n_regis=123456789
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: nginx
content-type: text/html; charset=UTF-8
set-cookie: AWSALB=73wj6LslhTaGzfNJ5P4q+QLR1r61TBEr8PQAB2dPplhYp8JqM2yDRWBZ5IKJcFOT7WS1/VfMRkD1JpUCrGUIhFYOhX0+1UAV+9DaeL6MnmxDhjMdxSMxZR8bjwBF; Expires=Tue, 22 Dec 2020 21:20:34 GMT; Path=/ nk=0dc6f49ce25a146c488ef0b7eb25e0f0; expires=Fri, 15 Dec 2023 21:20:34 GMT; path=/; domain=heraldsun.com.au; SameSite=None; Secure; AWSALBCORS=73wj6LslhTaGzfNJ5P4q+QLR1r61TBEr8PQAB2dPplhYp8JqM2yDRWBZ5IKJcFOT7WS1/VfMRkD1JpUCrGUIhFYOhX0+1UAV+9DaeL6MnmxDhjMdxSMxZR8bjwBF; Expires=Tue, 22 Dec 2020 21:20:34 GMT; Path=/; SameSite=None; Secure
x-powered-by: WordPress VIP <https://wpvip.com>
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
vary: User-Agent Accept-Encoding
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2f%3fnk%3d0dc6f49ce25a146c488ef0b7eb25e0f0-1608067232&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=&session=0dc6f49ce25a146c488ef0b7eb25e0f0
x-arrrg5: BlaizeHappened
x-rq: bom2 112 151 3108
x-xss-protection: 1
x-content-type-options: nosniff
host-header: a9130478a60e5f9135f765b23f26593b
content-encoding: gzip
expires: Tue, 15 Dec 2020 21:20:34 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 15 Dec 2020 21:20:34 GMT

Redirect headers

server: AkamaiGHost
content-length: 154
content-type: text/html
location: https://www.heraldsun.com.au/?nk=0dc6f49ce25a146c488ef0b7eb25e0f0-1608067232
set-cookie: nk=0dc6f49ce25a146c488ef0b7eb25e0f0; expires=Fri, 15 Dec 2023 21:20:32 GMT; path=/; domain=news.com.au; SameSite=None; Secure;
mime-version: 1.0
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
etag: "05563c72b22b39afb384f19701c03047:1600838589.100191"
expires: Tue, 15 Dec 2020 21:20:32 GMT
cache-control: max-age=0, no-cache
pragma: no-cache
date: Tue, 15 Dec 2020 21:20:32 GMT

GET
H2 200 css-metro-desktop-lazy.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 1 B
593 B 344ms
343ms Stylesheet
text/css 95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=0dc6f49ce25a146c488ef0b7eb25e0f0-1608067232

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-184-145.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-rq: ewr4 114 53 3167
last-modified: Fri, 06 Nov 2020 23:21:49 GMT
server: nginx
etag: "5fa5da8d-1"
vary: User-Agent
content-type: text/css
expires: Tue, 15 Dec 2020 21:20:35 GMT
cache-control: max-age=1
date: Tue, 15 Dec 2020 21:20:34 GMT
is-https: true
content-length: 1
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 lux.js Show response
cdn.speedcurve.com/js/ 21 KB
7 KB 302ms
92ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.speedcurve.com/js/lux.js?id=338391603

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=0dc6f49ce25a146c488ef0b7eb25e0f0-1608067232

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

ef024a5f6a6afe4d445fd60002ff33e71b80ca52cbaab97153e31ab62b40d379

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
content-encoding: gzip
age: 1196
x-cache: HIT
content-length: 6883
x-served-by: cache-hhn4072-HHN
access-control-allow-origin: *
last-modified: Tue, 15 Dec 2020 21:00:38 GMT
server: Apache
x-timer: S1608067235.829157,VS0,VE0
date: Tue, 15 Dec 2020 21:20:34 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Tue, 22 Dec 2020 21:00:38 GMT
cache-control: max-age=604800
x-ua-compatible: IE=edge
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 8

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/ 216 KB
33 KB 207ms
207ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=0dc6f49ce25a146c488ef0b7eb25e0f0-1608067232
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: obaker.93.1.2-11.4.2 /
Resource Hash: 9a5f00ee81f6427dc14d6a0d7398b6abc2dcf6a0a068944335f210e4cf81c4d8

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 5FJ1ynyZf3yeompF6CHoND9h3CtYjuwb
content-encoding: gzip
etag: "4feed0ce9c88ec0f62eaf0c8a40f5106281cda3f"
age: 0
via: 1.1 varnish
x-cache: MISS
x-from-cache: 1
content-length: 33889
x-amz-id-2: oqCfAFKZiQRd5XnHwoMATkMlyb869GHnB/1J7n7VQVsSrqBdrk6Ry6XCf14+SDUynEdl3NT8PmM=
x-served-by: cache-fra19163-FRA
last-modified: Tue, 15 Dec 2020 21:20:34 UTC
server: obaker.93.1.2-11.4.2
x-timer: S1608067235.640489,VS0,VE115
date: Tue, 15 Dec 2020 21:20:34 GMT
vary: Accept-Encoding, Accept-Encoding
x-amz-request-id: BD8754AC7E75BB49
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 13
x-cache-hits: 0

GET
H2

200

heraldsun.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/
Redirect Chain

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fwp-content%2fthemes%2fnewscorpau-news-dna%2fdist%2fimages%2flogos%2fheraldsun.svg
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg

8 KB
4 KB

114ms
97ms

Image
image/svg+xml

95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-184-145.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

5e7b471a7b5dcd0107a7a7d6e057c7a6377f258a3bf28087ce83711e0ae4826a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:35 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 3055
x-rq: ewr4 112 216 3093
last-modified: Fri, 06 Nov 2020 23:11:33 GMT
server: nginx
etag: W/"5fa5d825-1f69"
vary: User-Agent
content-type: image/svg+xml
cache-control: max-age=615321
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Wed, 23 Dec 2020 00:15:56 GMT

Redirect headers

pragma: no-cache
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: AkamaiNetStorage
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
etag: "8222bdfdf08f1a28312e7d161218ff2d:1551324797"
vary: User-Agent
content-type: text/html
location: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg
cache-control: max-age=0, no-cache, no-store
date: Tue, 15 Dec 2020 21:20:34 GMT
is-https: true
content-length: 154
expires: Tue, 15 Dec 2020 21:20:34 GMT

GET
H2 200 source-sans-pro-regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 16 KB
16 KB 399ms
126ms Font
binary/octet-stream 23.210.249.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-regular.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=0dc6f49ce25a146c488ef0b7eb25e0f0-1608067232
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.82 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-82.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:34 GMT
last-modified: Tue, 01 Sep 2020 04:31:33 GMT
server: AmazonS3
x-amz-request-id: 3D8FFEEBCCFF764C
etag: "899c8f78ce650d4009d42443897aa723"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=346150
accept-ranges: bytes
content-length: 16112
x-amz-id-2: 17U+GMrIQLL4tVEQgkW8Adjc8AF1sDd9ZfqFtvTtNX3t1g17jqtHwykm9brVt4Tgmy25yqBXw+c=
expires: Sat, 19 Dec 2020 21:29:44 GMT

GET
H2 200 source-sans-pro-600.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 16 KB
16 KB 373ms
101ms Font
binary/octet-stream 23.210.249.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-600.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=0dc6f49ce25a146c488ef0b7eb25e0f0-1608067232
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.82 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-82.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:34 GMT
last-modified: Tue, 22 Sep 2020 06:30:09 GMT
server: AmazonS3
x-amz-request-id: B23FB14F8043DB08
etag: "c85615b296302af51e683eecb5e371d4"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=373465
accept-ranges: bytes
content-length: 15948
x-amz-id-2: /SLRAq+P4IkVoDQEzfcUIWdzuWIYppkjbDM5BkqrDR5+eY8KunF+oYpGK4R7vBFlUv0YOSUkWsw=
expires: Sun, 20 Dec 2020 05:04:59 GMT

GET
H2 200 6c667bc6f5120b89ed37824d678ac2be
content.api.news/v3/images/bin/ 31 KB
32 KB 823ms
170ms Image
image/jpeg 95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/6c667bc6f5120b89ed37824d678ac2be?width=650
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-184-145.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 08d947fb68ecdb4afd04c4f6a981249860bb7bf35fde3869331d972e8f88ad87

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: 6c667bc6f5120b89ed37824d678ac2be
date: Tue, 15 Dec 2020 21:20:35 GMT
last-modified: Tue, 15 Dec 2020 19:00:36 GMT
server: Akamai Image Manager
etag: 71b27731a27b8c12ee5d9c76f6f75ed3-6c667bc6f5120b89ed37824d678ac2be-650
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5175635
access-control-allow-headers: x-newsapi-api-key
content-length: 32156
expires: Sat, 13 Feb 2021 19:01:10 GMT

GET
H2 200 36426434b951adc112a6f0da16fee5b3
content.api.news/v3/images/bin/ 4 KB
5 KB 831ms
178ms Image
image/jpeg 95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/36426434b951adc112a6f0da16fee5b3?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-184-145.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: f9d5825f45f54728f0f11e972c478ec25c78590c495921dadee0038fb5512cb9

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: 36426434b951adc112a6f0da16fee5b3
date: Tue, 15 Dec 2020 21:20:35 GMT
last-modified: Tue, 15 Dec 2020 09:46:23 GMT
server: Akamai Image Manager
etag: 71d0ff018cb3e86c805f500e284d55d9-36426434b951adc112a6f0da16fee5b3-150
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5142306
access-control-allow-headers: x-newsapi-api-key
content-length: 4419
expires: Sat, 13 Feb 2021 09:45:41 GMT

GET
H2 200 d0ef09499ff20d3f80016db60025cfe0
content.api.news/v3/images/bin/ 5 KB
6 KB 830ms
178ms Image
image/jpeg 95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/d0ef09499ff20d3f80016db60025cfe0?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-184-145.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: bcbae4ba04442de51d06061a1a40872e3d7af82d29090aa9ca2d72fbdbeb9c96

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: d0ef09499ff20d3f80016db60025cfe0
date: Tue, 15 Dec 2020 21:20:35 GMT
last-modified: Tue, 15 Dec 2020 19:01:21 GMT
server: Akamai Image Manager
etag: 3a3bd3f4e9be011d6374318050e3ae13-d0ef09499ff20d3f80016db60025cfe0-150
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5175579
access-control-allow-headers: x-newsapi-api-key
content-length: 5591
expires: Sat, 13 Feb 2021 19:00:14 GMT

GET
H2 200 8dac13420dd9ca404714657ba8ffecc1
content.api.news/v3/images/bin/ 3 KB
4 KB 825ms
173ms Image
image/jpeg 95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/8dac13420dd9ca404714657ba8ffecc1?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-184-145.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 8c31f9e2aaf06e9bdda11852b2d11beb5771940fed486a7f1b2bee524012ec76

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: 8dac13420dd9ca404714657ba8ffecc1
date: Tue, 15 Dec 2020 21:20:35 GMT
last-modified: Tue, 15 Dec 2020 20:00:49 GMT
server: Akamai Image Manager
etag: d7d1de7c81ff4a9a05001969f231e41a-8dac13420dd9ca404714657ba8ffecc1-150
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5179248
access-control-allow-headers: x-newsapi-api-key
content-length: 3300
expires: Sat, 13 Feb 2021 20:01:23 GMT

GET
H2 200 fb4935806e825231c6d81220d07342e8
content.api.news/v3/images/bin/ 3 KB
4 KB 830ms
178ms Image
image/jpeg 95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/fb4935806e825231c6d81220d07342e8?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-184-145.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 91998f86762c6801e681955069145c72b2ab0be30fa2808dd67ff49271ffde9e

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: fb4935806e825231c6d81220d07342e8
date: Tue, 15 Dec 2020 21:20:35 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 9e8634d9a5e8bfce0a79e08cd78d7dbe-fb4935806e825231c6d81220d07342e8-150
x-serial: 242
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5175489
last-modified: Tue, 15 Dec 2020 19:01:22 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 3478
expires: Sat, 13 Feb 2021 18:58:44 GMT

GET
H2 200 acea0236ec720d00d6f34c6ff92a413b
content.api.news/v3/images/bin/ 14 KB
14 KB 838ms
186ms Image
image/webp 95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/acea0236ec720d00d6f34c6ff92a413b?width=650
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-184-145.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: c2477ed756baa8ccd67d158dfc84cc650f319865488ce1cd8793f26627df5a7f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: acea0236ec720d00d6f34c6ff92a413b
date: Tue, 15 Dec 2020 21:20:35 GMT
last-modified: Tue, 15 Dec 2020 05:31:44 GMT
server: Akamai Image Manager
etag: f78f7cacf2a926e0432a5ec8e26c0e22-acea0236ec720d00d6f34c6ff92a413b-650
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5126910
access-control-allow-headers: x-newsapi-api-key
content-length: 13930
expires: Sat, 13 Feb 2021 05:29:05 GMT

GET
H2 200 0750d5c142c529140e09d5e7c8ff1aaf
content.api.news/v3/images/bin/ 58 KB
59 KB 765ms
174ms Image
image/webp 95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/0750d5c142c529140e09d5e7c8ff1aaf?width=650
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-184-145.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 77499e5217c4a813a51171d8278e1d08c2dd95033ec67453ca335ade890f68ce

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: 0750d5c142c529140e09d5e7c8ff1aaf
date: Tue, 15 Dec 2020 21:20:35 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 123101b9fba8f7e8a96f8af858c528e1-0750d5c142c529140e09d5e7c8ff1aaf-650
x-serial: 1746
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5175558
last-modified: Tue, 15 Dec 2020 19:01:06 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 59890
expires: Sat, 13 Feb 2021 18:59:53 GMT

GET
H2 200 charter_bold_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 12 KB
12 KB 414ms
193ms Font
binary/octet-stream 23.210.249.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold_italic.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=0dc6f49ce25a146c488ef0b7eb25e0f0-1608067232
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.82 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-82.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:34 GMT
last-modified: Fri, 25 Sep 2020 03:04:51 GMT
server: AmazonS3
x-amz-request-id: AEE771784BE8E492
etag: "da48b0752549dabb4675d82412c9cd2d"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=346715
accept-ranges: bytes
content-length: 12440
x-amz-id-2: CQatRZwvOTmZYKmofckwfPjIQ72xI2/e6C6jrdAEi+sxTNpCJz/fBRWU8ywSln8isEeBrTgmlYg=
expires: Sat, 19 Dec 2020 21:39:09 GMT

GET
H2 200 charter_bold.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 11 KB
12 KB 414ms
192ms Font
binary/octet-stream 23.210.249.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=0dc6f49ce25a146c488ef0b7eb25e0f0-1608067232
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.82 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-82.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:34 GMT
last-modified: Fri, 25 Sep 2020 03:04:51 GMT
server: AmazonS3
x-amz-request-id: BFDD3120D8720C59
etag: "c4ced7adf03d84494a6c1da275896d38"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=350592
accept-ranges: bytes
content-length: 11472
x-amz-id-2: XeIJgFTdyccONf1GT2ZRJk6T1/yaZcc/Zn4kbFsH3rJmpQqVJoyubkpSz1pgCDmrHlQbYHR093E=
expires: Sat, 19 Dec 2020 22:43:46 GMT

GET
H2 200 Dog_in_boot_1920x1080.jpg
origin.go.heraldsun.com.au/wp-content/uploads/2020/12/ 2 MB
2 MB 79ms
21ms Image
image/jpeg 2a04:fa87:fffd::c000:42d0
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://origin.go.heraldsun.com.au/wp-content/uploads/2020/12/Dog_in_boot_1920x1080.jpg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:42d0 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: d42605a78277db9f4d4b35ac625ec962a9698bd859d5341aa995ab195aa54d27

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:34 GMT
x-rq: ams8 109 28 443
last-modified: Mon, 14 Dec 2020 06:35:43 GMT
server: nginx
etag: "7dd2f9414560940d"
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2525653
expires: Tue, 14 Dec 2021 06:39:37 GMT

GET
H2 200 rea-logo-v4.png
s1.rui.au.reastatic.net/rui-static/img/ 8 KB
9 KB 77ms
30ms Image
image/png 2600:9000:206f:8e00:1e:c291:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.rui.au.reastatic.net/rui-static/img/rea-logo-v4.png
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8e00:1e:c291:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d1bcc188f481bacf1d9ab4df424b1e041f10f45c85183d38bd2c079f0566dbda

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 03:25:47 GMT
via: 1.1 a383f82b5d4e98bbd66535c2c4b20c9e.cloudfront.net (CloudFront)
last-modified: Fri, 11 Aug 2017 05:25:43 GMT
server: AmazonS3
age: 2224488
etag: "7fb1763135890cdfa60dcb405cd51572"
x-cache: Hit from cloudfront
x-amz-version-id: itrxET0Vrz4We1UVf0nZMlYhOyBF2D8w
cache-control: max-age=20221025
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: image/png
content-length: 8533
x-amz-cf-id: rwIN2u7RNpDo-eCLrJ9JfJnI9_KkdO7qfy4RYmCNTrV_WB_yAgJvyQ==

GET
H2 200 title-arrow.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 540 B
862 B 310ms
98ms Image
image/svg+xml 23.210.249.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow.svg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=0dc6f49ce25a146c488ef0b7eb25e0f0-1608067232
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.82 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-82.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:34 GMT
last-modified: Wed, 16 Sep 2020 23:56:43 GMT
server: AmazonS3
x-amz-request-id: 504D77E5FA85043F
etag: "4d7595f832e4962b83a9428c3723233b"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=346541
accept-ranges: bytes
content-length: 540
x-amz-id-2: SfyGNr0xC3gGNdMzZjgt+eJgd3ukJ7Nv6Yl3GvRYVxj6veZ66vLb81mWlvXXQcNgDWF4xt8O4Iw=
expires: Sat, 19 Dec 2020 21:36:15 GMT

GET
H/1.1 200
OK games.svg
news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/ 4 KB
5 KB 1532ms
388ms Image
image/svg+xml 52.95.134.190
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/games.svg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.134.190 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: e04775740ec8b9db7622970f707a9bf458ebb5385fc1d6a414312447f8e71ab7

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Dec 2020 21:20:37 GMT
Last-Modified: Thu, 05 Nov 2020 03:40:33 GMT
Server: AmazonS3
x-amz-request-id: 01CE78C4EA472FC7
ETag: "2fa79b1c302fa407df95b287a47e01bc"
Content-Type: image/svg+xml
x-amz-version-id: mY_fhaFXa9wAEjGJ51huxNeB77eQfnyv
Accept-Ranges: bytes
Content-Length: 4533
x-amz-id-2: cN4UoB9L6/LXkTvwM4IxkAR/YFkPCt5SuviP6WRpXDBEFdKpkQz4dmLDA170SN168tJgYMbFDh8=

GET
H/1.1 200
OK sudoku.svg
news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/ 5 KB
5 KB 1537ms
387ms Image
image/svg+xml 52.95.134.190
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/sudoku.svg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.134.190 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: ef5fa8602198232e4f3704cf1dc886cb295af0f9906b0c9d63777b5f49852b84

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Dec 2020 21:20:37 GMT
Last-Modified: Thu, 05 Nov 2020 03:40:33 GMT
Server: AmazonS3
x-amz-request-id: 5Z6SBY8Z6QFG8Y7T
ETag: "f980b48900de5e5e318ca4e3530b2d75"
Content-Type: image/svg+xml
x-amz-version-id: EnoeaZvtrAcNuP4vk_X8AB6oSBROL97r
Accept-Ranges: bytes
Content-Length: 5207
x-amz-id-2: n7JwJa+ShrQMXrFlV7oLLN1YqzxUBs+m/fpjedSl4V5E23drUG1xs8E3tbDsUwEYRHvGX4aQN/E=

GET
H/1.1 200
OK NCHRS_thumb.jpg
s3-ap-southeast-2.amazonaws.com/t3-resources/prod/publications/smedia/NEWSCORPTITLES/ 22 KB
23 KB 1493ms
377ms Image
image/jpeg 52.95.132.175
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-ap-southeast-2.amazonaws.com/t3-resources/prod/publications/smedia/NEWSCORPTITLES/NCHRS_thumb.jpg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.175 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 02f6334ab84d1d5aa554abe6d5f688814588478bfd9d0698f6ff414d6ff6831a

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Dec 2020 21:20:37 GMT
Last-Modified: Tue, 15 Dec 2020 16:01:16 GMT
Server: AmazonS3
x-amz-request-id: 2AB25DD3B1B2DDBB
ETag: "ea7d208dd9a2c2b88410ce5bd372142e"
Content-Type: image/jpeg
x-amz-version-id: cDyY4v4S_CSWOr1KrjcrJwo00mc2OOCB
Accept-Ranges: bytes
Content-Length: 22853
x-amz-id-2: VFHa+6hzGFOh1mAVUdbPbjWUm0ZSintKOiEngJ7S0TLMg5Ivonf9omvd7qh5TEyB6vAYCKyDTl0=

GET
H2 200 heraldsun-white.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 8 KB
3 KB 113ms
111ms Image
image/svg+xml 95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun-white.svg

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-184-145.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:34 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 2891
x-rq: ewr4 118 117 3092
last-modified: Fri, 06 Nov 2020 23:09:41 GMT
server: nginx
etag: W/"5fa5d7b5-1e5e"
vary: User-Agent
content-type: image/svg+xml
cache-control: max-age=615601
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Wed, 23 Dec 2020 00:20:35 GMT

GET
H2 200 js-critical-desktop.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 6 KB
3 KB 224ms
223ms Script
application/x-javascript 95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-184-145.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

f487dd5f3296946a50218dc22720a9ed1b777b3e1f793c9f8d434cf4ba27764a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:34 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 2509
x-rq: bom2 113 43 3167
last-modified: Tue, 15 Dec 2020 02:56:48 GMT
server: nginx
etag: W/"5fd825f0-17c3"
vary: User-Agent
content-type: application/x-javascript
cache-control: max-age=8
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Tue, 15 Dec 2020 21:20:42 GMT

GET
H2 200 charter_regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 11 KB
11 KB 321ms
211ms Font
binary/octet-stream 23.210.249.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_regular.woff2
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=0dc6f49ce25a146c488ef0b7eb25e0f0-1608067232
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.82 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-82.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:34 GMT
last-modified: Fri, 25 Sep 2020 03:04:51 GMT
server: AmazonS3
x-amz-request-id: 194F48104F7130AB
etag: "29e85ea235248e0a7761df4fe6643e1a"
access-control-allow-methods: GET,POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=346543
accept-ranges: bytes
content-length: 11372
x-amz-id-2: M0WYUAsEtVkDhgvXAq63/VySFCkyVrOQgi9sAL7zpchtPJljYlsGEMuVCMKfoamNvBvTU5a8nmE=
expires: Sat, 19 Dec 2020 21:36:17 GMT

GET
H2 200 title-arrow-white.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 535 B
852 B 144ms
98ms Image
image/svg+xml 23.210.249.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow-white.svg
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=0dc6f49ce25a146c488ef0b7eb25e0f0-1608067232
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.82 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-82.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:34 GMT
last-modified: Thu, 17 Sep 2020 00:28:25 GMT
server: AmazonS3
x-amz-request-id: 7980CE79243196B5
etag: "b0f5ec7455ded53e84de4fee006a5110"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=346130
accept-ranges: bytes
content-length: 535
x-amz-id-2: rKrGs4EAQoTEcjzEqvvzWct0qX1GQTXzeknYL5aOnpLO3GvgvzwnTV5gVH06OFBc1onIVCov9h4=
expires: Sat, 19 Dec 2020 21:29:24 GMT

GET
H2 200 load.js Show response
widget.perfectmarket.com/newscorpau-aud-heraldsun/ 3 KB
2 KB 397ms
221ms Script
application/javascript 151.101.13.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/newscorpau-aud-heraldsun/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c6b30be9e2ecab19294bbf313c1b95df4ef35c8299bbabfd6e4ec67d95a12376

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 7clDTlv1b9nqXkJZmi.ciVRIswky16L3
content-encoding: gzip
etag: "1a868d280f9424f5d82876d6cf0c46b9"
age: 91
x-cache: HIT, MISS
content-length: 1123
x-amz-id-2: vgCW/V/jeDJb/qO1sx//7+y8mtyiKRRZRtqH5L1ehadbK0a12cNrJgr6nVSS6BW0De5ibDhlyJI=
x-served-by: cache-sna10732-LGB, cache-fra19148-FRA
last-modified: Tue, 07 Apr 2020 10:39:09 GMT
server: AmazonS3
x-timer: S1608067235.059584,VS0,VE146
date: Tue, 15 Dec 2020 21:20:35 GMT
vary: Accept-Encoding,,
x-amz-request-id: D2059B82D0ED63E6
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 0

GET
H2 200 impl.20201123-29-RELEASE.js Show response
cdn.taboola.com/libtrc/ 449 KB
103 KB 88ms
87ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20201123-29-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 13044530d2afa52a6f7ba93c29935d571f52303b9aafc7e902e5e9eb02cd8801

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: qINLL4RBMk3F2SnZlBXHi_uBH2_.sxv8
content-encoding: br
etag: "dd392badb91ca37ec97baa861b86cbc4"
age: 27153
x-cache: HIT
content-length: 105474
x-amz-id-2: DATPmP0kqjZx0Buw54yEFTClBJekl4vpoPi0lGBfZLkp9LYD3B3I3jjjdAnnTSQz3SBN6/rteyI=
x-served-by: cache-fra19163-FRA
last-modified: Mon, 23 Nov 2020 21:32:53 GMT
server: AmazonS3-br
x-timer: S1608067235.896816,VS0,VE0
date: Tue, 15 Dec 2020 21:20:34 GMT
vary: Accept-Encoding
x-amz-request-id: 369332FFFBF202B5
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 24
x-cache-hits: 2572

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 100ms
95ms Script
application/x-javascript 23.37.53.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.17 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Dec 2020 21:20:34 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Wed, 16 Dec 2020 21:20:34 GMT

GET
H2 200 tr5
cdn.taboola.com/libtrc/ 3 B
75 B 96ms
88ms Image
text/html 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/tr5?abgroup=tfa_eid_ctrl
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:34 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1608067235.926733,VS0,VE0
x-served-by: cache-fra19163-FRA
x-cache: HIT
content-type: text/html
cache-control: private,max-age=14400
accept-ranges: bytes
content-length: 3
retry-after: 0
x-cache-hits: 0

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1608067234975&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=ht...
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1608067234975&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=h...

0
528 B

152ms
150ms

Image
text/plain

23.37.53.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1608067234975&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9=&cs_ak_ss=1
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.17 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Dec 2020 21:20:35 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1608067234975&ns_c=UTF-8&cv=3.5&c8=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Tue, 15 Dec 2020 21:20:35 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rampart.js Show response
www.heraldsun.com.au/remote/identity/rampart/latest/ 248 KB
78 KB 243ms
242ms Script
application/x-javascript 95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-184-145.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

27ad1c0be127da20f7b68c8e868d9a1fa6ade3308786d297a24a5651faa32a38

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: AkamaiNetStorage
etag: "f1b190419095215938ba092e3e98262e:1606882430.472598"
vary: User-Agent, Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=103
date: Tue, 15 Dec 2020 21:20:35 GMT
is-https: true
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Tue, 15 Dec 2020 21:22:18 GMT

GET
H2 200 js-metro-desktop-lazy.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 45 KB
15 KB 297ms
296ms Script
application/x-javascript 95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-184-145.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

83745d91266512d4c6766c97ebedb0a01c044da97cce822ff4af6eb3a3123312

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:35 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 14197
x-rq: bom2 112 183 3101
last-modified: Tue, 15 Dec 2020 02:56:41 GMT
server: nginx
etag: W/"5fd825e9-b347"
vary: User-Agent
content-type: application/x-javascript
cache-control: max-age=33
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Tue, 15 Dec 2020 21:21:08 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.6.3/css/ 52 KB
13 KB 272ms
91ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Origin: https://www.heraldsun.com.au
Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:35 GMT
content-encoding: gzip
last-modified: Thu, 20 Dec 2018 17:45:13 GMT
server: NetDNA-cache/2.2
etag: W/"dc93d584e41f8417f6b7163320d34329"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 json Show response
trc.taboola.com/newscorpau-aud-heraldsun/trc/3/ 3 KB
2 KB 417ms
416ms XHR
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/newscorpau-aud-heraldsun/trc/3/json?tim=22%3A20%3A35.185&lti=tfa_eid_ctrl&data=%7B%22id%22%3A827%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1608039812683%2C%22vi%22%3A1608067235129%2C%22cv%22%3A%2220201123-29-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22pev%22%3A4205%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A9274%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-midrail-native%3Aabp%3D0%22%2C%22uip%22%3A%22Desktop%20Mid%20Rail%20Home%20Native%22%2C%22orig_uip%22%3A%22Desktop%20Mid%20Rail%20Home%20Native%22%2C%22cd%22%3A1002%2C%22mw%22%3A194%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CDesktop%20Mid%20Rail%20Home%20Native%3Dthumbnails-midrail-native%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22tfa_eid_ctrl%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201123-29-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2d881ee706b68b79e1678b0fb5806efe57a8e8c39e08b379de568883f531d4fb

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 329
date: Tue, 15 Dec 2020 21:20:35 GMT
content-encoding: gzip
server: nginx
x-timer: S1608067235.249910,VS0,VE329
x-served-by: cache-fra19163-FRA
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.heraldsun.com.au
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 pmk-202003261.4.js Show response
widget.perfectmarket.com/newscorpau-aud-heraldsun/ 111 KB
30 KB 85ms
85ms Script
application/javascript 151.101.13.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/newscorpau-aud-heraldsun/pmk-202003261.4.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/newscorpau-aud-heraldsun/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f6f9b28ce46bc46d6dc12b7a3e09437e46b159144cf7ea835cfd4702cad05ad8

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: vvUnpxiCp2d1vGKAsSzC893juA9_vk_J
content-encoding: gzip
etag: "b7fcedf037c57085d364b689ca46f32e"
age: 10003247
x-cache: HIT, HIT
content-length: 30954
x-amz-id-2: TG49UWLSXX/7JOu+pu/KWBF6lPU+j/sA4SNskqAGNRvS7P8ejY6LRwed0jVXlMerBXwRC25qwP8=
x-served-by: cache-lax8623-LAX, cache-fra19148-FRA
last-modified: Tue, 07 Apr 2020 10:39:09 GMT
server: AmazonS3
x-timer: S1608067235.350959,VS0,VE0
date: Tue, 15 Dec 2020 21:20:35 GMT
vary: Accept-Encoding,,
x-amz-request-id: 9758181B46377FE5
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 2

GET
H2 200 comments-count Show response
mhr.talk.news.com.au/api/v1/ 1 KB
1 KB 1612ms
1310ms Fetch
application/json 95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mhr.talk.news.com.au/api/v1/comments-count?ids=673af666e1eb8e6d4d0d8c72c2cdfb9f,dd2f8b737366ed1e036d8ea5e474140c,4a93aeda0e52360748563c9dceb8c60f,70981f845b774d62bd0f3da3bd3f187b,d1a89579b60f21a703a0aedbcb950f9b,672fe5a02621ec9bf516a6ed3215038f,a1100ababae8d38b18df79b27f2450a0,a6b16ab4804930c517850354d810e233,23a1d9cbd99f4c0ed1fceac7510703f1,ad137d5b8578da019c0bcd33d6d70060,75c6d3bf571769e07016515908fb2058,ff2562697d4be16b01ef58b5a7979a98,16a285cf4932910107d0d6c18493c756,99ffdf1b42b31552a15b5edf71bc16d4,762d5c0c83119f1842734daeed80aecd,b878f571f59c9e83b85fa4e124a342fd,fb8ce1e48d3966398cd636390f2161bb,be7551576f4256fb88ab537c803f2b2e,f2fb9c64996283a1f9d0a2e07dc7158e,84c55e2ae5a92c7445b16d87ac72c78a,7befba77fa3b4991c5d9b1addc515e34,7eb12812a24ed390dd3972b0cbfd8a46,fff85b56496da67587c56ea7250cc5ad,563ffbdb6c3ada1efee07cfcb498ca67,80d384561ff77fde612ad9c553203e0e,49912dbe3df52f3c18ca067ce79e7156,ba0deea1a8786d091afd7b96c26f6910,40db0c80c9cc3d9b9b3c75d77c56d62f,b55a5479218890624c21285bdc5f0f1b,c96209bdf77caa2e225ee8131d1659ef,9de9b3e5139b8ba437eae4d263909fa3,581db01817afb11f0b1dde400c096c89,4b6daedd278c7905413a8f11f9c26cae,b4f33e81269335807837ae2c06729e58

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-184-145.deploy.static.akamaitechnologies.com

Software

nginx/1.16.1 /

Resource Hash

eace52f4c9236e397bb51f4f1809bb353828e48b137a87c93832c59a1e5614e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.16.1
etag: W/"4fe-xlbdzUhOttxuKRKpubangyASCb4"
x-download-options: noopen
x-dns-prefetch-control: off
content-type: application/json; charset=utf-8
access-control-allow-origin: *
date: Tue, 15 Dec 2020 21:20:36 GMT
x-talk-trace-id: 5fb079c0-3f1b-11eb-ae8a-33bb05863194
vary: Accept-Encoding
content-length: 730
x-xss-protection: 1; mode=block

GET
H2 200 3000 Show response
www.heraldsun.com.au/wp-json/api/weather/ 2 KB
2 KB 276ms
276ms Fetch
application/json 95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-json/api/weather/3000

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-184-145.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

7da63b34013a7fbd5a9ff09603aa3f65bc3973af65809af1aefa903b0f053a19

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-type-options: nosniff
is-https: true
content-length: 1658
x-rq: bom2 119 89 3095
allow: GET
expires: Tue, 15 Dec 2020 21:21:31 GMT
server: nginx
date: Tue, 15 Dec 2020 21:20:35 GMT
vary: User-Agent
content-type: application/json; charset=UTF-8
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
cache-control: max-age=56
x-robots-tag: noindex
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 685ec392386f3803de1580eca5e356f7
content.api.news/v3/images/bin/ 8 KB
8 KB 125ms
124ms Image
image/jpeg 95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/685ec392386f3803de1580eca5e356f7?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-184-145.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 74c56dc51ea7565e74edad1a94047924a3816e1c7d57ca913326e428af3a2f7d

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: 685ec392386f3803de1580eca5e356f7
date: Tue, 15 Dec 2020 21:20:35 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 40039bcb26668d8c5c62aa7c020c4652-685ec392386f3803de1580eca5e356f7-150
x-serial: 1046
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5146869
last-modified: Tue, 15 Dec 2020 11:01:12 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 8107
expires: Sat, 13 Feb 2021 11:01:44 GMT

GET
H2 200 4a73eed5d33698f28884fb2652f34189
content.api.news/v3/images/bin/ 5 KB
6 KB 124ms
123ms Image
image/jpeg 95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/4a73eed5d33698f28884fb2652f34189?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-184-145.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 38bba6edf1f5150a76307f4bb0c67a75615c074786885feaf18513d10687aef0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: 4a73eed5d33698f28884fb2652f34189
date: Tue, 15 Dec 2020 21:20:35 GMT
last-modified: Tue, 15 Dec 2020 10:31:50 GMT
server: Akamai Image Manager
etag: 80654862ab6795f9edd2f7c5e0a9abc8-4a73eed5d33698f28884fb2652f34189-150
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5145233
access-control-allow-headers: x-newsapi-api-key
content-length: 5313
expires: Sat, 13 Feb 2021 10:34:28 GMT

GET
H2 200 935781690e137031ab6e31af1969b190
content.api.news/v3/images/bin/ 6 KB
6 KB 123ms
122ms Image
image/jpeg 95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/935781690e137031ab6e31af1969b190?width=150
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-184-145.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 3e677b85798968d94a8f04feccca7425c25941437e56e639ebe2e3cae2e74438

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: 935781690e137031ab6e31af1969b190
date: Tue, 15 Dec 2020 21:20:35 GMT
last-modified: Tue, 15 Dec 2020 20:58:32 GMT
server: Akamai Image Manager
etag: 7ab1e4d14ce1be4065e9ed1b9e72600c-935781690e137031ab6e31af1969b190-150
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5182716
access-control-allow-headers: x-newsapi-api-key
content-length: 5959
expires: Sat, 13 Feb 2021 20:59:11 GMT

GET
H2 200 authorize
login.newscorpaustralia.com/ Frame 6129 0
0 706ms
478ms Document
text/html 104.108.60.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=snT82iOCXprDr5z58~XvkbvVQbcgpyPX&nonce=eqLzkfcw3~6f5FrGzYTtDUGkxS0G67NK&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.108.60.35 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-60-35.deploy.static.akamaitechnologies.com

Software

openresty /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: login.newscorpaustralia.com
:scheme: https
:path: /authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=snT82iOCXprDr5z58~XvkbvVQbcgpyPX&nonce=eqLzkfcw3~6f5FrGzYTtDUGkxS0G67NK&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

server: openresty
content-type: text/html;charset=UTF-8
ot-tracer-spanid: 5bda70a95f3f50b7
ot-tracer-traceid: 66ec0cb714609496
ot-tracer-sampled: true
ot-baggage-auth0-request-id: 30569-1608067235.877-2.16.110.188-1442-579130222-7-0.000
x-auth0-requestid: 5165c39d76edc3bc3257
x-ratelimit-limit: 1000
x-ratelimit-remaining: 999
x-ratelimit-reset: 1608067236
content-encoding: gzip
strict-transport-security: max-age=31536000
x-akamai-transformed: 9 532 0 pmb=mTOE,3
expires: Tue, 15 Dec 2020 21:20:36 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 15 Dec 2020 21:20:36 GMT
content-length: 844
vary: Accept-Encoding
set-cookie: did=s%3Av0%3A5f3444e0-3f1b-11eb-a239-595bca20a991.Hj89iAaTcE7N6WkB2RVpLea3K6XMJtnEaXV3fAjrJhQ; Max-Age=31557600; Path=/; Expires=Thu, 16 Dec 2021 03:20:35 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A5f3444e0-3f1b-11eb-a239-595bca20a991.Hj89iAaTcE7N6WkB2RVpLea3K6XMJtnEaXV3fAjrJhQ; Max-Age=31557600; Path=/; Expires=Thu, 16 Dec 2021 03:20:35 GMT; HttpOnly; Secure ak_bmsc=2EAE8F8C7FC7C50B6DE9A4F9AF7F5E6548F7B34D99290000A428D95FE87F365D~plVvVTiBzg6aD75dUow6r2cDCJyqv0wZ/5LjYhxnXrBqvtmCk+YMR1NOsMWtCWo/+R8YvdZwRIaJlTXJ0ZDIPxS9ZaaT+KaUloepLdFQs2msjUaItLmASFFH4bWdQBocR/BzS1C02FD9wdQYOs9saL+jqSvjhep2b0Is0c5bQPCPeyUsC1yMTvnWPaGZ8A4bKB+VV4f4hTcTZn1MWe3QalyI16tjr0owLM82WiaG8JVBfHydD9nOTyY3uoO3txDVYP; expires=Tue, 15 Dec 2020 23:20:36 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=69E34F9DE854D1847A27C0535548C8AD~1DD84EeoVOreVSov2ZxRZ9PniUG0tKuygGg9weffZZ6S3D2/sXq6Fpow8efZu2upJyE7Kl/fP92uDW5kqKUK6wbw0JrZmlmnNMLVcKF1QszYNMe5Ja6hAcSd66JXleCYsPWdPGaKmdwZ3fqKya+CHQlMA5/JVCJ2zjdcQryDdtg5jBRzdiGRuN7++EMHmjb7MtWDvnOT5jNf+GtZHRWUD90QhppcZ5lvWVUYjbhnU4UK6IbXdCIqBQ2eqhPBnKco; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=3A827118C1B0445E086881F09A4ED58E~YAAQTbP3SJ7DmQV2AQAA1sBGaApN/neBk/S+jBucp7tfBwlsTMMEIEnfVWaDyUHTGwKMiUwIKcBvUNyU8s1fQVc25qdowVe7s3WSWg0P96lVLJ1JwcWDryitg8yeqRyJz2sfmZpzuWK5ub1NAoghh6RxNhkEfmEUeD1Xqsf7XObH9Pf8eyf84bGbrMAjkaQ5qTvh+a5k6k4u5CE=; Domain=.newscorpaustralia.com; Path=/; Expires=Wed, 16 Dec 2020 01:20:35 GMT; Max-Age=14399; HttpOnly _abck=49319F5FA2F4EE24C0CDA13A7E614688~-1~YAAQTbP3SJ/DmQV2AQAA1sBGaAWKs9c/Em1yi41qufZ9FaSAvdEMpFxtYbA0OtvyFqbEen1HRBfJzKFxJq2uxeSaJ9WLQS9s4IzzLNK6RJ9AkrWeLKNcgAu5oXgGt/8+K4JBYxlfRYlU3oEWjNenCtCuGiCOlTAbbDUlNrX9y7OpfWn7shGpEc5vg4a/uHN9qZybz++hKqZrst2WzqbBFsCmkaIDLyecyweJkC79JG8Bgri2H7WUjxJyH8mowgH7ZwwG9//zZWHGXmKDN0SRVFYXBI0Q1anHMyLfnQfYCtk1c2cJmSREstki+f5ScGBR14dW/qY=~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Wed, 15 Dec 2021 21:20:36 GMT; Max-Age=31536000; Secure

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 3 KB
1 KB 334ms
105ms Script
application/x-javascript 23.37.61.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.sync.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.61.47 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-61-47.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 34d7e05910aac6f533cb31a9dffc4e37213c93c3b90a545b4f3bcedea3e6d03c

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:35 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 00:59:52 GMT
server: AkamaiNetStorage
etag: "32dbeac6f93a14f6e0b28daba07aa294:1607993992.778839"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 1235
expires: Tue, 15 Dec 2020 21:25:35 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 70 KB
19 KB 336ms
108ms Script
application/x-javascript 23.37.61.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.61.47 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-61-47.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 37839f90f9c430af4b063874e26d8986b8ceb01ebcdad7eedb4977c833116693

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:35 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 00:59:52 GMT
server: AkamaiNetStorage
etag: "59bda7243b0fc7e08ca82d70f35e8dbe:1607993992.156774"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 18842
expires: Tue, 15 Dec 2020 21:25:35 GMT

GET
H2 200 indies-loader.js Show response
ts2020-indies-client.web.app/ 7 KB
3 KB 386ms
137ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://ts2020-indies-client.web.app/indies-loader.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1136fd8d6ff6f21847aab9abfab903a5a0e2f26a6f621f34af563def44ceb81c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
last-modified: Thu, 17 Sep 2020 07:41:38 GMT
x-timer: S1608067236.676343,VS0,VE0
etag: "16a0649956d88d08059c392d3f4b3b1b1b6ee7a364d1e3444626bf6439417ed3-br"
x-served-by: cache-hhn4022-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Tue, 15 Dec 2020 21:20:35 GMT
accept-ranges: bytes
content-length: 2338
x-cache-hits: 2

GET
H2 200 js-vidora-client.js Show response
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 6 KB
3 KB 239ms
237ms Script
application/x-javascript 95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-184-145.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

f75772cc182eeecd95e8887564f7d5b21bbd6c035b3d664ece5a6893071db987

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:35 GMT
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
is-https: true
content-length: 2886
x-rq: bom2 112 183 3101
last-modified: Tue, 15 Dec 2020 02:56:41 GMT
server: nginx
etag: W/"5fd825e9-19e5"
vary: User-Agent
content-type: application/x-javascript
cache-control: max-age=33
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges: bytes
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Tue, 15 Dec 2020 21:21:08 GMT

GET

/
heraldsun.digitaleditions.com.au/
Redirect Chain

https://www.heraldsun.com.au/digitalprinteditions
https://idp.news.com.au/idp/services/generatetoken?target=HeraldSun&url=http%3A%2F%2Fheraldsun.digitaleditions.com.au%2F
http://heraldsun.digitaleditions.com.au/

0
0

GET
H2 200 /
www.heraldsun.com.au/tributes/ 0
31 KB 2279ms
2272ms Other
text/html 95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/tributes/

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-184-145.deploy.static.akamaitechnologies.com

Software

nginx/1.12.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
etag: "2349f0407fcddc00906bd4184bf43e19"
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-subscribed: False
is-https: true
x-forwarded-proto: https
x-device: desktop
x-ua-compatible: IE=edge,chrome=1
x-arrrg5: BlaizeHappened
server: nginx/1.12.1
date: Tue, 15 Dec 2020 21:20:37 GMT
vary: User-Agent, Accept-Encoding
x-varnish: 162366168 169771185
access-control-allow-origin: http://heraldsun.finda.production.apnarm.net.au
cache-control: max-age=156
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2ftributes%2f&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=&session=0dc6f49ce25a146c488ef0b7eb25e0f0
content-length: 30196
content-type: text/html; charset=utf-8
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Tue, 15 Dec 2020 21:23:13 GMT

GET
H2 200 /
www.heraldsun.com.au/subscribe/news/1/ 0
1 KB 261ms
254ms Other
text/html 95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/subscribe/news/1/?int_medium=display&int_source=site-link&int_campaign=acq_onsite_login&int_content=link&sourceCode=HSWEB_ONS538

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-184-145.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date: Tue, 15 Dec 2020 21:20:35 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=3008
is-https: true
ssl: yes
content-length: 912
expires: Tue, 15 Dec 2020 22:10:43 GMT

GET
H2 200 /
www.heraldsun.com.au/ 0
59 KB 2878ms
2877ms Other
text/html 95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-184-145.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: bom2 112 151 3108
server: nginx
date: Tue, 15 Dec 2020 21:20:38 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Tue, 15 Dec 2020 21:20:38 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2f&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=&session=0dc6f49ce25a146c488ef0b7eb25e0f0
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2

200

leader
www.heraldsun.com.au/
Redirect Chain

https://www.heraldsun.com.au/leader
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fleader
https://www.heraldsun.com.au/leader
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fleader&16080672371885047423
https://www.heraldsun.com.au/leader?nk=2234558b4a5027c5af3f1808b9c71829-1608067238

0
65 KB

1891ms
1891ms

Other
text/html

95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/leader?nk=2234558b4a5027c5af3f1808b9c71829-1608067238

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-184-145.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: bom2 115 229 3098
server: nginx
date: Tue, 15 Dec 2020 21:20:40 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Tue, 15 Dec 2020 21:20:40 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fleader%3fnk%3d2234558b4a5027c5af3f1808b9c71829-1608067238&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=leader&session=0dc6f49ce25a146c488ef0b7eb25e0f0
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Redirect headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:38 GMT
server: AkamaiGHost
mime-version: 1.0
etag: "05563c72b22b39afb384f19701c03047:1600838589.100191"
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
location: https://www.heraldsun.com.au/leader?nk=2234558b4a5027c5af3f1808b9c71829-1608067238
cache-control: max-age=0, no-cache
content-type: text/html
content-length: 154
expires: Tue, 15 Dec 2020 21:20:38 GMT

GET
H2

200

victoria
www.heraldsun.com.au/news/
Redirect Chain

https://www.heraldsun.com.au/news/victoria
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fvictoria
https://www.heraldsun.com.au/news/victoria
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fvictoria&1608067237707087356
https://www.heraldsun.com.au/news/victoria?nk=9142605e12d3c466f57fa3845c9ac64f-1608067238

0
48 KB

1853ms
1853ms

Other
text/html

95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/news/victoria?nk=9142605e12d3c466f57fa3845c9ac64f-1608067238

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-184-145.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
content-length: 48065
x-xss-protection: 1
pragma: no-cache
x-rq: bom2 119 85 3122
server: nginx
date: Tue, 15 Dec 2020 21:20:40 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Tue, 15 Dec 2020 21:20:40 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fvictoria%3fnk%3d9142605e12d3c466f57fa3845c9ac64f-1608067238&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=victoria&session=0dc6f49ce25a146c488ef0b7eb25e0f0
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Redirect headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:38 GMT
server: AkamaiGHost
mime-version: 1.0
etag: "05563c72b22b39afb384f19701c03047:1600838589.100191"
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
location: https://www.heraldsun.com.au/news/victoria?nk=9142605e12d3c466f57fa3845c9ac64f-1608067238
cache-control: max-age=0, no-cache
content-type: text/html
content-length: 154
expires: Tue, 15 Dec 2020 21:20:38 GMT

GET
H2

200

national
www.heraldsun.com.au/news/
Redirect Chain

https://www.heraldsun.com.au/news/national
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fnational&16080672371140038276
https://www.heraldsun.com.au/news/national?nk=cb865e7a10fe26aca09723b00204d8fc-1608067238

0
52 KB

1841ms
1840ms

Other
text/html

95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/news/national?nk=cb865e7a10fe26aca09723b00204d8fc-1608067238

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-184-145.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: bom2 113 245 3125
server: nginx
date: Tue, 15 Dec 2020 21:20:40 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Tue, 15 Dec 2020 21:20:40 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fnational%3fnk%3dcb865e7a10fe26aca09723b00204d8fc-1608067238&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=national&session=0dc6f49ce25a146c488ef0b7eb25e0f0
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Redirect headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:38 GMT
server: AkamaiGHost
mime-version: 1.0
etag: "05563c72b22b39afb384f19701c03047:1600838589.100191"
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
location: https://www.heraldsun.com.au/news/national?nk=cb865e7a10fe26aca09723b00204d8fc-1608067238
cache-control: max-age=0, no-cache
content-type: text/html
content-length: 154
expires: Tue, 15 Dec 2020 21:20:38 GMT

GET
H2

200

world
www.heraldsun.com.au/news/
Redirect Chain

https://www.heraldsun.com.au/news/world
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fworld&1608067237904024713
https://www.heraldsun.com.au/news/world?nk=31b317d94f7686ba31f26f11e596e9f4-1608067238

0
52 KB

1821ms
1820ms

Other
text/html

95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/news/world?nk=31b317d94f7686ba31f26f11e596e9f4-1608067238

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-184-145.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: bom2 113 43 3167
server: nginx
date: Tue, 15 Dec 2020 21:20:40 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Tue, 15 Dec 2020 21:20:40 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fworld%3fnk%3d31b317d94f7686ba31f26f11e596e9f4-1608067238&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=world&session=0dc6f49ce25a146c488ef0b7eb25e0f0
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Redirect headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:38 GMT
server: AkamaiGHost
mime-version: 1.0
etag: "05563c72b22b39afb384f19701c03047:1600838589.100191"
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
location: https://www.heraldsun.com.au/news/world?nk=31b317d94f7686ba31f26f11e596e9f4-1608067238
cache-control: max-age=0, no-cache
content-type: text/html
content-length: 154
expires: Tue, 15 Dec 2020 21:20:38 GMT

GET
H2

200

opinion
www.heraldsun.com.au/news/
Redirect Chain

https://www.heraldsun.com.au/news/opinion
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fopinion&16080672371136722665
https://www.heraldsun.com.au/news/opinion?nk=b8a696775d83f115a6c34159d25fb3a5-1608067238

0
56 KB

1801ms
1800ms

Other
text/html

95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/news/opinion?nk=b8a696775d83f115a6c34159d25fb3a5-1608067238

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-184-145.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: bom2 112 216 3099
server: nginx
date: Tue, 15 Dec 2020 21:20:40 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Tue, 15 Dec 2020 21:20:40 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fopinion%3fnk%3db8a696775d83f115a6c34159d25fb3a5-1608067238&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=opinion&session=0dc6f49ce25a146c488ef0b7eb25e0f0
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Redirect headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:38 GMT
server: AkamaiGHost
mime-version: 1.0
etag: "05563c72b22b39afb384f19701c03047:1600838589.100191"
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
location: https://www.heraldsun.com.au/news/opinion?nk=b8a696775d83f115a6c34159d25fb3a5-1608067238
cache-control: max-age=0, no-cache
content-type: text/html
content-length: 154
expires: Tue, 15 Dec 2020 21:20:38 GMT

GET
H2 200 business
www.heraldsun.com.au/ 0
50 KB 1884ms
1884ms Other
text/html 95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/business

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-184-145.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: bom2 119 85 3122
server: nginx
date: Tue, 15 Dec 2020 21:20:40 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Tue, 15 Dec 2020 21:20:40 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fbusiness&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=business&session=0dc6f49ce25a146c488ef0b7eb25e0f0
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2

200

entertainment
www.heraldsun.com.au/
Redirect Chain

https://www.heraldsun.com.au/entertainment
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fentertainment
https://www.heraldsun.com.au/entertainment

0
52 KB

2238ms
2185ms

Other
text/html

95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/entertainment

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-184-145.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: bom2 112 216 3099
server: nginx
date: Tue, 15 Dec 2020 21:20:43 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Tue, 15 Dec 2020 21:20:43 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fentertainment&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=entertainment&session=0dc6f49ce25a146c488ef0b7eb25e0f0
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Redirect headers

pragma: no-cache
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: AkamaiNetStorage
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
etag: "8222bdfdf08f1a28312e7d161218ff2d:1551324797"
vary: User-Agent
content-type: text/html
location: https://www.heraldsun.com.au/entertainment
cache-control: max-age=0, no-cache, no-store
date: Tue, 15 Dec 2020 21:20:40 GMT
is-https: true
content-length: 154
expires: Tue, 15 Dec 2020 21:20:40 GMT

GET
H2

200

lifestyle
www.heraldsun.com.au/
Redirect Chain

https://www.heraldsun.com.au/lifestyle
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2flifestyle
https://www.heraldsun.com.au/lifestyle

0
48 KB

944ms
943ms

Other
text/html

95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/lifestyle

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-184-145.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: bom2 114 24 3104
server: nginx
date: Tue, 15 Dec 2020 21:20:42 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Tue, 15 Dec 2020 21:20:42 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2flifestyle&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=lifestyle&session=0dc6f49ce25a146c488ef0b7eb25e0f0
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Redirect headers

pragma: no-cache
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: AkamaiNetStorage
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
etag: "8222bdfdf08f1a28312e7d161218ff2d:1551324797"
vary: User-Agent
content-type: text/html
location: https://www.heraldsun.com.au/lifestyle
cache-control: max-age=0, no-cache, no-store
date: Tue, 15 Dec 2020 21:20:41 GMT
is-https: true
content-length: 154
expires: Tue, 15 Dec 2020 21:20:41 GMT

GET
H2

200

sport
www.heraldsun.com.au/
Redirect Chain

https://www.heraldsun.com.au/sport
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2fsport
https://www.heraldsun.com.au/sport
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fsport&16080672411375320036
https://www.heraldsun.com.au/sport?nk=5855a43e5741bcb964bbd83113ab7b36-1608067242

0
65 KB

846ms
846ms

Other
text/html

95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/sport?nk=5855a43e5741bcb964bbd83113ab7b36-1608067242

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-184-145.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: bom2 116 149 3114
server: nginx
date: Tue, 15 Dec 2020 21:20:43 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Tue, 15 Dec 2020 21:20:43 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fsport%3fnk%3d5855a43e5741bcb964bbd83113ab7b36-1608067242&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=sport&session=0dc6f49ce25a146c488ef0b7eb25e0f0
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Redirect headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:42 GMT
server: AkamaiGHost
mime-version: 1.0
etag: "05563c72b22b39afb384f19701c03047:1600838589.100191"
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
location: https://www.heraldsun.com.au/sport?nk=5855a43e5741bcb964bbd83113ab7b36-1608067242
cache-control: max-age=0, no-cache
content-type: text/html
content-length: 154
expires: Tue, 15 Dec 2020 21:20:42 GMT

GET
H2

404

3a10d2d8ebe9c7914ba58ecb6bc330c9
www.heraldsun.com.au/uncategorized/baby-killers-ridiculous-sentence/promo/
Redirect Chain

https://www.heraldsun.com.au/uncategorized/baby-killers-ridiculous-sentence/promo/3a10d2d8ebe9c7914ba58ecb6bc330c9
https://www.heraldsun.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.heraldsun.com.au%2funcategorized%2fbaby-killers-ridiculous-sentence%2fpromo%2f3a10d2d8ebe9c7914ba58ecb6bc330c9
https://www.heraldsun.com.au/uncategorized/baby-killers-ridiculous-sentence/promo/3a10d2d8ebe9c7914ba58ecb6bc330c9
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2funcategorized%2fbaby-killers-ridiculous-sentence%2fpromo%2f3a10d2d8ebe9c7914ba58ecb6bc330c9&16080672...
https://www.heraldsun.com.au/uncategorized/baby-killers-ridiculous-sentence/promo/3a10d2d8ebe9c7914ba58ecb6bc330c9?nk=4fc997209d8e1d7962006922bf141aab-1608067242

0
0

971ms
971ms

Other
text/html

95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/uncategorized/baby-killers-ridiculous-sentence/promo/3a10d2d8ebe9c7914ba58ecb6bc330c9?nk=4fc997209d8e1d7962006922bf141aab-1608067242

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-184-145.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-type-options: nosniff
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
content-length: 0
x-xss-protection: 1
x-rq: bom2 114 88 3108
server: nginx
date: Tue, 15 Dec 2020 21:20:43 GMT
vary: User-Agent
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
cache-control: max-age=60
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2funcategorized%2fbaby-killers-ridiculous-sentence%2fpromo%2f3a10d2d8ebe9c7914ba58ecb6bc330c9%3fnk%3d4fc997209d8e1d7962006922bf141aab-1608067242&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=3a10d2d8ebe9c7914ba58ecb6bc330c9&session=0dc6f49ce25a146c488ef0b7eb25e0f0
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Tue, 15 Dec 2020 21:21:43 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:42 GMT
server: AkamaiGHost
mime-version: 1.0
etag: "05563c72b22b39afb384f19701c03047:1600838589.100191"
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
location: https://www.heraldsun.com.au/uncategorized/baby-killers-ridiculous-sentence/promo/3a10d2d8ebe9c7914ba58ecb6bc330c9?nk=4fc997209d8e1d7962006922bf141aab-1608067242
cache-control: max-age=0, no-cache
content-type: text/html
content-length: 154
expires: Tue, 15 Dec 2020 21:20:42 GMT

GET
H2

200

/
www.heraldsun.com.au/subscribe/news/1/
Redirect Chain

https://www.heraldsun.com.au/lifestyle/smart/how-the-crown-has-brought-dianas-fashion-back-in-focus/news-story/29f9e8a17c9ce0d684d6fddc6f3b2ffa
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Flifestyle%2Fsmart%2Fhow-the-crown-has-brought-dianas-fashion-back-in-focus%2Fnews-...
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fsubscribe%2fnews%2f1%2f%3fsourceCode%3dHSWEB_WRE170_a%26dest%3dhttps%253A%252F%252Fwww.heraldsun.com...
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Flifestyle%2Fsmart%2Fhow-the-crown-has-brought-dianas-fashion-back-in-focus%2Fnews-...

0
1 KB

869ms
869ms

Other
text/html

95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Flifestyle%2Fsmart%2Fhow-the-crown-has-brought-dianas-fashion-back-in-focus%2Fnews-story%2F29f9e8a17c9ce0d684d6fddc6f3b2ffa&memtype=anonymous&mode=premium&nk=c56642758959404669720e90b4d7e59f-1608067242

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-184-145.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date: Tue, 15 Dec 2020 21:20:43 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=3530
is-https: true
ssl: yes
content-length: 912
expires: Tue, 15 Dec 2020 22:19:33 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:42 GMT
server: AkamaiGHost
mime-version: 1.0
etag: "05563c72b22b39afb384f19701c03047:1600838589.100191"
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
location: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Flifestyle%2Fsmart%2Fhow-the-crown-has-brought-dianas-fashion-back-in-focus%2Fnews-story%2F29f9e8a17c9ce0d684d6fddc6f3b2ffa&memtype=anonymous&mode=premium&nk=c56642758959404669720e90b4d7e59f-1608067242
cache-control: max-age=0, no-cache
content-type: text/html
content-length: 154
expires: Tue, 15 Dec 2020 21:20:42 GMT

GET
H2

200

/
www.heraldsun.com.au/subscribe/news/1/
Redirect Chain

https://www.heraldsun.com.au/sport/afl/teams/collingwood/eddie-mcguire-to-step-down-as-collingwood-president-at-end-of-2021-season/news-story/73aad9593a380c1cfb3510c9e90073df
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Fafl%2Fteams%2Fcollingwood%2Feddie-mcguire-to-step-down-as-collingwood-pres...
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fsubscribe%2fnews%2f1%2f%3fsourceCode%3dHSWEB_WRE170_a%26dest%3dhttps%253A%252F%252Fwww.heraldsun.com...
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Fafl%2Fteams%2Fcollingwood%2Feddie-mcguire-to-step-down-as-collingwood-pres...

0
1 KB

125ms
125ms

Other
text/html

95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Fafl%2Fteams%2Fcollingwood%2Feddie-mcguire-to-step-down-as-collingwood-president-at-end-of-2021-season%2Fnews-story%2F73aad9593a380c1cfb3510c9e90073df&memtype=anonymous&mode=premium&nk=2e4fd91081df1496439c2827823fb721-1608067242

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-184-145.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date: Tue, 15 Dec 2020 21:20:42 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=884
is-https: true
ssl: yes
content-length: 912
expires: Tue, 15 Dec 2020 21:35:26 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:42 GMT
server: AkamaiGHost
mime-version: 1.0
etag: "05563c72b22b39afb384f19701c03047:1600838589.100191"
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
location: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fsport%2Fafl%2Fteams%2Fcollingwood%2Feddie-mcguire-to-step-down-as-collingwood-president-at-end-of-2021-season%2Fnews-story%2F73aad9593a380c1cfb3510c9e90073df&memtype=anonymous&mode=premium&nk=2e4fd91081df1496439c2827823fb721-1608067242
cache-control: max-age=0, no-cache
content-type: text/html
content-length: 154
expires: Tue, 15 Dec 2020 21:20:42 GMT

GET
H2 200 coronavirus
www.heraldsun.com.au/ 0
47 KB 1104ms
1103ms Other
text/html 95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/coronavirus

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-184-145.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
content-length: 46766
x-xss-protection: 1
pragma: no-cache
x-rq: bom2 113 245 3125
server: nginx
date: Tue, 15 Dec 2020 21:20:43 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Tue, 15 Dec 2020 21:20:43 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fcoronavirus&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=coronavirus&session=0dc6f49ce25a146c488ef0b7eb25e0f0
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2

200

/
www.heraldsun.com.au/subscribe/news/1/
Redirect Chain

https://www.heraldsun.com.au/coronavirus/new-criteria-changes-wholl-get-covid19-vaccine-first/news-story/673af666e1eb8e6d4d0d8c72c2cdfb9f
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fnew-criteria-changes-wholl-get-covid19-vaccine-first%2Fnews-story%2F...

0
1 KB

122ms
122ms

Other
text/html

95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fnew-criteria-changes-wholl-get-covid19-vaccine-first%2Fnews-story%2F673af666e1eb8e6d4d0d8c72c2cdfb9f&memtype=anonymous&mode=premium

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-184-145.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date: Tue, 15 Dec 2020 21:20:43 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=1384
is-https: true
ssl: yes
content-length: 912
expires: Tue, 15 Dec 2020 21:43:47 GMT

Redirect headers

date: Tue, 15 Dec 2020 21:20:42 GMT
server: AkamaiGHost
x-arrrg5: BlaizeHappened
vary: User-Agent
location: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fcoronavirus%2Fnew-criteria-changes-wholl-get-covid19-vaccine-first%2Fnews-story%2F673af666e1eb8e6d4d0d8c72c2cdfb9f&memtype=anonymous&mode=premium
expires: Tue, 15 Dec 2020 21:20:42 GMT
cache-control: max-age=0
is-https: true
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fcoronavirus%2fnew-criteria-changes-wholl-get-covid19-vaccine-first%2fnews-story%2f673af666e1eb8e6d4d0d8c72c2cdfb9f&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=673af666e1eb8e6d4d0d8c72c2cdfb9f&session=0dc6f49ce25a146c488ef0b7eb25e0f0
content-length: 0
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 confidential
www.heraldsun.com.au/entertainment/ 0
49 KB 2438ms
2438ms Other
text/html 95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/entertainment/confidential

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-184-145.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
content-length: 49134
x-xss-protection: 1
pragma: no-cache
x-rq: bom2 114 24 3104
server: nginx
date: Tue, 15 Dec 2020 21:20:45 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Tue, 15 Dec 2020 21:20:45 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fentertainment%2fconfidential&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=confidential&session=0dc6f49ce25a146c488ef0b7eb25e0f0
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2

200

/
www.heraldsun.com.au/subscribe/news/1/
Redirect Chain

https://www.heraldsun.com.au/entertainment/confidential/richmond-coach-damien-harwick-has-separated-from-his-wife-danielle/news-story/4e64d940189d4534ef1398e511cbfd50
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fentertainment%2Fconfidential%2Frichmond-coach-damien-harwick-has-separated-from-hi...

0
1 KB

116ms
115ms

Other
text/html

95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fentertainment%2Fconfidential%2Frichmond-coach-damien-harwick-has-separated-from-his-wife-danielle%2Fnews-story%2F4e64d940189d4534ef1398e511cbfd50&memtype=anonymous&mode=premium

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-184-145.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date: Tue, 15 Dec 2020 21:20:43 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=1112
is-https: true
ssl: yes
content-length: 912
expires: Tue, 15 Dec 2020 21:39:15 GMT

Redirect headers

date: Tue, 15 Dec 2020 21:20:43 GMT
server: AkamaiGHost
x-arrrg5: BlaizeHappened
vary: User-Agent
location: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fentertainment%2Fconfidential%2Frichmond-coach-damien-harwick-has-separated-from-his-wife-danielle%2Fnews-story%2F4e64d940189d4534ef1398e511cbfd50&memtype=anonymous&mode=premium
expires: Tue, 15 Dec 2020 21:20:43 GMT
cache-control: max-age=0
is-https: true
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fentertainment%2fconfidential%2frichmond-coach-damien-harwick-has-separated-from-his-wife-danielle%2fnews-story%2f4e64d940189d4534ef1398e511cbfd50&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=4e64d940189d4534ef1398e511cbfd50&session=0dc6f49ce25a146c488ef0b7eb25e0f0
content-length: 0
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 dd2f8b737366ed1e036d8ea5e474140c
www.heraldsun.com.au/coronavirus/melbourne-traffic-congestion-is-expected-to-worsen-as-commuters-ditch-public-transport/news-story/ 0
41 KB 2245ms
2244ms Other
text/html 95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/coronavirus/melbourne-traffic-congestion-is-expected-to-worsen-as-commuters-ditch-public-transport/news-story/dd2f8b737366ed1e036d8ea5e474140c

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-184-145.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
content-length: 40203
x-xss-protection: 1
pragma: no-cache
x-rq: bom2 112 183 3101
server: nginx
date: Tue, 15 Dec 2020 21:20:45 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Tue, 15 Dec 2020 21:20:45 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fcoronavirus%2fmelbourne-traffic-congestion-is-expected-to-worsen-as-commuters-ditch-public-transport%2fnews-story%2fdd2f8b737366ed1e036d8ea5e474140c&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=dd2f8b737366ed1e036d8ea5e474140c&session=0dc6f49ce25a146c488ef0b7eb25e0f0
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 north-west
www.heraldsun.com.au/leader/ 0
53 KB 2248ms
2247ms Other
text/html 95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/leader/north-west

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-184-145.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: bom2 119 85 3122
server: nginx
date: Tue, 15 Dec 2020 21:20:45 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Tue, 15 Dec 2020 21:20:45 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fleader%2fnorth-west&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=north-west&session=0dc6f49ce25a146c488ef0b7eb25e0f0
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2

200

/
www.heraldsun.com.au/subscribe/news/1/
Redirect Chain

https://www.heraldsun.com.au/leader/north-west/kilmore-grub-ivan-benic-pleads-guilty-to-sex-charges-after-caught-with-200000-child-porn-files/news-story/4a93aeda0e52360748563c9dceb8c60f
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west%2Fkilmore-grub-ivan-benic-pleads-guilty-to-sex-charges-after-c...

0
1 KB

116ms
116ms

Other
text/html

95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west%2Fkilmore-grub-ivan-benic-pleads-guilty-to-sex-charges-after-caught-with-200000-child-porn-files%2Fnews-story%2F4a93aeda0e52360748563c9dceb8c60f&memtype=anonymous&mode=premium

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-184-145.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date: Tue, 15 Dec 2020 21:20:44 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=1047
is-https: true
ssl: yes
content-length: 912
expires: Tue, 15 Dec 2020 21:38:11 GMT

Redirect headers

date: Tue, 15 Dec 2020 21:20:44 GMT
server: AkamaiGHost
x-arrrg5: BlaizeHappened
vary: User-Agent
location: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth-west%2Fkilmore-grub-ivan-benic-pleads-guilty-to-sex-charges-after-caught-with-200000-child-porn-files%2Fnews-story%2F4a93aeda0e52360748563c9dceb8c60f&memtype=anonymous&mode=premium
expires: Tue, 15 Dec 2020 21:20:44 GMT
cache-control: max-age=0
is-https: true
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fleader%2fnorth-west%2fkilmore-grub-ivan-benic-pleads-guilty-to-sex-charges-after-caught-with-200000-child-porn-files%2fnews-story%2f4a93aeda0e52360748563c9dceb8c60f&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=4a93aeda0e52360748563c9dceb8c60f&session=0dc6f49ce25a146c488ef0b7eb25e0f0
content-length: 0
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 schools-hub
www.heraldsun.com.au/education/ 0
51 KB 2355ms
2354ms Other
text/html 95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/education/schools-hub

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-184-145.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: bom2 119 100 3097
server: nginx
date: Tue, 15 Dec 2020 21:20:45 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Tue, 15 Dec 2020 21:20:45 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2feducation%2fschools-hub&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=schools-hub&session=0dc6f49ce25a146c488ef0b7eb25e0f0
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2

200

/
www.heraldsun.com.au/subscribe/news/1/
Redirect Chain

https://www.heraldsun.com.au/education/schools-hub/dunce-teachers-to-be-weeded-out-with-tough-test/news-story/70981f845b774d62bd0f3da3bd3f187b
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Feducation%2Fschools-hub%2Fdunce-teachers-to-be-weeded-out-with-tough-test%2Fnews-s...

0
1 KB

100ms
99ms

Other
text/html

95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Feducation%2Fschools-hub%2Fdunce-teachers-to-be-weeded-out-with-tough-test%2Fnews-story%2F70981f845b774d62bd0f3da3bd3f187b&memtype=anonymous&mode=premium

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-184-145.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date: Tue, 15 Dec 2020 21:20:44 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=884
is-https: true
ssl: yes
content-length: 912
expires: Tue, 15 Dec 2020 21:35:28 GMT

Redirect headers

date: Tue, 15 Dec 2020 21:20:44 GMT
server: AkamaiGHost
x-arrrg5: BlaizeHappened
vary: User-Agent
location: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Feducation%2Fschools-hub%2Fdunce-teachers-to-be-weeded-out-with-tough-test%2Fnews-story%2F70981f845b774d62bd0f3da3bd3f187b&memtype=anonymous&mode=premium
expires: Tue, 15 Dec 2020 21:20:44 GMT
cache-control: max-age=0
is-https: true
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2feducation%2fschools-hub%2fdunce-teachers-to-be-weeded-out-with-tough-test%2fnews-story%2f70981f845b774d62bd0f3da3bd3f187b&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=70981f845b774d62bd0f3da3bd3f187b&session=0dc6f49ce25a146c488ef0b7eb25e0f0
content-length: 0
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 police-courts
www.heraldsun.com.au/truecrimeaustralia/ 0
49 KB 2311ms
2306ms Other
text/html 95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/truecrimeaustralia/police-courts

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-184-145.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: WordPress VIP <https://wpvip.com>
is-https: true
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1
pragma: no-cache
x-rq: bom2 114 53 3172
server: nginx
date: Tue, 15 Dec 2020 21:20:46 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
x-arrrg5: BlaizeHappened
expires: Tue, 15 Dec 2020 21:20:46 GMT
cache-control: max-age=0, no-cache, no-store
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2ftruecrimeaustralia%2fpolice-courts&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=police-courts&session=0dc6f49ce25a146c488ef0b7eb25e0f0
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2

200

/
www.heraldsun.com.au/subscribe/news/1/
Redirect Chain

https://www.heraldsun.com.au/truecrimeaustralia/police-courts/topflight-lawyers-no-guarantee-of-freedom-for-mokbel/news-story/6396ffebd9404299d8adaebb8844e65b
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a_TCA_PC&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Ftruecrimeaustralia%2Fpolice-courts%2Ftopflight-lawyers-no-guarantee-of-free...

0
1 KB

103ms
102ms

Other
text/html

95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a_TCA_PC&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Ftruecrimeaustralia%2Fpolice-courts%2Ftopflight-lawyers-no-guarantee-of-freedom-for-mokbel%2Fnews-story%2F6396ffebd9404299d8adaebb8844e65b&memtype=anonymous&mode=premium

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-184-145.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date: Tue, 15 Dec 2020 21:20:46 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=2601
is-https: true
ssl: yes
content-length: 912
expires: Tue, 15 Dec 2020 22:04:07 GMT

Redirect headers

date: Tue, 15 Dec 2020 21:20:45 GMT
server: AkamaiGHost
x-arrrg5: BlaizeHappened
vary: User-Agent
location: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a_TCA_PC&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Ftruecrimeaustralia%2Fpolice-courts%2Ftopflight-lawyers-no-guarantee-of-freedom-for-mokbel%2Fnews-story%2F6396ffebd9404299d8adaebb8844e65b&memtype=anonymous&mode=premium
expires: Tue, 15 Dec 2020 21:20:45 GMT
cache-control: max-age=0
is-https: true
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2ftruecrimeaustralia%2fpolice-courts%2ftopflight-lawyers-no-guarantee-of-freedom-for-mokbel%2fnews-story%2f6396ffebd9404299d8adaebb8844e65b&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=6396ffebd9404299d8adaebb8844e65b&session=0dc6f49ce25a146c488ef0b7eb25e0f0
content-length: 0
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2

200

/
www.heraldsun.com.au/subscribe/news/1/
Redirect Chain

https://www.heraldsun.com.au/news/victoria/melbourne-suburbs-where-2020-homebuyers-have-spent-the-most-corelogic/news-story/4bd91cc6da693eed17dbf7832e18bb3b
https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fvictoria%2Fmelbourne-suburbs-where-2020-homebuyers-have-spent-the-most-core...

0
1 KB

118ms
117ms

Other
text/html

95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fvictoria%2Fmelbourne-suburbs-where-2020-homebuyers-have-spent-the-most-corelogic%2Fnews-story%2F4bd91cc6da693eed17dbf7832e18bb3b&memtype=anonymous&mode=premium

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-184-145.deploy.static.akamaitechnologies.com

Software

Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date: Tue, 15 Dec 2020 21:20:45 GMT
vary: User-Agent, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=2650
is-https: true
ssl: yes
content-length: 912
expires: Tue, 15 Dec 2020 22:04:55 GMT

Redirect headers

date: Tue, 15 Dec 2020 21:20:45 GMT
server: AkamaiGHost
x-arrrg5: BlaizeHappened
vary: User-Agent
location: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Fnews%2Fvictoria%2Fmelbourne-suburbs-where-2020-homebuyers-have-spent-the-most-corelogic%2Fnews-story%2F4bd91cc6da693eed17dbf7832e18bb3b&memtype=anonymous&mode=premium
expires: Tue, 15 Dec 2020 21:20:45 GMT
cache-control: max-age=0
is-https: true
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-arrrg1: /blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fnews%2fvictoria%2fmelbourne-suburbs-where-2020-homebuyers-have-spent-the-most-corelogic%2fnews-story%2f4bd91cc6da693eed17dbf7832e18bb3b&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=4bd91cc6da693eed17dbf7832e18bb3b&session=0dc6f49ce25a146c488ef0b7eb25e0f0
content-length: 0
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 f8139354a33364df5342a69f954eb0ba
content.api.news/v3/images/bin/ 8 KB
8 KB 104ms
103ms Image
image/jpeg 95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/f8139354a33364df5342a69f954eb0ba?width=320
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-184-145.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 80271a549051571c7a4445319b2e80dffad178da496b0261995fcc65f302ada8

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: f8139354a33364df5342a69f954eb0ba
date: Tue, 15 Dec 2020 21:20:35 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 5313fec3b880edba2b7ac8a2c9ed49cc-f8139354a33364df5342a69f954eb0ba-320
x-serial: 2028
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5140509
last-modified: Tue, 15 Dec 2020 09:17:08 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 7692
expires: Sat, 13 Feb 2021 09:15:44 GMT

GET
H2 200 b62aa654f132c1a8f0aac26eba072d33
content.api.news/v3/images/bin/ 9 KB
10 KB 98ms
98ms Image
image/jpeg 95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/b62aa654f132c1a8f0aac26eba072d33?width=320
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-184-145.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: d3fb766c42c1d029941445a2b55369f4c38cd35385ddfcde70d25f71f41937af

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: b62aa654f132c1a8f0aac26eba072d33
date: Tue, 15 Dec 2020 21:20:35 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 1179cb1bf9c0663840cda3c11f259c51-b62aa654f132c1a8f0aac26eba072d33-320
x-serial: 1586
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5142481
last-modified: Tue, 15 Dec 2020 09:45:33 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 9478
expires: Sat, 13 Feb 2021 09:48:36 GMT

GET
H2 200 dae9dd8e4cf2883023928e196d10f713
content.api.news/v3/images/bin/ 14 KB
14 KB 100ms
99ms Image
image/webp 95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/dae9dd8e4cf2883023928e196d10f713?width=320
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-184-145.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: d1a3bc73f51534788911fbc36f882cf5e8981830226e3b98d088519b9024aadc

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: dae9dd8e4cf2883023928e196d10f713
date: Tue, 15 Dec 2020 21:20:35 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 2651fabaae31fcb794300985dac96759-dae9dd8e4cf2883023928e196d10f713-320
x-serial: 1902
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5136601
last-modified: Tue, 15 Dec 2020 08:11:06 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 13858
expires: Sat, 13 Feb 2021 08:10:36 GMT

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ 9 KB
3 KB 94ms
93ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201123-29-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a5637934865d2aa41b2cb550b37d4f57070028d026edcc4891dd0b52e4685ae5

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: o4T63Sh.xgRNl2qmKkn70cuLpzZLzSVA
content-encoding: gzip
etag: "75c293488f88dded172b9df1863a9237"
age: 22667
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 3132
x-amz-id-2: hZvlftDIhVzQPeHUHkdniDK7nymmxEdcmkYM2C8FgEsbetC5vPHPlqoXCF72+17aK9gUg3bFyJk=
x-served-by: cache-fra19163-FRA
last-modified: Tue, 15 Dec 2020 15:02:44 GMT
server: AmazonS3
x-timer: S1608067236.824130,VS0,VE0
date: Tue, 15 Dec 2020 21:20:35 GMT
vary: Accept-Encoding
x-amz-request-id: 9B61C327F727993D
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 45
x-cache-hits: 379484

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 3 KB
1 KB 82ms
81ms Stylesheet
text/css 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201123-29-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2cb57515497d75f4345929ae896c87c21f27d609aed94fb83f857e5b96f9835

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: tcahAQL7SM5vHmChLog9xryayd2KNhUu
content-encoding: gzip
etag: "9e155136143a96e23a99757df9aa3cc8"
age: 14372
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 728
x-amz-id-2: f65xj6iuxogMKrz0V0PcFaMwZec2VDREXRA0jdjbf3aLNlkxtn2vhTmCXQ21535SK5HpYLHFJGI=
x-served-by: cache-fra19163-FRA
last-modified: Sun, 15 Nov 2020 09:20:35 GMT
server: AmazonS3
x-timer: S1608067236.691551,VS0,VE0
date: Tue, 15 Dec 2020 21:20:35 GMT
vary: Accept-Encoding
x-amz-request-id: 414C1B5C7AA1A893
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 45
x-cache-hits: 146740

GET
H2 200 distance-from-article.20201123-29-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 82ms
81ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20201123-29-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7bcdcdbbd7da2c5f0fc20f50bde5abf65a0a1e5dcad641cf6dbfe126c1165015

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 6GSFCRUHFH0yNotCyO3bx7KHwK_WZH_T
content-encoding: gzip
etag: "b7654036357f0a0b281ceb5a4a6bb6e7"
age: 81
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 966
x-amz-id-2: iuC+lwmkDkiw9co0jOlk0l6HQlXkYebkTKYSXIHGQtM4yJM107iIeHwnBg4Dcvhw95JkkO/YTjI=
x-served-by: cache-fra19163-FRA
last-modified: Mon, 23 Nov 2020 21:33:22 GMT
server: AmazonS3
x-timer: S1608067236.837897,VS0,VE0
date: Tue, 15 Dec 2020 21:20:35 GMT
vary: Accept-Encoding
x-amz-request-id: CA1F2981E0F43ECC
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 45
x-cache-hits: 2

GET
H2 200 article-detection.20201123-29-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 83ms
82ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20201123-29-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4210fb41aeba98fcaeb3030322721a465d3abe3ea79004ca8dacac852034f1f8

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: iYx1aLTy9dNP3XqOVv9kpAF6Or3L4yws
content-encoding: gzip
etag: "610a4761aae465eb06fe0cebf357d5fd"
age: 81
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 865
x-amz-id-2: YFvUyEdoAGHgUq/unPKtyTZquYLGSd/J54fU6JwPIoIpyCW+XkrEFzJ+/N6WQ03HRoZj4yKciV8=
x-served-by: cache-fra19163-FRA
last-modified: Mon, 23 Nov 2020 21:33:29 GMT
server: AmazonS3
x-timer: S1608067236.864269,VS0,VE0
date: Tue, 15 Dec 2020 21:20:35 GMT
vary: Accept-Encoding
x-amz-request-id: CBD28FE70FDD868F
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 45
x-cache-hits: 2

GET
H2

200

rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame DDF7
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=babc4993-0f84-4e49-8495-9ff691b7d5d9
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=babc4993-0f84-4e49-8495-9ff691b7d5d9&tbid=0970d3b6-b50c-41c2-8222-f80217b0dc45-tuct6d2ae24&query=taboola_hm%3Dbabc4993-0f84-...

0
53 B

255ms
255ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=babc4993-0f84-4e49-8495-9ff691b7d5d9&tbid=0970d3b6-b50c-41c2-8222-f80217b0dc45-tuct6d2ae24&query=taboola_hm%3Dbabc4993-0f84-4e49-8495-9ff691b7d5d9&isDirect=0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:36 GMT
via: 1.1 varnish
server: nginx
x-timer: S1608067237.583651,VS0,VE10
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19163-FRA

Redirect headers

location: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=babc4993-0f84-4e49-8495-9ff691b7d5d9&tbid=0970d3b6-b50c-41c2-8222-f80217b0dc45-tuct6d2ae24&query=taboola_hm%3Dbabc4993-0f84-4e49-8495-9ff691b7d5d9&isDirect=0
tbl-x-upstream: 10.41.30.18:10213
date: Tue, 15 Dec 2020 21:20:36 GMT
server: nginx
x-fastly-to-nlb-rtt: 23992

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame DDF7 0
239 B 365ms
99ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

GET
H2

204

/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame DDF7
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=dTBJgbTMdkUW&ev=1&orig=trc&pid=562107

0
217 B

97ms
96ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=dTBJgbTMdkUW&ev=1&orig=trc&pid=562107
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.111:10213
date: Tue, 15 Dec 2020 21:20:36 GMT
server: nginx
x-fastly-to-nlb-rtt: 23828

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=dTBJgbTMdkUW&ev=1&orig=trc&pid=562107
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-659d447f4f-4blmx
expires: -1

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame DDF7 43 B
691 B 314ms
136ms Image
image/gif 185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.52 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Dec 2020 21:20:36 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 725.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.249:80
AN-X-Request-Uuid: 7872503e-90ab-4c8a-9ab5-b4a9e19a0e21
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame DDF7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc=
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEOGOeRtkbxjJG-SHo6lkYMM&google_cver=1

0
227 B

104ms
103ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEOGOeRtkbxjJG-SHo6lkYMM&google_cver=1
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Tue, 15 Dec 2020 21:20:36 GMT
via: 1.1 varnish
server: nginx
x-timer: S1608067236.151189,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19163-FRA

Redirect headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:36 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEOGOeRtkbxjJG-SHo6lkYMM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Pug
simage2.pubmatic.com/AdServer/ Frame DDF7 42 B
885 B 103ms
103ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=4f76d468-e25a-4419-a2c7-06f5da22d33e-tuct6d2ae23:$UID
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Tue, 15 Dec 2020 21:20:36 GMT
X-lat: Pug22030:0:549
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame DDF7
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=0970d3b6-b50c-41c2-8222-f80217b0dc45-tuct6d2ae24

170 B
190 B

17ms
16ms

Image
image/png

2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=0970d3b6-b50c-41c2-8222-f80217b0dc45-tuct6d2ae24

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=0970d3b6-b50c-41c2-8222-f80217b0dc45-tuct6d2ae24
tbl-x-upstream: 10.41.30.18:10213
date: Tue, 15 Dec 2020 21:20:36 GMT
server: nginx
x-fastly-to-nlb-rtt: 24460

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame DDF7
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=2b140fc7-7023-40b2-b4fb-df2826229b3d

0
55 B

164ms
163ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=2b140fc7-7023-40b2-b4fb-df2826229b3d
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Tue, 15 Dec 2020 21:20:36 GMT
via: 1.1 varnish
server: nginx
x-timer: S1608067237.583657,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19163-FRA

Redirect headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:36 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=2b140fc7-7023-40b2-b4fb-df2826229b3d
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame DDF7
Redirect Chain

https://ce.lijit.com/merge?pid=42&3pid=4f76d468-e25a-4419-a2c7-06f5da22d33e-tuct6d2ae23&us_privacy=&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=42&3pid=4f76d468-e25a-4419-a2c7-06f5da22d33e-tuct6d2ae23&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

0
433 B

106ms
106ms

Image
text/plain

72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=42&3pid=4f76d468-e25a-4419-a2c7-06f5da22d33e-tuct6d2ae23&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Dec 2020 21:20:36 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 15 Dec 2020 21:20:36 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=42&3pid=4f76d468-e25a-4419-a2c7-06f5da22d33e-tuct6d2ae23&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame DDF7 49 B
406 B 182ms
181ms Image
image/gif 198.148.27.139
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=4f76d468-e25a-4419-a2c7-06f5da22d33e-tuct6d2ae23

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-659d447f4f-8zsmx
expires: -1

GET
H2

200

rtb-h
sync.taboola.com/sg/storygize-network/1/ Frame DDF7
Redirect Chain

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=4f76d468-e25a-4419-a2c7-06f5da22d33e-tuct6d2ae23
https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301

0
226 B

91ms
91ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.41.30.18:10213
date: Tue, 15 Dec 2020 21:20:36 GMT
server: nginx
x-fastly-to-nlb-rtt: 28694

Redirect headers

Location: https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
Pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
Connection: keep-alive
P3P: CP ALL ADM DEV PSAi COM OUR OTRo STP IND ONL
Content-Length: 0
expires: 0

GET
H/1.1 503
Service Unavailable /
rtb-csync.smartadserver.com/redir/ Frame DDF7 0
0 327ms
104ms Image
text/html 185.86.138.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=4f76d468-e25a-4419-a2c7-06f5da22d33e-tuct6d2ae23&gdpr=0&gdpr_consent=
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame DDF7 42 B
233 B 504ms
166ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=281&r=%2F%2Fsync.taboola.com%2Fsg%2Fadkernelrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%7BUID%7D
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 Garden City, United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Dec 2020 21:20:36 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2 200 put
e1.emxdgt.com/ Frame DDF7 43 B
98 B 102ms
102ms Image
image/gif 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d41&uid=4f76d468-e25a-4419-a2c7-06f5da22d33e-tuct6d2ae23
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:36 GMT
content-length: 43
x-nosync: emp
content-type: image/gif

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame DDF7
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=badde154-74f2-47eb-996d-17a9c7b5f9fd

0
226 B

83ms
83ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=badde154-74f2-47eb-996d-17a9c7b5f9fd
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.40.20.11:10213
date: Tue, 15 Dec 2020 21:20:36 GMT
server: nginx
x-fastly-to-nlb-rtt: 26828

Redirect headers

pragma: no-cache
x-errorlevel: 0
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=badde154-74f2-47eb-996d-17a9c7b5f9fd
cache-control: no-cache
date: Tue, 15 Dec 2020 21:20:36 GMT
server-processing-duration-in-ticks: 1602
content-type: text/html; charset=utf-8
content-length: 222
expires: Tue, 15 Dec 2020 00:00:00 GMT

GET

pixel
cm.g.doubleclick.net/ Frame DDF7
Redirect Chain

https://id5-sync.com/s/464/9.gif?puid=4f76d468-e25a-4419-a2c7-06f5da22d33e-tuct6d2ae23&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
https://id5-sync.com/c/464/464/7/1.gif?puid=4f76d468-e25a-4419-a2c7-06f5da22d33e-tuct6d2ae23&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOSfD_wnUOjJ1KAeVnSpRAnaaA3H9fX7Qx0nkI4g&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOSfD_wnUOjJ1KAeVnSpRAnaaA3H9fX7Qx0nkI4g&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp...
https://id5-sync.com/cq/464/124/6/2.gif?puid=90c32524-a9e5-4061-9382-20b6f2bcf331&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://id5-sync.com/c/464/19/5/3.gif?puid=52bd6856215f80e96e13d4840d1532f5&gdpr=1&gdpr_consent=
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/464/101/4/4.gif?puid=3aa013af-5b0f-4d18-87c2-46c7a20aaa1c&gdpr=1&gdpr_consent=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gd...
https://id5-sync.com/c/464/108/3/5.gif?puid=60d26483-3f1b-11eb-a599-e2dd7f45358e&gdpr=1&gdpr_consent=
https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F2%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F2%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F2%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/464/146/2/6.gif?puid=66c409b5-7b64-4759-9ff7-2171d2fa2aa1&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/c=2831/tp=GDMP?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F398%2F1%2F7....
https://sync.crwdcntrl.net/map/ct=y/c=2831/tp=GDMP?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F398%2F1...
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NTJiZDY4NTYyMTVmODBlOTZlMTNkNDg0MGQxNTMyZjU&google_redir=https://id5-sync.com/c/464/398/1/7.gif?puid=NTJiZDY4NTYyMTVmODBlOTZlMTNkN...

0
0

GET
H2

204

rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame DDF7
Redirect Chain

https://s.c.appier.net/taboola
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=zTm1g3ZkB9O88KX6pCjZXw

0
217 B

87ms
86ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=zTm1g3ZkB9O88KX6pCjZXw
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.41.24.10:10213
date: Tue, 15 Dec 2020 21:20:37 GMT
server: nginx
x-fastly-to-nlb-rtt: 26298

Redirect headers

location: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=zTm1g3ZkB9O88KX6pCjZXw
date: Tue, 15 Dec 2020 21:20:36 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 110
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame DDF7 35 B
380 B 708ms
179ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-ServerName: Track003-dc3
Pragma: no-cache
Date: Tue, 15 Dec 2020 21:20:33 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H/1.1 204
No Content /
cds.taboola.com/ Frame DDF7 0
155 B 494ms
156ms Image
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cds.taboola.com/?uid=4f76d468-e25a-4419-a2c7-06f5da22d33e-tuct6d2ae23&_r=7978486
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 15 Dec 2020 21:20:37 GMT
Cache-Control: no-store
Server: nginx
Connection: close

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame DDF7
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=fc814e30-dfce-47c4-bfec-8011539b4335
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=babc4993-0f84-4e49-8495-9ff691b7d5d9&ssp=taboola
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=fc814e30-dfce-47c4-bfec-8011539b4335

0
226 B

85ms
85ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=fc814e30-dfce-47c4-bfec-8011539b4335
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.40.20.14:10213
date: Tue, 15 Dec 2020 21:20:37 GMT
server: nginx
x-fastly-to-nlb-rtt: 25836

Redirect headers

location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=fc814e30-dfce-47c4-bfec-8011539b4335
date: Tue, 15 Dec 2020 21:20:37 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 204 debug
trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/ 0
276 B 90ms
89ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/debug?tim=22%3A20%3A35.659&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbnails-midrail-native&id=7066&cv=20201123-29-RELEASE&lt=tfa_eid_ctrl&pct=1
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:36 GMT
server: nginx
x-fastly-to-nlb-rtt: 28138
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.41.22.84:10213

GET
H2 204 social
trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/ 0
407 B 81ms
80ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/social?route=AM:AM:V&lti=tfa_eid_ctrl&ri=affc2f77ebbeeab77fffaedfc416dccd&sd=v2_1e69526a84af4f92b61c93b8b81e97ec_4f76d468-e25a-4419-a2c7-06f5da22d33e-tuct6d2ae23_1608067235_1608067235_CIi3jgYQgPNHGLn6msLmLiABKAEwrgE47qgMQO3xK0jp2dgDUP___________wFYAGAAaOKmqpGyrZficA&ui=4f76d468-e25a-4419-a2c7-06f5da22d33e-tuct6d2ae23&pi=/&wi=873729681997272865&pt=home&vi=1608067235129&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=22%3A20%3A35.674&id=316&llvl=1&cv=20201123-29-RELEASE&
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:36 GMT
server: nginx
x-fastly-to-nlb-rtt: 27442
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.40.20.11:10213

GET
H2 200 vidora-client.1.x.x.min.js Show response
assets.vidora.com/js/ 8 KB
4 KB 73ms
21ms Script
application/javascript 2600:9000:206f:fe00:4:77d:a0c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:fe00:4:77d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 08052c2c99dd94a7e638999360264f21fd6ea6c6e7f0c9fbaf55e11cd4fe314f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 00:25:43 GMT
content-encoding: gzip
last-modified: Wed, 08 Apr 2020 14:24:21 GMT
server: AmazonS3
age: 75294
etag: "09285b59e7b4661ace266ee756c7b3f3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: hRedX_wOxhY5fKnPf2qExTmdhp7NwImd4IgzNYOQ1YJXHtSGsLGo1w==

GET
H2 200 authorize
login.newscorpaustralia.com/ Frame 84FE 0
0 441ms
441ms Document
text/html 104.108.60.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=2nVoYFq6hxdpfvMz9.UFdXdrvTiJ9lKB&nonce=cN0oz5sIJjHU0S7MJIlb~0UJBRdoA~B1&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.108.60.35 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-60-35.deploy.static.akamaitechnologies.com

Software

openresty /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: login.newscorpaustralia.com
:scheme: https
:path: /authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=2nVoYFq6hxdpfvMz9.UFdXdrvTiJ9lKB&nonce=cN0oz5sIJjHU0S7MJIlb~0UJBRdoA~B1&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

server: openresty
content-type: text/html;charset=UTF-8
ot-tracer-spanid: 79512991220853f3
ot-tracer-traceid: 045a9eb958a16352
ot-tracer-sampled: true
ot-baggage-auth0-request-id: 28435-1608067235.960-2.16.110.188-1442-578854614-15-0.000
x-auth0-requestid: 50aeed08ece2be729cdb
x-ratelimit-limit: 1000
x-ratelimit-remaining: 998
x-ratelimit-reset: 1608067236
content-encoding: gzip
strict-transport-security: max-age=31536000
x-akamai-transformed: 9 534 0 pmb=mTOE,3
expires: Tue, 15 Dec 2020 21:20:36 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 15 Dec 2020 21:20:36 GMT
content-length: 842
vary: Accept-Encoding
set-cookie: did=s%3Av0%3A5f411620-3f1b-11eb-bd32-b3a1691719f2.8QpQRpLjurW7ZQ%2BB2svpYm1IhAkQnU9ft9EFrM7mRHA; Max-Age=31557600; Path=/; Expires=Thu, 16 Dec 2021 03:20:35 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A5f411620-3f1b-11eb-bd32-b3a1691719f2.8QpQRpLjurW7ZQ%2BB2svpYm1IhAkQnU9ft9EFrM7mRHA; Max-Age=31557600; Path=/; Expires=Thu, 16 Dec 2021 03:20:35 GMT; HttpOnly; Secure ak_bmsc=2C42206794449142960D959696F00A7C48F7B34D99290000A428D95F35E66B14~plnTWQTNdac4TkV7z59f7mNJWeqTAcE8kbczxay/RSxB0MH6i1gaihnAH2TIoT0fyF5hJWJbcXgKCQMwDCQcmzp4O71rUfzll14UC64xCFsvmQ054xDsUIsAAZD8XzMtFI3qtlDXM7nrusPCKTt4+SfBgDs/CmdwSYAYIeYB1XdicV8t2aR+vlLtorhYByHlM0Ua3KGukF8SabtQ04aimxEf6CrRXE0Bxc9qaBek7BSlzYjP8ZE4Jb2apEuriIfzn9; expires=Tue, 15 Dec 2020 23:20:36 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=404BEF5293B123F673BB9C83DEFEE2E7~1DD84EeoVOreVSov2ZxRZ1hoKn47KDlIyiqh6B6cZ0NKSWz/+YxSy0LsjKjVteth09Q3k8GyySqX2pGAJSXqhJeSSWLNwX8tkCWD0w8aNJdk7eaC6f1ITlWvFUNIOvBxpL2Xdb0PmqMoKbuw9WtvrGsRSUrojlmYkCk8U0kopsEXQ+qszo2qBGyN+nU1Ur0QTc8GyVNoMzlSTHS8RylDxqfKaBiwLLF2pwC73EJ7KcGEHurxMtxNfnGsMHyr+80X; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=ACD640FE8C1E9EECC9ED047AAB562C72~YAAQTbP3SKHDmQV2AQAAI8FGaApAkLq10UHamlm3OIB3lIlWtFTRIiDHZJNUV1Mhkv0/6xSLJvCMHgYJVERf+pkxKrrSldUPqYRmqb81apFaBXshajdq/WCfg3jhkfV/abTcq9Oej3xER1HaO76c6vhLAtCfbwJ30QUo/H1nl8FfI3Z0UvVwWAraXMDrOC4FbZ7qEZE9g+xmVtY=; Domain=.newscorpaustralia.com; Path=/; Expires=Wed, 16 Dec 2020 01:20:35 GMT; Max-Age=14399; HttpOnly _abck=9D0EEB89A40E5DB3BEF9A859BF999DE6~-1~YAAQTbP3SKLDmQV2AQAAI8FGaAVmSWnOuAdDOI2G7IlKWW1DDLW3Rrbr8j2IClw1/7JRGRSMCVVJP8glVRErSPnOLJNuzMZpKDpm1ybgVqa6DHs1r4RY4pGu7k9B7SMtOKNCc1tUv7P2rSWvmkQ5xzBa5EFmjHZEi+d+yl0H212Bki7q1XpiOMTRca3Z8kq8yfUrxEhnKzIDim2GDlmXJX7N6wLHyal9L5hi7G2APGi9sZvhtF1qlodVBj5wyRf+Dyc5hv88dR+dbD3Vp5Nr8zcwCo20ZpMCz4VeJ65P7tK1Rs8jPNTYd2/5jdnxbq5HqIIZOFc=~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Wed, 15 Dec 2021 21:20:36 GMT; Max-Age=31536000; Secure

GET
H2 200 authorize
login.newscorpaustralia.com/ Frame 2791 0
0 474ms
473ms Document
text/html 104.108.60.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=idxvYlzM93sE~q1j9GVYrt50cwQg7BVs&nonce=XmPbYVT0LIcOd50GeNlbE_VuiIw9G2ZJ&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.108.60.35 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-60-35.deploy.static.akamaitechnologies.com

Software

openresty /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: login.newscorpaustralia.com
:scheme: https
:path: /authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=idxvYlzM93sE~q1j9GVYrt50cwQg7BVs&nonce=XmPbYVT0LIcOd50GeNlbE_VuiIw9G2ZJ&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xNC4wIn0%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

server: openresty
content-type: text/html;charset=UTF-8
ot-tracer-spanid: 0e8a03035fc9f6d1
ot-tracer-traceid: 1dbffb895611087a
ot-tracer-sampled: true
ot-baggage-auth0-request-id: 29014-1608067236.005-2.16.110.188-1442-578919563-10-0.000
x-auth0-requestid: 355f20ef1338ae03aac2
x-ratelimit-limit: 1000
x-ratelimit-remaining: 999
x-ratelimit-reset: 1608067237
content-encoding: gzip
strict-transport-security: max-age=31536000
x-akamai-transformed: 9 534 0 pmb=mTOE,3
expires: Tue, 15 Dec 2020 21:20:36 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 15 Dec 2020 21:20:36 GMT
content-length: 841
vary: Accept-Encoding
set-cookie: did=s%3Av0%3A5f47f3f0-3f1b-11eb-ac94-977566e3d7e6.xDN9a06hL%2BSg3IB2t1%2FerbDtr3qRgzmMKoxENakS2sQ; Max-Age=31557600; Path=/; Expires=Thu, 16 Dec 2021 03:20:36 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A5f47f3f0-3f1b-11eb-ac94-977566e3d7e6.xDN9a06hL%2BSg3IB2t1%2FerbDtr3qRgzmMKoxENakS2sQ; Max-Age=31557600; Path=/; Expires=Thu, 16 Dec 2021 03:20:36 GMT; HttpOnly; Secure ak_bmsc=D2FCBB7EFC4BA2B8C639C063129D479B48F7B34D99290000A428D95FF8E58C03~plqAe6mktVfZOIMRYP5CiyG1Nbqb/1N7rkUYYbfL4YDRLY+WODiCw0tKuWjHRb/0M8neF1bFu84F2/FF26EMFlCHy1ykeRfADgPcmC7oEG9mLR0qqtXAHb1CuUloUL4g0xcVGbh3WTw/5fLtFqA33q3hfRpXxCvOWYnmvBhV2Rbr+1MGJyH5JBk1meeUydM2bwQ3nM1CfW6wZFVLmci8nOSQdr33Yy+QIZTLJ39UTObLCxzYRtcqByaWqwrh0SSPVp; expires=Tue, 15 Dec 2020 23:20:36 GMT; max-age=7200; path=/; domain=.newscorpaustralia.com; HttpOnly bm_mi=9B432EF9A655A1407CA06BD883BDFD5D~1DD84EeoVOreVSov2ZxRZ+qBpEy3qCMVwRVRMddstBTpV6SmnP3vOEI2bdMp6lFehkKHL7p8s55Nwjeo9FTcftsLCoY10od5u45aDk9hI8pkUVyI+T3P6foeqkZqmpOK8LLSrlUysxS2LdBwpuS6zEnEp2B4nWhAjYrwAnDexrfE/SvZ9FNAiMh8kTNeyVaX1H7E6FhIF7kaNWjCPVA9fXnpMb29Q9IOKD3mJvS/31rZd1pf9pp2ufWHU2Iao9Np; Domain=.newscorpaustralia.com; Path=/; Max-Age=0; HttpOnly bm_sz=66368AA7A3E3108FB63D2425D7C9D272~YAAQTbP3SKXDmQV2AQAAX8FGaAr+iO/eXtWSL6aqlvQ3S9ts2aksi3HVH/d+rUZgf/SB47KG3+bfA1WD1Wz8vK8z6N8sqXNkkYhKYA91Jr4NZnamqLfCNqexafL9s10i7rGwY7Sdpr99ce5dE1lv/rR67AomoyHSN6BwNmpbjoWaLlwG/qn68vnhV3sKQQ3va70wEI+o93prR78=; Domain=.newscorpaustralia.com; Path=/; Expires=Wed, 16 Dec 2020 01:20:35 GMT; Max-Age=14399; HttpOnly _abck=3BFC5D864BFF2C830F0A0E239753C297~-1~YAAQTbP3SKbDmQV2AQAAX8FGaAV84USUc7aDmzbPESWCER98RYpkV1d+FRWJKa5AJyDttgBUX4jYDAzxMol9QSJkbBTfEnEFKZBVoYe9nEdUbFdDwzUQj8wXe5nY4/qngbhqLFdvKkulCbBEC4QbTfLU5nI+fURnknWsvpmENy7XbhaYVl3FLZOdkMnyNL/Phhl3HN6WJuBSiU7E1j9xQYsB0ShE+VfiOcgdij+hEblBmS9SBSTCgOYeDA1Us3OPxVI1nQyBjphoELj4EpbM+ugAvvrjk9qVczXRwBnIQc9CtCNV2gSLxG9AWGsKXUZLDPRUUkU=~-1~-1~-1; Domain=.newscorpaustralia.com; Path=/; Expires=Wed, 15 Dec 2021 21:20:36 GMT; Max-Age=31536000; Secure

GET
H2 200 327e34ac1aafd40664d6b8f2d904fb2e
content.api.news/v3/images/bin/ 10 KB
11 KB 102ms
102ms Image
image/jpeg 95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/327e34ac1aafd40664d6b8f2d904fb2e?width=320
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-184-145.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: cd9fd2cb6860a06d442abc01bd18adc9f0e43bbe0df67dbdf0602fb474153c74

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: 327e34ac1aafd40664d6b8f2d904fb2e
date: Tue, 15 Dec 2020 21:20:36 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 3baf3ab42005e92f997d582b96d0dc8c-327e34ac1aafd40664d6b8f2d904fb2e-320
x-serial: 1237
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5177519
last-modified: Tue, 15 Dec 2020 19:32:12 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 10683
expires: Sat, 13 Feb 2021 19:32:35 GMT

GET
H2 200 utrack.js Show response
tags.news.com.au/prod/utrack/ 2 KB
1 KB 90ms
89ms Script
application/x-javascript 95.101.184.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/utrack/utrack.js?cb=16080672357850.6467691142470575
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.184.236 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-184-236.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 69db8b2a48ae184507608101447b27c415dadec9f5c7265aec3c2633da5c6128

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:36 GMT
content-encoding: gzip
server: Apache
etag: "ab4f3fe7c5c43b61d4377ef72d3952fa:1558613430"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=0, no-cache, no-store
content-type: application/x-javascript
content-length: 831
expires: Tue, 15 Dec 2020 21:20:36 GMT

GET
H2 200 mitas.js Show response
tags.news.com.au/prod/mitas/ 666 B
905 B 79ms
78ms Script
application/x-javascript 95.101.184.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/mitas/mitas.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.184.236 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-184-236.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:36 GMT
cache-control: max-age=27387
server: AkamaiNetStorage
content-type: application/x-javascript
etag: "83a2bbd4d3829f1d4278f4ff0988804c:1490850995"
content-length: 666
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"

GET
H2 200 B7670439;dcadv=4149947;sz=1x2;ord=217172644439.39023 Show response
ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/ 16 KB
6 KB 119ms
119ms Script
text/javascript 216.58.208.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=217172644439.39023?

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.208.38 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f38.1e100.net

Software

cafe /

Resource Hash

4524d395f87e795e7d6fbba4267ca327eac663122e1c614e45617a1234009ac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5802
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 69 KB
23 KB 17ms
16ms Script
application/x-javascript 2600:9000:2070:9600:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2070:9600:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 06e9f93163cce0aa6698b5dbdd52d0ea860a91aa75e80d724051e67e6f0304f3

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:00 GMT
content-encoding: gzip
last-modified: Wed, 14 Oct 2020 02:31:43 GMT
server: nginx
age: 36
etag: W/"5f86630f-112ec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 d4ed28727dd020fd5850b309fbb1f2f5.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: Cvc8qWycCadX02y67DalXZxQ_lAzQ9MZoP3VtFRcwlGqirvil8ayRw==
expires: Tue, 15 Dec 2020 23:20:00 GMT

GET
H2 200 metrics.js Show response
tags.news.com.au/prod/metrics/ 177 KB
61 KB 161ms
161ms Script
application/x-javascript 95.101.184.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/metrics/metrics.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.184.236 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-184-236.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 120be8f5d061203ea26fd4bd2043201d6f06a7fce30cd7104e01c5dfafb48cd7

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:37 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "032ddabb406fd4179075624c01a76c5d:1606693368.080684"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=34583
content-type: application/x-javascript

GET
H2 200 tad.js Show response
tags.news.com.au/prod/tad/ 98 KB
29 KB 95ms
95ms Script
application/x-javascript 95.101.184.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/tad/tad.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.184.236 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-184-236.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7aa0de94f2a1424b10a2a72a14372c7ebd96a41a96cc86aff80bdd7e1f2a3782

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:37 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "9fe78c0aa76460a3c0378bcb80647421:1607915792.033366"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=12748
content-type: application/x-javascript
content-length: 29304

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 54 KB
19 KB 116ms
114ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

sffe /

Resource Hash

e9cf43afad0cd90d17eb4e1dd9fbd5e8bd2cf07ace134853680e06dcc1ef5ef1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "725 / 595 of 1000 / last-modified: 1608034737"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18850
x-xss-protection: 0
expires: Tue, 15 Dec 2020 21:20:37 GMT

GET
H2 200 prebid.js Show response
tags.news.com.au/prod/prebid/ 327 KB
98 KB 153ms
151ms Script
application/x-javascript 95.101.184.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/prebid/prebid.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.184.236 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-184-236.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b748ce6a5a5ea9c905bca2845dab6456c5232bead14b02fca00864562e98bfda

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:37 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "079b5880b9ed74f5d265d6b9199a2e85:1601422697.718452"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=24710
content-type: application/x-javascript

GET
H2 200 nielsen.js Show response
tags.news.com.au/prod/nielsen/ 21 KB
9 KB 141ms
139ms Script
application/x-javascript 95.101.184.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.184.236 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-184-236.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ebaf330ad588600b4b748410b4f77f3cd9c4abc18e3a240156bc6ac9814cf896

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:37 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "25edec9c399349e0480c59ebca3d0a23:1607918432.510353"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=15415
content-type: application/x-javascript
content-length: 8648

GET
H2

200

v60.js Show response
cdn-gl.imrworldwide.com/
Redirect Chain

https://secure-gl.imrworldwide.com/v60.js
https://cdn-gl.imrworldwide.com/v60.js

21 KB
7 KB

11ms
10ms

Script
application/javascript

2600:9000:2182:5400:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/v60.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:5400:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 75481bc06d1b02e50fd1cc921a7838e3af6caa9b8c0745b50182ebf29f195e20

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: .KrDWJ6YcsmnfI6j8sx8eWw9CjCealBE
content-encoding: gzip
etag: "cc7339d315e5ab16597dd66d153a0e7e"
last-modified: Mon, 12 Oct 2020 13:35:53 GMT
server: AmazonS3
age: 6025
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 0406d08716a9781a5c19ff86db2debd3.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Tue, 15 Dec 2020 19:40:13 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: D_nQLBDj2imUxYU1aVloisE-3E-JKYpN8ZnPGvA2YhaY6nN8VY7QQw==

Redirect headers

date: Tue, 15 Dec 2020 21:20:37 GMT
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
server: awselb/2.0
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-type: text/html
location: https://cdn-gl.imrworldwide.com:443/v60.js
content-length: 134
x-amz-cf-id: IJHhBVabHyw7NxuWU5Lk-Cw2yVAqJDJxfbJhtHkb8Xn-dI9Ml2eMWg==

GET
H/1.1 200
OK ncg.js Show response
au.tags.newscgp.com/prod/ncg/ 155 KB
48 KB 443ms
146ms Script
text/javascript 65.9.73.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.65 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 53c25ccb7181178c52c32fdf5e58a55d730bbfe8e45db600886adfb33d88411b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Dec 2020 21:08:08 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Thu, 05 Nov 2020 07:14:18 GMT
Server: AmazonS3
Age: 749
ETag: W/"ae1b1b3c735b9c3894bc20532056e9de"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 682270ef163d219cc7a50d1af232b97f.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
Transfer-Encoding: chunked
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: 4vMSwr0uCvKans2U4qw4KrXHJJ_CjE2hh9TX37SlkCYtYXHdcxL-fQ==

GET
H2 200 utag.975.js Show response
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 3 KB
1 KB 111ms
110ms Script
application/x-javascript 23.37.61.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.975.js?utv=ut4.46.202012150059
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.61.47 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-61-47.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b764af95d9d52c77cae46fd77f6cff6380e1c56e2a72aad477cffa48417586e1

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:35 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 00:59:51 GMT
server: AkamaiNetStorage
etag: "49fd633b43b8cf51d6769f750a771264:1607993991.21714"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1285
expires: Wed, 30 Dec 2020 21:20:35 GMT

GET
H2 200 utag.985.js Show response
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 2 KB
1 KB 111ms
110ms Script
application/x-javascript 23.37.61.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.985.js?utv=ut4.46.201911200449
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.61.47 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-61-47.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d5ba954163b526260314b95b75779981e8bc6645c4b3a7bd40cede3ba2799c80

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:35 GMT
content-encoding: gzip
last-modified: Wed, 20 Nov 2019 04:49:47 GMT
server: AkamaiNetStorage
etag: "a2af0d00bb0e150c0e6e47d44b9436d7:1574225387.905732"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 900
expires: Wed, 30 Dec 2020 21:20:35 GMT

GET
H2 204 supply-feature
trc.taboola.com/newscorpau-aud-heraldsun/log/3/ 0
204 B 102ms
97ms Image
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/newscorpau-aud-heraldsun/log/3/supply-feature?route=AM:AM:V&lti=tfa_eid_ctrl&ri=affc2f77ebbeeab77fffaedfc416dccd&sd=v2_1e69526a84af4f92b61c93b8b81e97ec_4f76d468-e25a-4419-a2c7-06f5da22d33e-tuct6d2ae23_1608067235_1608067235_CIi3jgYQgPNHGLn6msLmLiABKAEwrgE47qgMQO3xK0jp2dgDUP___________wFYAGAAaOKmqpGyrZficA&ui=4f76d468-e25a-4419-a2c7-06f5da22d33e-tuct6d2ae23&pi=/&wi=873729681997272865&pt=home&vi=1608067235129&d=%7B%22event_type%22%3A%22END_OF_ARTICLE_MEASUREMENT%22%2C%22event_state%22%3A%22REPORTED%22%2C%22event_value%22%3A%22%7B%5C%22distance%5C%22%3A557%2C%5C%22articleClasses%5C%22%3A%5C%22site-content%5C%22%2C%5C%22articleTag%5C%22%3A%5C%22SECTION%5C%22%2C%5C%22threshold%5C%22%3A%5C%22261%5C%22%7D%22%7D&tim=22%3A20%3A35.900&id=903&llvl=1&cv=20201123-29-RELEASE&
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Tue, 15 Dec 2020 21:20:37 GMT
via: 1.1 varnish
server: nginx
x-timer: S1608067237.250761,VS0,VE9
x-served-by: cache-fra19163-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 ebOneTag.js Show response
secure-ds.serving-sys.com/SemiCachedScripts/ 52 KB
16 KB 316ms
102ms Script
application/javascript 104.86.50.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.86.50.246 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-86-50-246.deploy.static.akamaitechnologies.com
Software: / ARR/3.0
Resource Hash: 560ff2564fbf2bef305cf0e9533c4db2671c96297d978fd31ac0310727fe455f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:37 GMT
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 15:15:57 GMT
server
x-powered-by: ARR/3.0
etag: "84a7fce7aaabd61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=458
accept-ranges: bytes
content-length: 15848

GET
H2 200 hotjar-465845.js Show response
static.hotjar.com/c/ 4 KB
2 KB 136ms
136ms Script
application/javascript 13.226.155.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-465845.js?sv=6

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.155.27 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-155-27.dus51.r.cloudfront.net

Software

Resource Hash

d597e1ebd656c61acad302535e78fbda4fbede72285d83250961f468b380f11b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:37 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: DUS51-C1
etag: W/76d51e609d2a71c3de536c5bc9e7ee2f
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
x-cache-hit: 1
content-length: 1657
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
x-amz-cf-id: Nu9LU5FSKWKFCfowjzSqMdPdP0q6brTYglcKQG483cFIXP9d_pXsww==

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
243 B 121ms
120ms Script
application/x-javascript 23.37.61.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsltd/hwt/202012150059&cb=1608067235923
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.61.47 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-61-47.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:35 GMT
content-encoding: gzip
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 22
expires: Tue, 15 Dec 2020 21:30:35 GMT

GET
H2 200 _error
uconnect.tealiumiq.com/ulog/ 43 B
454 B 311ms
91ms Image
image/gif 35.158.80.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uconnect.tealiumiq.com/ulog/_error?utid=newsltd/hwt/202012150059&e0=ge%3A%3A4%3A%3A%2F%2Ftags.tiqcdn.com%2Futag%2Fnewsltd%2Fhwt%2Fprod%2Futag.js%3A%3A_gaq%20is%20not%20defined
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.80.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:37 GMT
x-serverid: uconnect_i-02f6bc20396f942cf
vary: Origin
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc: _error::4:uconnect
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
x-region: eu-central-1
x-error: _error is not supported
content-type: image/gif
x-ulver: 9203f2347e52e2662c437616eeeb3b7cdcf3da14-SNAPSHOT
content-length: 43
x-uuid: 65eece9d-c88f-4ea8-965e-0f57f6a9d9a4
expires: Tue, 15 Dec 2020 21:20:37 GMT

POST
H2 204 bulk Show response
trc.taboola.com/newscorpau-aud-heraldsun/log/3/ 0
245 B 97ms
97ms XHR
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/newscorpau-aud-heraldsun/log/3/bulk?route=AM%3AAM%3AV&lti=tfa_eid_ctrl&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20201123-29-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Tue, 15 Dec 2020 21:20:36 GMT
via: 1.1 varnish
server: nginx
x-timer: S1608067237.741270,VS0,VE9
x-served-by: cache-fra19163-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.heraldsun.com.au
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 173ms
172ms Image
image/gif 3.232.164.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2F&u=ao33eBjGGyJD5zTuI&d=heraldsun.com.au&g=36976&g0=home%2Chomepage%2Cno_video&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=9359&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=6591&t=D_Rue8BJLksLCS5isdBBxj9zDsd8gm&V=121&i=Herald%20Sun%20%7C%20Breaking%20News%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&tz=-60&_acct=anon&sn=1&sv=Ing_WDfikrWD5-tZEYeSzvwMee5&sd=1&im=06030402&_
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.232.164.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-232-164-179.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:37 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20201203/r20110914/elements/html/ 6 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201203/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=217172644439.39023?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa3748e2366d5ba5f4a7b6c8154809725b6bfb7843743837384c70f060b33503

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:03:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4636
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 2649
x-xss-protection: 0
server: cafe
etag: 804181672847865866
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Dec 2020 20:03:21 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ 0
674 B 243ms
87ms Other
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssKps7vs3oXorkKC6A_-WBCH3ZVLUq5qcilz-oHo-eW7p1kvcLkrkyerTllxiu-yJ2rEfiG4fxDipdHSFVJAXsE_sxgqUzfrkvSOOJXQXSPnuVjrH9E7D9WUgE6NZpOqwnO&sig=Cg0ArKJSzAbYvyO3-qEeEAE&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20201203.89044&adurl=

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=217172644439.39023?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 15 Dec 2020 21:20:37 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK iasPET.1.js Show response
cdn.adsafeprotected.com/ 22 KB
7 KB 261ms
76ms Script
application/javascript 13.225.80.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adsafeprotected.com/iasPET.1.js
Requested by: Host: tags.news.com.au
URL: https://tags.news.com.au/prod/tad/tad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.80.36 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 54138d578ed166d5381db70b3dd14a16830233553b6e4213402bae2fdb0564b4

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 12 Dec 2020 13:25:32 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 08 Jul 2020 20:34:30 GMT
Server: AmazonS3
Age: 287705
ETag: W/"a8663f72a1dbe614b19f167a59af368d"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
Cache-Control: max-age=604800
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA2-C2
X-Amz-Cf-Id: ollbvPTZtolubs59Q7HfM4itkQpwUKLIhqicHK6NkwGBrFSpk3imZw==

GET
H3-Q050 200 pubads_impl_2020120801.js Show response
securepubads.g.doubleclick.net/gpt/ 274 KB
97 KB 104ms
104ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

sffe /

Resource Hash

5f02981bfcab6807a15ddfea1babc7cee05cd0f1f59abe712928de44fb6c1f0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Dec 2020 09:42:29 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98829
x-xss-protection: 0
expires: Tue, 15 Dec 2020 21:20:37 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 5 KB
2 KB 324ms
110ms XHR
application/json 52.212.154.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1608067237258

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.212.154.51 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-154-51.eu-west-1.compute.amazonaws.com

Software

Resource Hash

74b106bec8554071adaa52883f42f98b13eae0abeedb2154c8e198c70ba3cc3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v086-06faaa0ed.edge-irl1.demdex.com 5.80.1.20201111130852 2ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: HQzmFtSISdI=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.heraldsun.com.au
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1540
Expires: Thu, 01 Jan 1970 00:00:00 GMT

OPTIONS
H2 204 campaigns
resourcesssl.newscdn.com.au/indies/ Frame 0
0 493ms
493ms Other
text/html 23.210.249.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22homepage%22,site:%22heraldsun.com.au%22,section:%22/home%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Protocol: H2
Server: 23.210.249.82 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-82.deploy.static.akamaitechnologies.com
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.heraldsun.com.au
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
content-type: text/html
function-execution-id: hfsh8vjlckgb
server: Google Frontend
x-cloud-trace-context: 5c58c5d4a06d688b49c1a28c2f567b1b
x-country-code: DE
x-orig-accept-language: en-US
x-powered-by: Express
accept-ranges: bytes
x-served-by: cache-dca17737-DCA
x-cache-hits: 0
x-timer: S1608067237.403517,VS0,VE305
cache-control: private, max-age=604800
expires: Tue, 22 Dec 2020 21:20:37 GMT
date: Tue, 15 Dec 2020 21:20:37 GMT
x-i: true

GET
H2 200 campaigns Show response
resourcesssl.newscdn.com.au/indies/ 3 KB
1 KB 96ms
96ms XHR
application/json 23.210.249.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22homepage%22,site:%22heraldsun.com.au%22,section:%22/home%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Requested by: Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.82 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-82.deploy.static.akamaitechnologies.com
Software: Google Frontend / Express
Resource Hash: 338ad442ce49a764c366579658c0abb342c8192513168eb0aab49ffd111b4b43

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 15 Dec 2020 21:20:37 GMT
content-encoding: gzip
etag: W/"abd-v6vZDUIiNtwyMRVGdlumjzOe9BE"
x-powered-by: Express
x-cache-hits: 0
content-length: 867
x-served-by: cache-dca17736-DCA
server: Google Frontend
x-timer: S1608016882.299143,VS0,VE263
x-i: true
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 1a2172ba98010047e116476524053dbf
cache-control: private, max-age=554388
function-execution-id: 8eods2lvhitf
accept-ranges: bytes
x-orig-accept-language: de,en-US;q=0.7,en;q=0.3
x-country-code: DE
expires: Tue, 22 Dec 2020 07:20:25 GMT

GET
H2 200 ggcmb510.js Show response
seccdn-gl.imrworldwide.com/novms/js/2/ 12 KB
5 KB 123ms
15ms Script
application/javascript 2600:9000:2104:8c00:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://seccdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Requested by: Host: tags.news.com.au
URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:8c00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: CeKWdfuThsyzKr0NmnwAM5a0VYitilJV
content-encoding: gzip
etag: "afa0d379b1e6e0a61fad577d0043ff26"
last-modified: Tue, 17 Nov 2020 14:36:24 GMT
server: AmazonS3
age: 1899
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e328b143eb69c36369a2def78300d502.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Tue, 15 Dec 2020 20:48:59 GMT
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: P_o8ixG_C6dX_QzUPg4yDl1vBzHjuPsvdZamjzGItrj5uImybMZutg==

GET
H2 200 storageframe.html
secure-gl.imrworldwide.com/ Frame 3CC5 0
0 173ms
161ms Document
text/html 2600:9000:2156:c600:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-gl.imrworldwide.com/storageframe.html
Requested by: Host: secure-gl.imrworldwide.com
URL: https://secure-gl.imrworldwide.com/v60.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c600:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: secure-gl.imrworldwide.com
:scheme: https
:path: /storageframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

content-type: text/html
vary: Accept-Encoding
date: Tue, 15 Dec 2020 21:20:37 GMT
server: nginx
last-modified: Tue, 08 Dec 2020 21:31:18 GMT
etag: W/"5fcff0a6-2b27"
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: vXGBqD1OBuZXG-ej12D0mUpm-FFsH02MlitMAT4p0ATrcuAFkwNeGA==

GET
H3-Q050 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 21 KB
9 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eccd35a63a7b80bbfd3a64bb7be75b327bf9292b7c603c8d31c0247962223819

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:29:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3095
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 8761
x-xss-protection: 0
server: cafe
etag: 16638491572200565323
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 15 Dec 2020 21:29:02 GMT

GET
H2 200 modules.f2a0c48472fc3a6a1664.js Show response
script.hotjar.com/ 222 KB
59 KB 107ms
106ms Script
application/javascript 13.226.155.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.f2a0c48472fc3a6a1664.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-465845.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.155.71 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-155-71.dus51.r.cloudfront.net

Software

Resource Hash

3422a566d3586aa83e09fd661635fe9ebcf90f0f4824fdf3d42d6698662cbfcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 12:37:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31411
x-cache: Hit from cloudfront
content-length: 59564
access-control-allow-origin: *
last-modified: Tue, 15 Dec 2020 12:34:17 GMT
etag: "5a8a077d3cc3e6ab1290703959e9ca39"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 1uM37PJ7XMsJLPwBCDi6K3_cMEnMjsfqbLo6XCgrXqvaZUZtCGxSxg==

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 5366 0
0 86ms
85ms Document
text/html 65.9.73.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-465845.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.103 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

content-type: text/html
content-length: 851
date: Wed, 04 Nov 2020 19:00:32 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified: Wed, 04 Nov 2020 16:31:53 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: oBIpAOFpElxWwxbi5LtqDt-APTKe92D7zkhqll2hIjH5QnHm6o4sNQ==
age: 3550805

GET
H2

200

m
secure-gl.imrworldwide.com/cgi-bin/
Redirect Chain

https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1608067237575&ci=newscorp&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&sr=1600x1200&id=lstr...
https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1608067237575&ci=newscorp&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&sr=1600x1200&id=lstr...

44 B
491 B

188ms
187ms

Image
image/gif

2600:9000:2156:c600:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1608067237575&ci=newscorp&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&sr=1600x1200&id=lstrg-65d737e65ce8ad676aa49dfb6683b60d&tz=1&ja=1
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c600:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:37 GMT
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA50-C1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 44
x-amz-cf-id: 0WGZ6iWfYdQyXufkwnbgr-VtlWqj4dd1os46507YPAlIS7MhZ_E2yw==
expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:37 GMT
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA50-C1
location: https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1608067237575&ci=newscorp&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&sr=1600x1200&id=lstrg-65d737e65ce8ad676aa49dfb6683b60d&tz=1&ja=1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: 3GMSiKGepqog80vs6-OsSk_oHf_JDS8IyubAKgrQeTdgtw9-2ew2rA==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK Cookie set dest5.html
newscorpau.demdex.net/ Frame D829 0
0 403ms
100ms Document
text/html 52.212.154.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://newscorpau.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.212.154.51 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-154-51.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: newscorpau.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.heraldsun.com.au/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=50096280279805635112254100952025242537
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Thu, 19 Nov 2020 14:52:10 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=50096280279805635112254100952025242537;Path=/;Domain=.demdex.net;Expires=Sun, 13-Jun-2021 21:20:37 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: xHTrPd8TTDc=
Content-Length: 2785
Connection: keep-alive

GET
H2 200 id Show response
metrics.heraldsun.com.au/ 48 B
515 B 319ms
94ms XHR
application/x-javascript 35.181.18.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.heraldsun.com.au/id?d_visid_ver=5.1.1&d_fieldgroup=A&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&mid=50117448460001661892251977504794790579&ts=1608067237596

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.181.18.61 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-181-18-61.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

d28df234c3130a0193a3829b04ba67cc51e31b8c140ae001da1424a213cce163

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 15 Dec 2020 21:20:37 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-f7bfdfcfd-h2pfg
vary: Origin
x-c: master-1404.I1e61f9.M0-468
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.heraldsun.com.au
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=X9kopQAAAH2JGx__
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=50096280279805635112254100952025242537
https://dpm.demdex.net/ibs:dpid=411&dpuuid=X9kopQAAAH2JGx__

42 B
915 B

102ms
102ms

Image
image/gif

52.212.154.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=X9kopQAAAH2JGx__

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.212.154.51 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-154-51.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v086-03384a965.edge-irl1.demdex.com 5.80.1.20201111130852 1ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: j3ccqj35TIA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=X9kopQAAAH2JGx__
Date: Tue, 15 Dec 2020 21:20:37 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 648 B
886 B 311ms
113ms XHR
application/json 52.215.225.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=10507&slot=%7Bid:ad-block-728x90-1,ss:%5B728.90,970.250,970.50,1000.100%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x250-1,ss:%5B300.250,300.600%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x250-2,ss:%5B300.250%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-1000x50-1,ss:%5B1000.50,728.1%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-728x90-2,ss:%5B728.90,1000.150%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-out-of-page,ss:%5B1.1%5D,p:/5129/ndm.hwt/home,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=24cf6cf4-8533-2582-203f-67f1fa8e1ec5&url=https%253A%252F%252Fwww.heraldsun.com.au%252F
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.225.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c67a13c0499ae7c614c66c292f61c1e281912de73957ce1fad9c01f8cbf3ea0c

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:37 GMT
x-server-name: app05.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.heraldsun.com.au
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H2 200 6630 Show response
secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/ 15 KB
1 KB 298ms
103ms XHR
application/octet-stream 104.86.50.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/6630
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.86.50.246 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-86-50-246.deploy.static.akamaitechnologies.com
Software: ATS/7.1.0 /
Resource Hash: befd4d99b6cb8649f107a5cd1fec1055d228bdc1c001493676bb87249e9b1040

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: s9D81rRzINXxbJe2GpsceLRJAdvlBAld
content-encoding: gzip
last-modified: Mon, 30 Nov 2020 08:14:17 GMT
server: ATS/7.1.0
x-amz-request-id: 40A78128103CD641
etag: "622b99881112d32ffad4119cdad72daf"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=545
date: Tue, 15 Dec 2020 21:20:37 GMT
x-amz-replication-status: PENDING
accept-ranges: bytes
content-length: 1050
x-amz-id-2: m35lAotknRLWPSKRnWU02uDdpLtHjohKr4h2MhxDEv7DAS8i8wOR0Iv/OdYJgEos9fEXCwxpDvc=

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/465845/ 178 B
320 B 105ms
102ms XHR
application/json 52.18.163.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/465845/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.f2a0c48472fc3a6a1664.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.163.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-163-167.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 15 Dec 2020 21:20:37 GMT
content-encoding: br
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json

GET
H2 200 gdpr_user_check.esi Show response
tags.news.com.au/prod/data-esi/top/ 61 B
359 B 984ms
809ms XHR
text/plain 95.101.184.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi?
Requested by: Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.184.236 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-184-236.deploy.static.akamaitechnologies.com
Software: AkamaiGHost /
Resource Hash: 12a174500222f25e802175d5cf739d6ed5aeb7ad9812cbfe18b97992d6692a89

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:38 GMT
server: AkamaiGHost
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
etag: "f1d1adc077c1f1f826a151ee3db530bc:1600839199.327003"
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=0, no-cache
content-length: 61
mime-version: 1.0
expires: Tue, 15 Dec 2020 21:20:38 GMT

GET
H2 200 glcfg510.js Show response
cdn-gl.imrworldwide.com/novms/js/2/configs/ 2 KB
1 KB 9ms
9ms Script
application/javascript 2600:9000:2182:5400:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/configs/glcfg510.js
Requested by: Host: seccdn-gl.imrworldwide.com
URL: https://seccdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:5400:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: a9yv6FoqUOJEHV8JhhsvdvrSixeG3nZZ
content-encoding: gzip
etag: "931051f801612c3a0e2782961ac3d56c"
last-modified: Tue, 17 Nov 2020 14:36:24 GMT
server: AmazonS3
age: 2819
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 0406d08716a9781a5c19ff86db2debd3.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Tue, 15 Dec 2020 20:33:39 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: MiJgxucj_eMKpbJjVY4H2tBx9-cSAZhF076t1eAvvbpd1XNEWl-1Ow==

GET
H2 200 PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js Show response
cdn-gl.imrworldwide.com/conf/ 32 KB
7 KB 19ms
18ms Script
application/javascript 2600:9000:2182:5400:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Requested by: Host: secure-gl.imrworldwide.com
URL: https://secure-gl.imrworldwide.com/v60.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:5400:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cef718a0e010f9a07acbb967c0bf49ff1cb115a08eacd40e5bffcaab5ebb729c

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: Kj7_unSqPUpvxwNm3Fae6KN3klZ7QYmy
content-encoding: gzip
etag: "095093dda9d40b392141a14682cc9fd6"
last-modified: Tue, 15 Dec 2020 09:18:05 GMT
server: AmazonS3
age: 1545
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 0406d08716a9781a5c19ff86db2debd3.cloudfront.net (CloudFront)
cache-control: max-age=86400,s-maxage=86400
date: Tue, 15 Dec 2020 20:54:53 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: P9UYji6fRSWHH7x6eQOvlhDoWjz_JaZH9hE05_7NnXbsHFed8vPUSA==

GET
H2 200 nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 173 KB
50 KB 11ms
10ms Script
application/javascript 2600:9000:2182:5400:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:5400:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 43ec631c14060e4d10a7fc3b6b96296f20e718d65fb51558370d41eda08a3ddc

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 8pyu2AVizz7qLhkNLlydOCakgrumnPjD
content-encoding: gzip
etag: W/"2a3ec0074402cc8fa654f381bebd2e04"
last-modified: Tue, 17 Nov 2020 14:36:24 GMT
server: AmazonS3
age: 1380
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 0406d08716a9781a5c19ff86db2debd3.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Tue, 15 Dec 2020 20:57:37 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: UEAzxJ8CpMynY54rdO8oQiK6WmCxx4s_FVysUFA2xx3J9idjJ7PeZQ==

GET
H2 200 ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 8B32 0
0 10ms
10ms Document
text/html 2600:9000:2182:5400:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:5400:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: cdn-gl.imrworldwide.com
:scheme: https
:path: /novms/html/ls.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSCVER=v1; IMRID=60419630-3f1b-11eb-830e-f128ab6ebd17
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

content-type: text/html
last-modified: Tue, 17 Nov 2020 14:36:23 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: fXiAi9JTI1XHMxGqL.0MvkCakB1rMXT9
server: AmazonS3
content-encoding: gzip
date: Tue, 15 Dec 2020 20:27:47 GMT
etag: "7fa83dfc7b78314b137e2eb13834daa7"
cache-control: max-age=86400
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0406d08716a9781a5c19ff86db2debd3.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: ijEH37dcRZzMLHKmtE_zg8x4evCcrwu00PKzWESKzQpThCbMoYzXDA==
age: 3171

GET
H2 200 style.css
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/banner-update-indie/assets/ 969 B
736 B 202ms
201ms Stylesheet
text/css 23.210.249.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/banner-update-indie/assets/style.css

Requested by

Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.210.249.82 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-249-82.deploy.static.akamaitechnologies.com

Software

Resource Hash

5b6656e316c03a551cbdeb95f1aed0acdffeb7b3ce743144573475dd3b8133fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: "617866c501ae2baecee3c33975ca8125d4935302e86a88dedf91278f1aec543e"
last-modified: Wed, 09 Dec 2020 05:03:11 GMT
x-timer: S1607490886.842857,VS0,VE1
x-i: true
x-served-by: cache-dca17775-DCA
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=813
date: Tue, 15 Dec 2020 21:20:38 GMT
x-cache-hits: 1
accept-ranges: bytes
content-length: 406
expires: Tue, 15 Dec 2020 21:34:11 GMT

GET
H2 200 main.js Show response
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/banner-update-indie/assets/ 3 KB
2 KB 210ms
209ms Script
text/javascript 23.210.249.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/banner-update-indie/assets/main.js

Requested by

Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.210.249.82 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-249-82.deploy.static.akamaitechnologies.com

Software

Resource Hash

386895aeac76b1c5ff9b99ceaf1129828535748e9dd0ff241e8f595ca13b6afb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: "799b8c406ecbbc260dc9ac71c011202326bd9a557b155ba1707af12579eded3c"
last-modified: Wed, 09 Dec 2020 05:03:11 GMT
x-timer: S1607490886.837677,VS0,VE1
x-i: true
x-served-by: cache-dca17765-DCA
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=852
date: Tue, 15 Dec 2020 21:20:38 GMT
x-cache-hits: 1
accept-ranges: bytes
content-length: 1276
expires: Tue, 15 Dec 2020 21:34:50 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 5 KB
2 KB 189ms
101ms XHR
application/json 52.212.154.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=50117448460001661892251977504794790579&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=newsnkidcookie%010dc6f49ce25a146c488ef0b7eb25e0f0%011&ts=1608067237919

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.212.154.51 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-154-51.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e40a530937915910eda0bf03ac9db7e3f49784866e9a8c26b9975b666404387e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v086-0a3399d34.edge-irl1.demdex.com 5.80.1.20201111130852 3ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: e7YKITD7SYk=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.heraldsun.com.au
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1541
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.pl/adsid/ 109 B
169 B 15ms
14ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=www.heraldsun.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Dec 2020 21:20:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
169 B 17ms
16ms Script
application/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.heraldsun.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Dec 2020 21:20:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 122 KB
14 KB 142ms
141ms XHR
text/plain 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3242496275534416&correlator=1948531950438053&output=ldjh&impl=fifs&hxva=1&scor=1946624260005601&eid=21068529%2C21068773&vrg=2020120801&co=1&npa=1&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201215&iu_parts=5129%2Cndm.hwt%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%7C970x50%7C1000x100%2C300x250%7C300x600%2C300x250%2C1000x50%7C728x1%2C728x90%7C1000x150%2C1x1&ists=1&prev_scp=pos%3D1%26id%3D6068a65f-3f1b-11eb-8c05-02bf2b86cc68%7Cpos%3D1%26id%3D6068a660-3f1b-11eb-8c05-02bf2b86cc68%26vw%3D40%2C50%2C60%2C70%26vw05%3D40%26grm%3D40%2C50%2C60%26pub%3D40%7Cpos%3D2%26id%3D6068a661-3f1b-11eb-8c05-02bf2b86cc68%7Cpos%3D1%26id%3D6068a662-3f1b-11eb-8c05-02bf2b86cc68%7Cpos%3D2%26id%3D6068a663-3f1b-11eb-8c05-02bf2b86cc68%7Cpos%3D1%26id%3D6068a664-3f1b-11eb-8c05-02bf2b86cc68&eri=1&cust_params=us%3Db%26s%3D0%26co%3D1%26kw%3D%26nk%3D0dc6f49ce25a146c488ef0b7eb25e0f0%26sec1%3Dhome%26ksgmnt%3D%26siteview%3D1%26pagetype%3Dhomepage%26pid%3Dnone%26adl%3Dfalse%26pvid%3D0dc6f49ce25a146c488ef0b7eb25e0f0-00000000000000000000000000000000-1608067237098-485924%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3D&bc=31&abxe=1&lmt=1608067237&dt=1608067237962&dlt=1608067234552&idt=2838&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C1123%2C1124%2C176%2C176%2C0&adys=28%2C467%2C7677%2C8717%2C2564%2C9359&adks=1616217045%2C2956706420%2C1415436295%2C1982096792%2C3785065344%2C3544675803&ucis=1%7C2%7C3%7C4%7C5%7C6&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x134%7C300x0%7C300x0%7C1248x0%7C1248x0%7C1600x9359&msz=728x133%7C300x276%7C1600x276%7C1000x50%7C728x90%7C1x1&ga_vid=146904346.1608067238&ga_sid=1608067238&ga_hid=809400353&fws=640%2C640%2C128%2C128%2C128%2C128&ohw=0%2C0%2C0%2C0%2C0%2C0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

b68a2637743b659ee6d04965584400700ed916101df89640b3d0eee12de19013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14134
x-xss-protection: 0
google-lineitem-id: 4682990628,4682990628,4682990628,4682990628,4682990628,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138234025560,138234025557,138234092456,138234082178,138234025551,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.heraldsun.com.au
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
c6fd3997f31eb85b60cae11bd13a084f.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 51ms
13ms Other
text/html 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c6fd3997f31eb85b60cae11bd13a084f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200 Serving Show response
bs.serving-sys.com/ 10 KB
3 KB 370ms
91ms Script
text/html 80.252.91.53
EQUINIX-CONNECT-EMEA

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?cn=ot&onetagid=6630&dispType=js&sync=0&sessionid=1073158155247408752&pageurl=$$https%3A%2F%2Fwww.heraldsun.com.au%2F$$&activityValues=$$Session%3D3987259010972144033$$&ns=0&rnd=06943262841289433
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 80.252.91.53 , Netherlands, ASN15830 (EQUINIX-CONNECT-EMEA, GB),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: f1fa80b61bdb9a26b58efaa1f7f141c8b77a201a06ead0535ba06fd683f757f8

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Dec 2020 21:21:01 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
P3P: CP="NOI DEVa OUR BUS UNI"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
Content-Type: text/html; charset=UTF-8
Content-Length: 2386
Expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 s5731868217116
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.0/ 43 B
463 B 98ms
98ms Image
image/gif 35.181.18.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/1/JS-2.22.0/s5731868217116?AQB=1&ndh=1&pf=1&t=15%2F11%2F2020%2022%3A20%3A38%202%20-60&cid.&newsnkidcookie.&id=0dc6f49ce25a146c488ef0b7eb25e0f0&as=1&.newsnkidcookie&.cid&vid=0dc6f49ce25a146c488ef0b7eb25e0f0&mid=50117448460001661892251977504794790579&aamlh=6&ce=UTF-8&ns=newscorpau&cdp=3&pageName=hs%7Chome%7Chomepage%7Chomepage&g=https%3A%2F%2Fwww.heraldsun.com.au%2F&cc=AUD&ch=D%3Dv4&events=event1%2Cevent8%2Cevent17%3D7%2Cevent18%2Cevent63%3D68&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=D%3Dv1&v1=news%20corp%20au&h1=news%20corp%20au%7Cherald%20sun%7Cherald%20sun%20web%7Chome&l1=hybrid%3A1%7Chybrid-leader-billboard%3A1%7Chalfpage%3A1%7Chybrid%3A2%7Chybrid-leader-portal%3A1%7Cmrec%3A1%7Croadblock-px%3A1&c2=D%3Dv2&v2=herald%20sun&c3=D%3Dv3&v3=herald%20sun%20web&c4=D%3Dv4&v4=home&c9=D%3Dv9&v9=homepage&c10=D%3Dg&v10=D%3DpageName&c11=D%3Dv11&v11=D%3Dvid&c12=D%3Dv12&v12=not%20set&c14=D%3Dv14&v14=anonymous&c22=D%3Dv22&v22=8%3A20%20AM%7CWednesday&c24=D%3Dv24&v24=New&c30=First%20Visit&v34=D%3Dg&c45=landscape&c46=D%3Dv46&v46=not%20logged%20in&v52=1600x1200%7Cmac%20os%20x%7C10_14_5&c60=D%3Dv60&v60=68&c65=D%3Dv65&v65=false&c75=D%3Dv80&v76=no%20plugins&v77=D%3Dmid&v78=pl%7Cunknown%7Cwarsaw%7C52.25%7C21.00%7Cgmt%2B1%7Cunknown&v79=pl&v80=0dc6f49ce25a146c488ef0b7eb25e0f0-00000000000000000000000000000000-1608067237098-485924&v111=0&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&AQE=1

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.181.18.61 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-181-18-61.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:38 GMT
x-content-type-options: nosniff
x-c: master-1404.I1e61f9.M0-468
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 16 Dec 2020 21:20:38 GMT
server: jag
xserver: anedge-f7bfdfcfd-9kq8w
etag: 3453298098574819328-4621619762541436182
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Mon, 14 Dec 2020 21:20:38 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame FA95 0
0 98ms
97ms Fetch
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupDj4wWiD2kXKO7infa6JPAlW_XZhFMcii_Aauyhh5kJB726e9_qXM0T25sVLc9IBfylIeZwo2o5Q-GGyT2VUJqHRvlOssWF9qG4dpmg-VrBwNvAh07h-YlsSGWNJDBiKmkEnfGM0IuMY0JEEd5H6NAZxoDMlNT8cW6gOZTpBUokol9uwDl47-37SjAxTMxOSaW4iZmJRHET24m4eTYyDsY2yqfTSlQpL6oZfqG0fL3gvnfV3uYbQ5ORwp6xk-6nmF240sf8g9&sig=Cg0ArKJSzNA7ZLkbhia-EAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=0dc6f49ce25a146c488ef0b7eb25e0f0-1608067232

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Dec 2020 21:20:38 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/ Frame FA95 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

631c6a3617e2f5860eaa62155f5200b6ca156c00438445f9862089ef785e4542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 16:44:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16579
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7483
x-xss-protection: 0
server: cafe
etag: 7789600959769866771
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Dec 2020 16:44:19 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame FA95 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 17:50:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12628
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Dec 2020 17:50:10 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame FA95 76 KB
29 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07a3eb8be1687dc1ee377d85bffd51891d0fd539258b63ab4031b012bd77f5fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607690616793149"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29432
x-xss-protection: 0
expires: Tue, 15 Dec 2020 21:20:38 GMT

GET
H3-Q050 200 7114969398400660195
tpc.googlesyndication.com/simgad/ Frame FA95 68 B
180 B 7ms
7ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7114969398400660195

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 00:59:57 GMT
x-content-type-options: nosniff
age: 73241
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 23 May 2018 07:39:36 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Dec 2021 00:59:57 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 80FD 0
0 96ms
96ms Fetch
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssqZldxNJreri5OClG2Q_tpOH-twKBRaehpwHHR_h-0WMz61oAf4p3aoqMq0Zfq985nKlrt5lKNzPXud4lBU3Yk-DBy4xByOdirEvKKIwCke4B_pzJqllEs0nrgRzM9JRWVKpmpfGnmto2WoucOvsFBhwmQLQDvdQHNdtqqRT8UgRWG_PDyb9c1GYCGvg_y107knxVnql4lcrDQCwTBg5OnX0Jl2qarKfQEBeNTZ5CB4nXw28FKB0o3XavBaGWhGYtrE2-rveW5&sig=Cg0ArKJSzCpV-B_G9UZcEAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=0dc6f49ce25a146c488ef0b7eb25e0f0-1608067232

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Dec 2020 21:20:38 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/ Frame 80FD 18 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

631c6a3617e2f5860eaa62155f5200b6ca156c00438445f9862089ef785e4542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 16:44:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16579
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7483
x-xss-protection: 0
server: cafe
etag: 7789600959769866771
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Dec 2020 16:44:19 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame 80FD 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 17:50:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12628
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Dec 2020 17:50:10 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 80FD 76 KB
29 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07a3eb8be1687dc1ee377d85bffd51891d0fd539258b63ab4031b012bd77f5fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607690616793149"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29432
x-xss-protection: 0
expires: Tue, 15 Dec 2020 21:20:38 GMT

GET
H3-Q050 200 13756812283639570429
tpc.googlesyndication.com/simgad/ Frame 80FD 68 B
168 B 9ms
7ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13756812283639570429

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 02:48:56 GMT
x-content-type-options: nosniff
age: 66702
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 23 May 2018 07:40:06 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Dec 2021 02:48:56 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1c9310eb6a56101c2133db372cfbe9cefb5ff6b90a02ded916984c975b813b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607690616793149"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28334
x-xss-protection: 0
expires: Tue, 15 Dec 2020 21:20:38 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame E98C 0
0 95ms
94ms Fetch
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUHBZnq6ksvfok2c5X6biCNwNKTB0EeISVWkmo4qX_u_rBjUxWeKurYuJ9lJUKOneT1Fy3ze4FP9ojwd9GYoahLX1GK0ubOBeKaOKsI2Vg7hUBOMfq8FJJjPqCF-FApvkXlCC-iCfzhtupbrXLAC945Tm6UORR0ac4JXwTM2cjaxv5AISrCYgLR-KiGcIpYMjpM8Q66MWBRMmZdo7EHPskdDhZpfRBPH_ZWoEQa1mSr3H8Sq8DdqPFNWU3I5SSw_2H-r0fCp8w&sig=Cg0ArKJSzMfMxBrwQR1eEAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=0dc6f49ce25a146c488ef0b7eb25e0f0-1608067232

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Dec 2020 21:20:38 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 13756812283639570429
tpc.googlesyndication.com/simgad/ Frame E98C 68 B
95 B 9ms
7ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13756812283639570429

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 02:48:56 GMT
x-content-type-options: nosniff
age: 66702
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 23 May 2018 07:40:06 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Dec 2021 02:48:56 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/ Frame E98C 18 KB
7 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

631c6a3617e2f5860eaa62155f5200b6ca156c00438445f9862089ef785e4542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 16:44:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16579
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7483
x-xss-protection: 0
server: cafe
etag: 7789600959769866771
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Dec 2020 16:44:19 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame E98C 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 17:50:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12628
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Dec 2020 17:50:10 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame E98C 76 KB
29 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07a3eb8be1687dc1ee377d85bffd51891d0fd539258b63ab4031b012bd77f5fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607690616793149"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29432
x-xss-protection: 0
expires: Tue, 15 Dec 2020 21:20:38 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2D84 0
0 94ms
93ms Fetch
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstPcN8JCZrBDjHDhIWQ0AYyH_YxM8mYlvIJd17uczYw4CQDQa2LZqkrChilBbrXwFgl6A3ww3N0Hu6UgjSA44leiyQz7gcSnUAc6sBMdid_PVwMNgVqi2Rflxvrb4mOWltpG67Yk9TP7pqRyQqZOpFLpYQK4fo6mj-DIvBQS3QNdS0xPIvP0VLm64ogyvCvdfCQURFqNEuPqvxj15NzV9E0yMAfLHyX2BiZUrgibVNA_keRg335SRsjbTPUIDtkfiVXNnq4kJq_&sig=Cg0ArKJSzMVLu8kPWJR1EAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=0dc6f49ce25a146c488ef0b7eb25e0f0-1608067232

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Dec 2020 21:20:38 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/ Frame 2D84 18 KB
7 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

631c6a3617e2f5860eaa62155f5200b6ca156c00438445f9862089ef785e4542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 16:44:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16579
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7483
x-xss-protection: 0
server: cafe
etag: 7789600959769866771
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Dec 2020 16:44:19 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame 2D84 3 KB
1 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 17:50:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12628
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Dec 2020 17:50:10 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2D84 76 KB
29 KB 20ms
17ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07a3eb8be1687dc1ee377d85bffd51891d0fd539258b63ab4031b012bd77f5fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607690616793149"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29432
x-xss-protection: 0
expires: Tue, 15 Dec 2020 21:20:38 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2D84 0
0 24ms
12ms Image
text/html 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQxSbj8tFDHLn48OK6e8kbWD5rgjOcna5K9S4eIibLVs6eJbTFFoIexpPKKyMLqXkrMZKcB
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 13503232906761715217
tpc.googlesyndication.com/simgad/ Frame 2D84 3 KB
3 KB 16ms
8ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13503232906761715217

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a87453753b5611e7806718ec99a837dc8068d9eb20b4b6b3bb0d38ee2bd84d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 16:07:34 GMT
x-content-type-options: nosniff
age: 364384
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3270
x-xss-protection: 0
last-modified: Wed, 23 May 2018 04:43:28 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Dec 2021 16:07:34 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 87AF 0
0 98ms
91ms Fetch
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuEK3NmiSUh4vPXTtpm-sfn2H4pUVkpPNLnAw212FFbvGu63AUEIk-kfi5Z4k0FLQSGkCmx3_wtvX4J-Oa1vxmWFQtPorWyf-Xi69ocLXxFJy54XYQ1TJaSXkVZhhJqzLMZ1yRKHfAsXKomR_rNPgJYUWTxgm-bed3MHk1XxMaf7kvjk8R2eL6mHVS-KOT6ttZoVnIRfJG6QQ26Fpl7uTzcLl71PYjkkz4ySeH0vCBaFqoDoqGXloMHHUPl-8AKTvZn_TNQ6oN6&sig=Cg0ArKJSzHkdlc7S5GpPEAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=0dc6f49ce25a146c488ef0b7eb25e0f0-1608067232

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Dec 2020 21:20:38 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 7114969398400660195
tpc.googlesyndication.com/simgad/ Frame 87AF 68 B
147 B 13ms
6ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7114969398400660195

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 00:59:57 GMT
x-content-type-options: nosniff
age: 73241
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 23 May 2018 07:39:36 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Dec 2021 00:59:57 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/ Frame 87AF 18 KB
7 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

631c6a3617e2f5860eaa62155f5200b6ca156c00438445f9862089ef785e4542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 16:44:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16579
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7483
x-xss-protection: 0
server: cafe
etag: 7789600959769866771
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Dec 2020 16:44:19 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame 87AF 3 KB
1 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 17:50:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12628
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Dec 2020 17:50:10 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 87AF 76 KB
29 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07a3eb8be1687dc1ee377d85bffd51891d0fd539258b63ab4031b012bd77f5fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607690616793149"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29432
x-xss-protection: 0
expires: Tue, 15 Dec 2020 21:20:38 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 87AF 0
0 22ms
13ms Image
text/html 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRpYwqYybi0yYkNGZhRveszbkQhHOcYzAQ785uOpMKdEUrw5Uh62A0wqY3o7o-ltIkLQ5DK
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame FA95 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 96d51e92e35beac4aa4bdca197244259a8a54b6f9a0eb5b3ccdaae6581e02150

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 95F1 46 KB
13 KB 333ms
144ms Script
application/javascript 52.215.225.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025560&pubOrder=305536031&cb=1914752484&custom=homepage&custom3=168400391&adsafe_par&impId=6068a65f-3f1b-11eb-8c05-02bf2b86cc68
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.225.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 954fe4f813483cd1833340c794820cb6aaec7e4fbf0ca2e37518e4564d3156a7

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:38 GMT
content-encoding: gzip
x-server-name: app37.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame FA95 0
22 B 94ms
93ms Image
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssm2FX8mwOer7FrayQv7mhklyOZ9-qY4gRB8WyVGFRyZ1R39VnpSlv-KucHWl1kyuWqIFvAyK9hMYsaJDmwF8rYChsg2soci4mlrAB5g1v-EIYhRxX1HRB97-IYkP6qDgvP8p7vrI_lmiqKPo_gw2Kqe5bhPuyMzyFcH0kLWx13mI4V69CRSpTpOBiMuyjgYeLOcjUg1tnE85MdhfGeNqZiGqfLA5bCQxJiSmWNXopPYfeXKX0IHPcH0OkCYreltnAOFTrg67Uh62E&sig=Cg0ArKJSzH9R8TALBcYHEAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Dec 2020 21:20:38 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 80FD 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78613a4243b992126f3f92da6fc039d533f3d4086eb2114731439b869ee4a4ae

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame D23A 46 KB
13 KB 387ms
228ms Script
application/javascript 52.215.225.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025557&pubOrder=305536031&cb=1202565099&custom=homepage&custom3=168400391&adsafe_par&impId=6068a660-3f1b-11eb-8c05-02bf2b86cc68
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.225.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ebbccb935eee18dbf94446cdb6d002dc9c47fcf1e6d7dc4b821ae9f560abe015

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:38 GMT
content-encoding: gzip
x-server-name: app02.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
DATA 200
OK truncated
/ Frame E98C 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b64279cca594fa5aeb52f9ba145035087b1dbb124d2f2774254248d660611e13

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 99FB 46 KB
13 KB 316ms
169ms Script
application/javascript 52.215.225.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092456&pubOrder=305536031&cb=1543033782&custom=homepage&custom3=168400391&adsafe_par&impId=6068a661-3f1b-11eb-8c05-02bf2b86cc68
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.225.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 89379e975030240d9d4d5e5666d022cd01831d1f4564d12f0f5816493d9958ad

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:38 GMT
content-encoding: gzip
x-server-name: app32.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
DATA 200
OK truncated
/ Frame 87AF 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c672e2f76cecdd1ef21f9b2ebf7f3e5fb9c2841726d009a48c5042745efc43fe

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame F575 46 KB
13 KB 264ms
128ms Script
application/javascript 52.215.225.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025551&pubOrder=305536031&cb=1635386072&custom=homepage&custom3=168400391&adsafe_par&impId=6068a663-3f1b-11eb-8c05-02bf2b86cc68
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.225.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: d52721391e7ab772c196cdc3bb6d1827c71fb732c235062227bfabbdc39febb4

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:38 GMT
content-encoding: gzip
x-server-name: app09.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2D84 0
22 B 85ms
85ms Image
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss4uBoiRyzVSL1pToacrGsHHUTI16caj1zXBkAqSc2I8r2gHFMU6Qrl8jQnootjDaO2-d0nypnN3Zz9be9L6IUy1baPvIdOFP2Or8lypOmfFG7JG1r4qfmbPwjHHlGXMzFehiTOfbQgs2EPuff10rSWfXeQgWYIivKasrjWeyiFJlbCoNvrqt3Xmb2UVGoC2anp33gGxzDHldxLCktnKvlFVWUsQYtXj-woAxIQlaJo4w7jtSz8NE-vCPJ1iAKfmbhSm3NKR4XTjBw&sig=Cg0ArKJSzIPaxLnbYpTSEAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Dec 2020 21:20:38 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2D84 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ffc51cd531890768c5cc411b81d0bcc046de7d931f761a514f5d7f1a6722fbe

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 4037 46 KB
13 KB 309ms
184ms Script
application/javascript 52.215.225.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234082178&pubOrder=305536031&cb=756269708&custom=homepage&custom3=168400391&adsafe_par&impId=6068a662-3f1b-11eb-8c05-02bf2b86cc68
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.225.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 74581c25d8ec67de271196c8c78cc1c07989a5354f59b558412d908e006865c8

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:38 GMT
content-encoding: gzip
x-server-name: app36.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 80FD 0
22 B 94ms
94ms Image
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvoR3Kxp3gZmCgdKn--0q1epQSN6iqWq-2Q7dnGcpOhf1F7wSRVYZydWJh3-jYSNC9MPg5zCJqoLg983FtGL6HIYZLcsjMhCeDdgZD58U-zHLb46kZ9XxwDDGzznAjzuMxJjJfr6Prn_2MkqZhhTcJq6fwKdwrMTwx2q0eTbq3H_farg9RBMramnfadIwlMR8B_hEQO8iOI0c5UJkZtIVi5JNjMyTO-1PwhhhTJrqi07XOe3ssWzMUp_caWQDEbuOg8vMfMytUbOFE&sig=Cg0ArKJSzJiJZbEnrN6oEAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Dec 2020 21:20:38 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 87AF 0
22 B 93ms
92ms Image
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss-U0CtgoVzKZgY6zpXqh19MLfpCQqggPJb2S4AEEdr8hGrLSSIbXAyohILasIgWQLo3cmbN2Wwzok4LeN29csdEAX7EyXpJU5nglZfvZm399tn1VDdqzmH_rkaDRXiVT3XDoomsA621Ydm8GI0yDKGOcqUrGln24uyrJw0jkapqXgw5zgFXBLF4mD9-5f1FZxJutzBkP2KxCS_LHoEnYCP4aU9WYdhZug55E3L9NGVP-uhiqMoy3XU0GJDpQfDITxptW4b8jmXVPU&sig=Cg0ArKJSzC7WASpxFa1yEAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Dec 2020 21:20:38 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame E98C 0
22 B 93ms
93ms Image
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuWvWz0dwqriVUUvSfEHmcsAlU_yMfcGe6T5GZlyh5tmOVHxDuktaxR0cYgLwD3EAzAY-6WrrTAB-v_SlxCpTDsPrZn89QVUmmxxuuE8qjvqvaPJtt0hbUbkrFBk7BYJsinsKSFz8II4_7H8Qoyp0WEHvYVFKnsvy7Os9tXY5esz8DMbLm8MGNd9aF66N1xnnu5zWDJDp83V0MxSm8pMQzAva4mqEZ2HRBkPJAtpSzWKeDg-8CPjUi_O4xLfOjPsqO2kZSVQ0ss_HU&sig=Cg0ArKJSzPkduvOo34vVEAE&adurl=

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Dec 2020 21:20:38 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ Frame 19BC 4 KB
2 KB 263ms
86ms Script
application/x-javascript 13.226.146.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.146.155 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-146-155.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Dec 2020 08:42:38 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 45481
ETag: "98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: JRiic_cA7CGetA8u_zIvpW4cNfsphoZ07z_T7VQCf5jMtD_EtM3D3Q==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ Frame B998 5 KB
2 KB 72ms
72ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=0dc6f49ce25a146c488ef0b7eb25e0f0-1608067232
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:38 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 72827
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1608067238.472679,VS0,VE0
x-served-by: cache-fra19131-FRA

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame 4EEB 965 B
761 B 10ms
9ms Script
application/x-javascript 2a02:26f0:10c:582::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=0dc6f49ce25a146c488ef0b7eb25e0f0-1608067232
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:582::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Dec 2020 21:20:38 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=39297
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 448

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 96A1 96 KB
38 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-707564276

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b078acca5079cc43614182feddcc9f3a3d5c733eb382d596f1cfcb7eaa82f326

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:38 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38971
x-xss-protection: 0
last-modified: Tue, 15 Dec 2020 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 15 Dec 2020 21:20:38 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ Frame FAC7 4 KB
2 KB 258ms
76ms Script
application/x-javascript 13.226.146.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.146.155 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-146-155.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Dec 2020 08:42:38 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 45481
ETag: "98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 5cd60f530cdafe284762767565aa2747.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: yq29sBvx0yYLlsa-k2jDxhXsFijXTpzXFnawsS4JMZO9o9-4x1GfLg==

GET
H/1.1 200
OK pixie.js Show response
acdn.adnxs.com/dmp/up/ Frame 4201 7 KB
3 KB 200ms
61ms Script
application/javascript 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/up/pixie.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=0dc6f49ce25a146c488ef0b7eb25e0f0-1608067232
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3883ff2a5b46193da5464f5ae5fb94169d1361cfecedbd187439d459dc669f31

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Dec 2020 21:20:38 GMT
Content-Encoding: gzip
Age: 6325
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 2601
X-Served-By: cache-lga21959-LGA, cache-fra19178-FRA
Access-Control-Allow-Origin: *
Last-Modified: Thu, 14 May 2020 21:04:36 GMT
Server: nginx/1.13.10
X-Timer: S1608067239.659822,VS0,VE0
ETag: W/"5ebdb264-1cfb"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Thu, 10 Dec 2020 19:35:03 GMT
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 1, 1995

GET
H3-Q050

200

activityi;dc_pre=CNCAnaT10O0CFQDruwgdHD8KXg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4601730327904.956
8228261.fls.doubleclick.net/ Frame 663B
Redirect Chain

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4601730327904.956?
https://8228261.fls.doubleclick.net/activityi;dc_pre=CNCAnaT10O0CFQDruwgdHD8KXg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=460173032790...

0
0

226ms
125ms

Document
text/html

216.58.208.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8228261.fls.doubleclick.net/activityi;dc_pre=CNCAnaT10O0CFQDruwgdHD8KXg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4601730327904.956?

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=0dc6f49ce25a146c488ef0b7eb25e0f0-1608067232

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.38 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f38.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8228261.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CNCAnaT10O0CFQDruwgdHD8KXg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4601730327904.956?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnhbr6wG4Z_GL3DjEXeaiGnLlm60GNT4bhsGG4F0BYzt5FvAoIbk7ie0N7m
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 15 Dec 2020 21:20:38 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 392
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 15 Dec 2020 21:20:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8228261.fls.doubleclick.net/activityi;dc_pre=CNCAnaT10O0CFQDruwgdHD8KXg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4601730327904.956?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050

200

activityi;dc_pre=CLOGnaT10O0CFdTJuwgdr2cIBQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2332247875869.4575
8228261.fls.doubleclick.net/ Frame 4BD3
Redirect Chain

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2332247875869.4575?
https://8228261.fls.doubleclick.net/activityi;dc_pre=CLOGnaT10O0CFdTJuwgdr2cIBQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=233224787586...

0
0

226ms
126ms

Document
text/html

216.58.208.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8228261.fls.doubleclick.net/activityi;dc_pre=CLOGnaT10O0CFdTJuwgdr2cIBQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2332247875869.4575?

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=0dc6f49ce25a146c488ef0b7eb25e0f0-1608067232

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.38 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f38.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8228261.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CLOGnaT10O0CFdTJuwgdr2cIBQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2332247875869.4575?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnhbr6wG4Z_GL3DjEXeaiGnLlm60GNT4bhsGG4F0BYzt5FvAoIbk7ie0N7m
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 15 Dec 2020 21:20:38 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 391
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 15 Dec 2020 21:20:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8228261.fls.doubleclick.net/activityi;dc_pre=CLOGnaT10O0CFdTJuwgdr2cIBQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2332247875869.4575?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame A7A4 96 KB
38 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-820018408

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8600099f7e30b15cb09a2746c608dec0944c9a031c8b4794010ab943f2a98522

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:38 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38969
x-xss-protection: 0
last-modified: Tue, 15 Dec 2020 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 15 Dec 2020 21:20:38 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame B543 30 KB
12 KB 77ms
77ms Script
text/javascript 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

09494b789c55d639e0aabeffc59433963f0e8e766baba0fea88eae8a63c40ccd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11865
x-xss-protection: 0
server: cafe
etag: 18432201170715473949
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 15 Dec 2020 21:20:38 GMT

GET
H2 200 activity
au-gmtdmp.mookie1.com/t/v2/ Frame 605A 43 B
607 B 572ms
345ms Image
image/gif 35.227.202.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296557&src.rand=[timestamp]
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.202.26 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:38 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 0FD3
Redirect Chain

https://secure.adnxs.com/px?id=879166&seg=9702347&t=2
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2

43 B
1 KB

161ms
79ms

Image
image/gif

185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.243 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Dec 2020 21:20:38 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 722.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.4:80
AN-X-Request-Uuid: efabe918-5f18-40b6-b07c-b28e048dacd5
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 15 Dec 2020 21:20:38 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 722.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.48:80
AN-X-Request-Uuid: 3d7e8642-6a1c-48b3-a540-bdbc597c9541
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D879166%26seg%3D9702347%26t%3D2
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1

0
1023 B

71ms
71ms

Image
application/javascript

185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.243 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Dec 2020 21:20:39 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 722.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.71:80
AN-X-Request-Uuid: 8ffb465a-5d88-46fe-9ff4-09e58844dcc9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 15 Dec 2020 21:20:38 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 722.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.55:80
AN-X-Request-Uuid: 9d9526d0-ff87-4ec4-ab69-81b401c24cc8
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK px
secure.adnxs.com/ 0
952 B 70ms
69ms Image
application/javascript 185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/px?id=1049968&seg=15374298&t=1

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.243 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Dec 2020 21:20:38 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 722.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.148:80
AN-X-Request-Uuid: 4c8ec646-852a-4301-a7f9-e0bda754f89a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame 4EEB 3 KB
2 KB 27ms
9ms Script
application/x-javascript 2a02:26f0:10c:582::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:582::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Dec 2020 21:20:38 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Sep 2020 20:29:41 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=11402
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1576

GET
H2 200 main.gr.19.8.150.js Show response
static.adsafeprotected.com/ Frame F575 177 KB
57 KB 38ms
12ms Script
application/javascript 2600:9000:2182:de00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.150.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025551&pubOrder=305536031&cb=1635386072&custom=homepage&custom3=168400391&adsafe_par&impId=6068a663-3f1b-11eb-8c05-02bf2b86cc68
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:de00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 76a6767075fabbdca037a1dfa10819be849f21ed515071060b415a3f7c2a9a3d

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 19:23:11 GMT
content-encoding: gzip
age: 7049
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 15 Dec 2020 19:06:55 GMT
server: AmazonS3
etag: W/"a6fa4e4fdb9654ecef0c33777453bc52"
vary: Accept-Encoding
x-amz-version-id: 5GF7Oh3B4VTl3qVjHPMFsQ7_rxcsHeUK
via: 1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: Ov1kfpalmH2t3F3YZqssjMTXZr21H5AC3Jt6UT51kSFK4lvuVQzqGw==

GET
H2 200 adsct
t.co/i/ Frame B998 43 B
171 B 182ms
182ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o3flk&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2F

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 116
pragma: no-cache
last-modified: Tue, 15 Dec 2020 21:20:39 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 93ffd34c1570a75bd378f557370d265f
x-transaction: 00485960002bbde3
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 main.gr.19.8.150.js Show response
static.adsafeprotected.com/ Frame 95F1 177 KB
57 KB 17ms
17ms Script
application/javascript 2600:9000:2182:de00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.150.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025560&pubOrder=305536031&cb=1914752484&custom=homepage&custom3=168400391&adsafe_par&impId=6068a65f-3f1b-11eb-8c05-02bf2b86cc68
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:de00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 76a6767075fabbdca037a1dfa10819be849f21ed515071060b415a3f7c2a9a3d

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 19:23:11 GMT
content-encoding: gzip
age: 7049
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 15 Dec 2020 19:06:55 GMT
server: AmazonS3
etag: W/"a6fa4e4fdb9654ecef0c33777453bc52"
vary: Accept-Encoding
x-amz-version-id: 5GF7Oh3B4VTl3qVjHPMFsQ7_rxcsHeUK
via: 1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: NdUc4YKzMSnBD2lkBYBbI6obZe-ydgOfRvmf0XDQxSIuOk3xEF5AFA==

GET
H3-Q050 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 96A1 30 KB
12 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-707564276

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1ec254792b6fe5cb168d2ce9cb1e35d15311d3b357b305a95cbfb12552477d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12175
x-xss-protection: 0
server: cafe
etag: 17536051821503146167
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 15 Dec 2020 21:20:38 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/ Frame B543 2 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/?random=1608067238615&cv=9&fst=1608067238615&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c619acb8aa74f04562b8dc4f67beff03f3e2e4bdaf893928cb45e3670106683

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 970
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame A7A4 30 KB
12 KB 22ms
19ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-820018408

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1ec254792b6fe5cb168d2ce9cb1e35d15311d3b357b305a95cbfb12552477d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12175
x-xss-protection: 0
server: cafe
etag: 17536051821503146167
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 15 Dec 2020 21:20:38 GMT

GET
H2 200 main.gr.19.8.150.js Show response
static.adsafeprotected.com/ Frame 99FB 177 KB
57 KB 12ms
11ms Script
application/javascript 2600:9000:2182:de00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.150.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092456&pubOrder=305536031&cb=1543033782&custom=homepage&custom3=168400391&adsafe_par&impId=6068a661-3f1b-11eb-8c05-02bf2b86cc68
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:de00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 76a6767075fabbdca037a1dfa10819be849f21ed515071060b415a3f7c2a9a3d

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 19:23:11 GMT
content-encoding: gzip
age: 7049
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 15 Dec 2020 19:06:55 GMT
server: AmazonS3
etag: W/"a6fa4e4fdb9654ecef0c33777453bc52"
vary: Accept-Encoding
x-amz-version-id: 5GF7Oh3B4VTl3qVjHPMFsQ7_rxcsHeUK
via: 1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: ZkA-6LNFJqJ2ys91doiIbRsEV7tTW7g9CHHcPP8yDDITo9UloeCNww==

GET
H2 200 main.gr.19.8.150.js Show response
static.adsafeprotected.com/ Frame 4037 177 KB
57 KB 12ms
11ms Script
application/javascript 2600:9000:2182:de00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.150.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234082178&pubOrder=305536031&cb=756269708&custom=homepage&custom3=168400391&adsafe_par&impId=6068a662-3f1b-11eb-8c05-02bf2b86cc68
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:de00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 76a6767075fabbdca037a1dfa10819be849f21ed515071060b415a3f7c2a9a3d

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 19:23:11 GMT
content-encoding: gzip
age: 7049
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 15 Dec 2020 19:06:55 GMT
server: AmazonS3
etag: W/"a6fa4e4fdb9654ecef0c33777453bc52"
vary: Accept-Encoding
x-amz-version-id: 5GF7Oh3B4VTl3qVjHPMFsQ7_rxcsHeUK
via: 1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: oyfgF2JczsmHGca6xS5YLy1HwBfzjegrAmHeXnhn_ce-FDcfDQhXHg==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/ Frame 96A1 2 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/?random=1608067238672&cv=9&fst=1608067238672&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&ig=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

721b69cf4eaf120fb92adabdc6af644503bcba4065fbc9cd979d15096203439e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1009
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.gr.19.8.150.js Show response
static.adsafeprotected.com/ Frame D23A 177 KB
57 KB 15ms
15ms Script
application/javascript 2600:9000:2182:de00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.150.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025557&pubOrder=305536031&cb=1202565099&custom=homepage&custom3=168400391&adsafe_par&impId=6068a660-3f1b-11eb-8c05-02bf2b86cc68
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:de00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 76a6767075fabbdca037a1dfa10819be849f21ed515071060b415a3f7c2a9a3d

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 19:23:11 GMT
content-encoding: gzip
age: 7049
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 15 Dec 2020 19:06:55 GMT
server: AmazonS3
etag: W/"a6fa4e4fdb9654ecef0c33777453bc52"
vary: Accept-Encoding
x-amz-version-id: 5GF7Oh3B4VTl3qVjHPMFsQ7_rxcsHeUK
via: 1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: Mq_LyAhS_Qcf05gz7SEqH2IJt-3JwaS_L0iNiNQzW6WmimUILQQUig==

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/ Frame A7A4 2 KB
1 KB 23ms
18ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/?random=1608067238690&cv=9&fst=1608067238690&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&ig=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63d4509f461e8ee5c5fcce96dc9779253a018831a40bf1dc9b00df295d6d18bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1009
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixie
ib.adnxs.com/ Frame 4201 42 B
352 B 195ms
60ms Image
image/gif 185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/pixie?e=PageView&pi=4332873b-84ca-4d4d-a575-ee974bcdf99a&it=1608067238692&v=0.0.15&u=https%3A%2F%2Fwww.heraldsun.com.au%2F&r=https%3A%2F%2Fwww.heraldsun.com.au%2F&st=1608067238691&et=1608067238692&if=1
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.52 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: nginx/1.17.9 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Dec 2020 21:20:39 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx/1.17.9
Connection: keep-alive
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 725.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 10.2.80.88:80
Content-Length: 42
Content-Type: image/gif

POST
H2 200 validate
assets.vidora.com/v1/ 0
314 B 304ms
304ms Other
application/octet-stream 2600:9000:206f:fe00:4:77d:a0c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidora.com/v1/validate?api_key=heraldsun.2F8773CE626E38E3517E704E87B6D52D
Requested by: Host: assets.vidora.com
URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:fe00:4:77d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 15 Dec 2020 21:20:38 GMT
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: TJGJA_5OvPECKHfPJwfNd4M96E0v8nvqIvykqPN6s3kwOCUbfe1mOw==
expires: Tue, 15 Dec 2020 21:20:37 GMT

GET
H2 200 collect
px.ads.linkedin.com/ Frame 4EEB 0
66 B 531ms
528ms Image
application/javascript 2a05:f500:10:101::b93f:9105
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&time=1608067239000
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:39 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server: Play
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-ltx1
x-li-proto: http/2
x-li-pop: prod-efr5
content-type: application/javascript
content-length: 0
x-li-uuid: XhHIUqIAURYgqKeYuCoAAA==

GET
H2 200 sca.17.4.114.js Show response
static.adsafeprotected.com/ Frame 9720 81 KB
22 KB 13ms
10ms Script
application/javascript 2600:9000:2182:de00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.4.114.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:de00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 08:42:12 GMT
content-encoding: gzip
age: 9463107
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 13 Jan 2020 23:54:54 GMT
server: AmazonS3
etag: W/"e456dd0e5be3c2494dd734db6c5b965c"
vary: Accept-Encoding
x-amz-version-id: gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z
via: 1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: BQsh-nyGJVnRXw5bJ72_hMT3Xq1haxNbONOM0pvLzqmmg-_TS2f-cg==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 88ms
82ms Image
image/gif 52.215.225.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025551&pubOrder=305536031&cb=1635386072&custom=homepage&custom3=168400391&adsafe_par&impId=6068a663-3f1b-11eb-8c05-02bf2b86cc68&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:6d463f8f-e5e6-cad3-c77e-30ef100f878f,c:x06WHT,sl:outOfView,em:true,fr:true,mn:app09ie,pt:1-5-15,wc:0.0.1600.1200,ac:800.2581.1.1,am:i,cc:800.2581.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:sjhcfOs+11|12|13|14|15|161|171|181|191|1a*.10507|1a1|1b|1c|1d|1e|1f|1g|1h|1i111|1j111|1k|1l|1m|1n,idMap:1a*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:502,oid:60c0d855-3f1b-11eb-9be6-0ae761671616,v:19.8.150,sp:1,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.225.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:39 GMT
x-server-name: app17.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 sca.17.4.114.js Show response
static.adsafeprotected.com/ Frame 2B9F 81 KB
22 KB 9ms
9ms Script
application/javascript 2600:9000:2182:de00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.4.114.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:de00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 08:42:12 GMT
content-encoding: gzip
age: 9463107
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 13 Jan 2020 23:54:54 GMT
server: AmazonS3
etag: W/"e456dd0e5be3c2494dd734db6c5b965c"
vary: Accept-Encoding
x-amz-version-id: gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z
via: 1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: t4fHLFbM_CrvoiZQ8NAIYnH3G1GG2rKyM6N0phkp_XZO6bRJClka6Q==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 81ms
81ms Image
image/gif 52.215.225.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025560&pubOrder=305536031&cb=1914752484&custom=homepage&custom3=168400391&adsafe_par&impId=6068a65f-3f1b-11eb-8c05-02bf2b86cc68&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:4a7c89c4-ac75-d9ea-f441-a3af87b7f68c,c:x06WIr,sl:outOfView,em:true,fr:true,mn:app37ie,pt:1-5-15,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:sjhcfOw+11|12|13|14|15|16*.10507|161|171|181|191|1a1|1a2|1b|1c|1d|1e|1f|1g|1h|1i111|1j111|1k|1l|1m|1n,idMap:16*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:531,oid:60c0d90e-3f1b-11eb-a11b-0660e4448cc9,v:19.8.150,sp:1,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.225.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:39 GMT
x-server-name: app43.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 492ms
163ms Image
image/gif 3.82.234.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=6d463f8f-e5e6-cad3-c77e-30ef100f878f&tv={c:x06WJe,pingTime:-2,time:584,type:a,im:{sf:0,pom:1,prf:{beA:306,beZ:307,mfA:785,cmA:786,inA:786,inZ:791,prA:791,prZ:798,si:808,poA:808,poZ:819,cmZ:819,mfZ:819,loA:867,loZ:870,ltA:888,ltZ:889}},sca:{dfp:{df:0}},env:{gca:false,cca:false,gca2:false},clog:[{piv:0,vs:o,r:r,w:1,h:1,t:501}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:584,n:0,pp:0,pm:0},slEvents:[{sl:o,t:501,wc:0.0.1600.1200,ac:800.2581.1.1,am:i,cc:800.2581.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[101~0],as:[101~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sjhcfOs+11|12|13|14|15|16.10507|161|171|181|191|1a*.10507|1a1|1b|1c|1d|1e|1f|1g|1h|1i111|1j111|1k|1l|1m|1n,idMap:1a*,rmeas:1,rend:0,renddet:IMG.us,slid:[google_ads_iframe_/5129/ndm.hwt/home_4,google_ads_iframe_/5129/ndm.hwt/home_4__container__,ad-block-728x90-2,newscorpau_ads-168],sinceFw:80,readyFired:true}&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.82.234.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:39 GMT
x-server-name: dt40.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 415ms
163ms Image
image/gif 3.82.234.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=4a7c89c4-ac75-d9ea-f441-a3af87b7f68c&tv={c:x06WJo,pingTime:-2,time:590,type:a,im:{sf:0,pom:1,prf:{beA:362,beZ:363,mfA:879,cmA:879,inA:879,inZ:881,prA:881,prZ:889,si:894,poA:894,poZ:913,cmZ:913,mfZ:913,loA:936,loZ:938,ltA:952,ltZ:952}},sca:{dfp:{df:0}},env:{gca:false,cca:false,gca2:false},clog:[{piv:0,vs:o,r:r,w:1,h:1,t:531}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:590,n:0,pp:0,pm:0},slEvents:[{sl:o,t:531,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[73~0],as:[73~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sjhcfOs+11|12|13|14|15|16*.10507|161|171|181|191|1a.10507|1a1|1a2|1b|1c|1d|1e|1f|1g|1h|1i111|1j111|1k|1l|1m|1n,idMap:16*,rmeas:1,rend:0,renddet:IMG.us,slid:[google_ads_iframe_/5129/ndm.hwt/home_0,google_ads_iframe_/5129/ndm.hwt/home_0__container__,ad-block-728x90-1],sinceFw:58,readyFired:true}&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.82.234.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:39 GMT
x-server-name: dt37.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/859754747/ Frame B543 42 B
66 B 53ms
38ms Image
image/gif 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/859754747/?random=1608067238615&cv=9&fst=1608066000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=3854996959&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/859754747/ Frame B543 42 B
108 B 28ms
27ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/859754747/?random=1608067238615&cv=9&fst=1608066000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=3854996959&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/707564276/ Frame 96A1 42 B
530 B 47ms
37ms Image
image/gif 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/707564276/?random=1608067238672&cv=9&fst=1608066000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=1011752350&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/707564276/ Frame 96A1 42 B
530 B 43ms
27ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/707564276/?random=1608067238672&cv=9&fst=1608066000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=1011752350&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/820018408/ Frame A7A4 42 B
66 B 48ms
39ms Image
image/gif 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/820018408/?random=1608067238690&cv=9&fst=1608066000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=399426172&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/820018408/ Frame A7A4 42 B
66 B 43ms
28ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/820018408/?random=1608067238690&cv=9&fst=1608066000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=399426172&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sca.17.4.114.js Show response
static.adsafeprotected.com/ Frame D487 81 KB
22 KB 10ms
10ms Script
application/javascript 2600:9000:2182:de00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.4.114.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:de00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 08:42:12 GMT
content-encoding: gzip
age: 9463107
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 13 Jan 2020 23:54:54 GMT
server: AmazonS3
etag: W/"e456dd0e5be3c2494dd734db6c5b965c"
vary: Accept-Encoding
x-amz-version-id: gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z
via: 1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: HYUlLhFQpi_L212JjSim6eyePL-2UlLuv4-raRpvqb4sAybP1z9a-Q==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 82ms
81ms Image
image/gif 52.215.225.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|2&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234092456&pubOrder=305536031&cb=1543033782&custom=homepage&custom3=168400391&adsafe_par&impId=6068a661-3f1b-11eb-8c05-02bf2b86cc68&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:50d0ef92-4046-488d-50d6-e88114222e78,c:x06WJS,sl:outOfView,em:true,fr:true,mn:app32ie,pt:1-5-15,wc:0.0.1600.1200,ac:1274.7712.1.1,am:i,cc:1274.7712.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:sjhcfPA+11|12|13|14|15|161|162|171|18*.10507|181|191|1a1|1a2|1b|1c|1d|1e|1f|1g|1h|1i111|1j111|1k|1l|1m|1n,idMap:18*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:554,oid:60c0ff89-3f1b-11eb-bfa0-06cf570a4b4b,v:19.8.150,sp:1,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.225.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:39 GMT
x-server-name: app09.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 sca.17.4.114.js Show response
static.adsafeprotected.com/ Frame E963 81 KB
22 KB 17ms
17ms Script
application/javascript 2600:9000:2182:de00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.4.114.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:de00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 08:42:12 GMT
content-encoding: gzip
age: 9463107
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 13 Jan 2020 23:54:54 GMT
server: AmazonS3
etag: W/"e456dd0e5be3c2494dd734db6c5b965c"
vary: Accept-Encoding
x-amz-version-id: gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z
via: 1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: 0LkrkEmSYKRkHmT_FJ8z532k4XQ3ToJkNHIZT0j1wgUZLsoYxFSrPA==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
215 B 86ms
86ms Image
image/gif 52.215.225.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=10x10|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234082178&pubOrder=305536031&cb=756269708&custom=homepage&custom3=168400391&adsafe_par&impId=6068a662-3f1b-11eb-8c05-02bf2b86cc68&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:f4a55606-72d1-61c3-21e9-f2c90ed4f6f2,c:x06WKo,sl:outOfView,em:true,fr:true,mn:app36ie,pt:1-5-15,wc:0.0.1600.1200,ac:795.8743.10.10,am:i,cc:795.8743.10.10,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:sjhcfPE+11|12|13|14|15|161|162|171|181|182|19*.10507|191|1a1|1a2|1b|1c|1d|1e|1f|1g|1h|1i111|1j111|1k|1l|1m|1n,idMap:19*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:582,oid:60c1267f-3f1b-11eb-934c-067dc49a95c9,v:19.8.150,sp:1,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.225.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:39 GMT
x-server-name: app02.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 sca.17.4.114.js Show response
static.adsafeprotected.com/ Frame 9E2C 81 KB
22 KB 10ms
9ms Script
application/javascript 2600:9000:2182:de00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.4.114.js
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:de00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 08:42:12 GMT
content-encoding: gzip
age: 9463107
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 13 Jan 2020 23:54:54 GMT
server: AmazonS3
etag: W/"e456dd0e5be3c2494dd734db6c5b965c"
vary: Accept-Encoding
x-amz-version-id: gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z
via: 1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: 3y1c_8KXkEP4AUzSnhkkq-X3CdNjE8_-lnu3OPYdsZLM_NUczYw_aw==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 80ms
79ms Image
image/gif 52.215.225.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|1&pubId=20970311&chanId=171638111&placementId=4682990628&pubCreative=138234025557&pubOrder=305536031&cb=1202565099&custom=homepage&custom3=168400391&adsafe_par&impId=6068a660-3f1b-11eb-8c05-02bf2b86cc68&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:924621a6-4f22-aa95-b834-d2282b8c2f02,c:x06WKJ,sl:outOfView,em:true,fr:true,mn:app02ie,pt:1-5-15,wc:0.0.1600.1200,ac:1273.484.1.1,am:i,cc:1273.484.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:sjhcfPI+11|12|13|14|15|161|162|17*.10507|171|181|182|191|192|1a1|1a2|1b|1c|1d|1e|1f|1g|1h|1i111|1j111|1k|1l|1m|1n,idMap:17*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:599,oid:60c1c36a-3f1b-11eb-995e-02c790015d1e,v:19.8.150,sp:1,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.225.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:39 GMT
x-server-name: app08.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 173ms
170ms Image
image/gif 3.82.234.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=50d0ef92-4046-488d-50d6-e88114222e78&tv={c:x06WL2,pingTime:-2,time:626,type:a,im:{sf:0,pom:1,prf:{beA:386,beZ:387,mfA:929,cmA:929,inA:929,inZ:931,prA:931,prZ:937,si:940,poA:940,poZ:945,cmZ:945,mfZ:945,loA:958,loZ:959,ltA:1012,ltZ:1012}},sca:{dfp:{df:0}},env:{gca:false,cca:false,gca2:false},clog:[{piv:0,vs:o,r:r,w:1,h:1,t:554}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:627,n:0,pp:0,pm:0},slEvents:[{sl:o,t:554,wc:0.0.1600.1200,ac:1274.7712.1.1,am:i,cc:1274.7712.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[82~0],as:[82~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sjhcfPA+11|12|13|14|15|161|162|171|18*.10507|181|19.10507|191|1a1|1a2|1b|1c|1d|1e|1f|1g|1h|1i111|1j111|1k|1l|1m|1n,idMap:18*,rmeas:1,rend:0,renddet:IMG.us,slid:[google_ads_iframe_/5129/ndm.hwt/home_2,google_ads_iframe_/5129/ndm.hwt/home_2__container__,ad-block-300x250-2,newscorpau_ads-19,group_3_col-22],sinceFw:71,readyFired:true}&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.82.234.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:39 GMT
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 171ms
168ms Image
image/gif 3.82.234.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=f4a55606-72d1-61c3-21e9-f2c90ed4f6f2&tv={c:x06WLB,pingTime:-2,time:657,type:a,im:{sf:0,pom:1,prf:{beA:368,beZ:369,mfA:938,cmA:939,inA:939,inZ:940,prA:940,prZ:947,si:950,poA:951,poZ:955,cmZ:955,mfZ:955,loA:993,loZ:995,ltA:1024,ltZ:1024}},sca:{dfp:{df:0}},env:{gca:false,cca:false,gca2:false},clog:[{piv:0,vs:o,r:r,w:10,h:10,t:582}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:657,n:0,pp:0,pm:0},slEvents:[{sl:o,t:582,wc:0.0.1600.1200,ac:795.8743.10.10,am:i,cc:795.8743.10.10,piv:0,obst:0,th:0,reas:r,bkn:{piv:[86~0],as:[86~10.10]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sjhcfPE+11|12|13|14|15|161|162|17.10507|171|181|182|19*.10507|191|1a1|1a2|1b|1c|1d|1e|1f|1g|1h|1i111|1j111|1k|1l|1m|1n,idMap:19*,rmeas:1,rend:0,renddet:IMG.us,slid:[google_ads_iframe_/5129/ndm.hwt/home_3,google_ads_iframe_/5129/ndm.hwt/home_3__container__,ad-block-1000x50-1],sinceFw:74,readyFired:true}&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.82.234.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:39 GMT
x-server-name: dt18.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 170ms
167ms Image
image/gif 3.82.234.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=924621a6-4f22-aa95-b834-d2282b8c2f02&tv={c:x06WLF,pingTime:-2,time:657,type:a,im:{sf:0,pom:1,prf:{beA:406,beZ:407,mfA:989,cmA:989,inA:989,inZ:991,prA:991,prZ:998,si:1005,poA:1005,poZ:1010,cmZ:1010,mfZ:1010,loA:1037,loZ:1039,ltA:1062,ltZ:1062}},sca:{dfp:{df:0}},env:{gca:false,cca:false,gca2:false},clog:[{piv:0,vs:o,r:r,w:1,h:1,t:599}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:657,n:0,pp:0,pm:0},slEvents:[{sl:o,t:599,wc:0.0.1600.1200,ac:1273.484.1.1,am:i,cc:1273.484.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[74~0],as:[74~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sjhcfPE+11|12|13|14|15|161|162|17*.10507|171|181|182|19.10507|191|192|1a1|1a2|1b|1c|1d|1e|1f|1g|1h|1i111|1j111|1k|1l|1m|1n,idMap:17*,rmeas:1,rend:0,renddet:IMG.us,slid:[google_ads_iframe_/5129/ndm.hwt/home_1,google_ads_iframe_/5129/ndm.hwt/home_1__container__,ad-block-300x250-1,newscorpau_multi_collection-3],sinceFw:57,readyFired:true}&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.82.234.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:39 GMT
x-server-name: dt35.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 173ms
170ms Image
image/gif 3.82.234.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=6d463f8f-e5e6-cad3-c77e-30ef100f878f&tv={c:x06WMB,time:793,type:e,env:{ar:self.0},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:793,n:0,pp:0,pm:0},slEvents:[{sl:o,t:501,wc:0.0.1600.1200,ac:800.2581.1.1,am:i,cc:800.2581.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[310~0],as:[310~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sjhcfOs+11|12|13|14|15|16.10507|161|17.10507|171|18.10507|181|19.10507|191|1a*.10507|1a1|1b|1c|1d|1e|1f|1g|1h|1i111|1j111|1k|1l|1m|1n,idMap:1a*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.82.234.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:39 GMT
x-server-name: dt36.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 171ms
168ms Image
image/gif 3.82.234.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=4a7c89c4-ac75-d9ea-f441-a3af87b7f68c&tv={c:x06WMF,time:793,type:e,env:{ar:self.0},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:793,n:0,pp:0,pm:0},slEvents:[{sl:o,t:531,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[275~0],as:[275~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sjhcfOs+11|12|13|14|15|16*.10507|161|17.10507|171|18.10507|181|19.10507|191|1a.10507|1a1|1a2|1b|1c|1d|1e|1f|1g|1h|1i111|1j111|1k|1l|1m|1n,idMap:16*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.82.234.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:39 GMT
x-server-name: dt34.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 171ms
168ms Image
image/gif 3.82.234.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=50d0ef92-4046-488d-50d6-e88114222e78&tv={c:x06WMJ,time:731,type:e,env:{ar:self.0},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:731,n:0,pp:0,pm:0},slEvents:[{sl:o,t:554,wc:0.0.1600.1200,ac:1274.7712.1.1,am:i,cc:1274.7712.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[186~0],as:[186~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sjhcfPA+11|12|13|14|15|161|162|17.10507|171|18*.10507|181|19.10507|191|1a1|1a2|1b|1c|1d|1e|1f|1g|1h|1i111|1j111|1k|1l|1m|1n,idMap:18*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.82.234.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:39 GMT
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 170ms
167ms Image
image/gif 3.82.234.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=f4a55606-72d1-61c3-21e9-f2c90ed4f6f2&tv={c:x06WMK,time:728,type:e,env:{ar:self.0},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:728,n:0,pp:0,pm:0},slEvents:[{sl:o,t:582,wc:0.0.1600.1200,ac:795.8743.10.10,am:i,cc:795.8743.10.10,piv:0,obst:0,th:0,reas:r,bkn:{piv:[158~0],as:[158~10.10]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sjhcfPE+11|12|13|14|15|161|162|17.10507|171|181|182|19*.10507|191|1a1|1a2|1b|1c|1d|1e|1f|1g|1h|1i111|1j111|1k|1l|1m|1n,idMap:19*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.82.234.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:39 GMT
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 174ms
171ms Image
image/gif 3.82.234.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=924621a6-4f22-aa95-b834-d2282b8c2f02&tv={c:x06WML,time:725,type:e,env:{ar:self.0},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:725,n:0,pp:0,pm:0},slEvents:[{sl:o,t:599,wc:0.0.1600.1200,ac:1273.484.1.1,am:i,cc:1273.484.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[141~0],as:[141~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sjhcfPE+11|12|13|14|15|161|162|17*.10507|171|181|182|19.10507|191|192|1a1|1a2|1b|1c|1d|1e|1f|1g|1h|1i111|1j111|1k|1l|1m|1n,idMap:17*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.82.234.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:39 GMT
x-server-name: dt09.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 up
insight.adsrvr.org/track/ Frame 7401 0
0 80ms
80ms Document
text/html 18.200.151.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.151.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-151-216.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

date: Tue, 15 Dec 2020 21:20:39 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 adsct Show response
analytics.twitter.com/i/ Frame B998 31 B
284 B 193ms
190ms Script
application/javascript 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o3flk&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 120
pragma: no-cache
last-modified: Tue, 15 Dec 2020 21:20:39 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 7bcf9220f67a09dcf58db9f6577b8ec2
x-transaction: 00b2a40f005a9ac9
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 173ms
171ms Image
image/gif 3.82.234.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=6d463f8f-e5e6-cad3-c77e-30ef100f878f&tv={c:x06WOH,pingTime:-10,time:923,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.4.114v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200222002220222202,sd:MTcuNC4xMTR2MTIwMHx8MTYwMHx8MXx8MXx8MjR8fDEyMDB8fDB8fDB8fDF8fGxhbmRzY2FwZS1wcmltYXJ5fHwyNHx8NC8zfHw0LzN8fDB8fDE2MDA-,no:MTcuNC4xMTR2TW96aWxsYXx8TmV0c2NhcGV8fG58fDE2fHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTYwfHxNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODMuMC40MTAzLjYxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,asp:1608067239517||1861b7c3aab49ee9b1f9938a12155419||71ff54ebddb1e090fbf173d96e2342c8||9bb44a55014af6db27e20d2ea191981d||239193e599a84c0ec88e936b32b07cfb||a21975783012193c171996fbf70e559e||948946e32f7d8a99d73f405296079002||4ac3dcfd17396a005cf7a2f17c798603||1576000828}
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.82.234.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:39 GMT
x-server-name: dt10.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 up
insight.adsrvr.org/track/ Frame 401E 0
0 78ms
77ms Document
text/html 18.200.151.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.151.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-151-216.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

date: Tue, 15 Dec 2020 21:20:39 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 163ms
163ms Image
image/gif 3.82.234.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=f4a55606-72d1-61c3-21e9-f2c90ed4f6f2&tv={c:x06WSL,pingTime:-10,time:1101,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.4.114v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200222002220222202,sd:MTcuNC4xMTR2MTIwMHx8MTYwMHx8MXx8MXx8MjR8fDEyMDB8fDB8fDB8fDF8fGxhbmRzY2FwZS1wcmltYXJ5fHwyNHx8NC8zfHw0LzN8fDB8fDE2MDA-,no:MTcuNC4xMTR2TW96aWxsYXx8TmV0c2NhcGV8fG58fDE2fHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTYwfHxNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODMuMC40MTAzLjYxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,asp:1608067239517||1861b7c3aab49ee9b1f9938a12155419||71ff54ebddb1e090fbf173d96e2342c8||9bb44a55014af6db27e20d2ea191981d||239193e599a84c0ec88e936b32b07cfb||a21975783012193c171996fbf70e559e||948946e32f7d8a99d73f405296079002||4ac3dcfd17396a005cf7a2f17c798603||1576000828,sca:{spg:6d463f8f-e5e6-cad3-c77e-30ef100f878f}}
Requested by: Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.82.234.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:39 GMT
x-server-name: dt46.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 19ms
19ms XHR
application/json 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020120801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a690a0a04e0fefb9ca61628155a1237fe872e42a4379712d925e591676639fe8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Dec 2020 21:20:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6327
x-xss-protection: 0

GET
H2 200 bb0a7a64db37da7fe4b81526730eac50
content.api.news/v3/images/bin/ 4 KB
4 KB 68ms
68ms Image
image/jpeg 95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/bb0a7a64db37da7fe4b81526730eac50?width=150
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-184-145.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 6046d093577dcb97486df8d383ce88f3240ec1cedf6bc53b4f12918538f96c8f

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: bb0a7a64db37da7fe4b81526730eac50
date: Tue, 15 Dec 2020 21:20:40 GMT
last-modified: Tue, 15 Dec 2020 18:35:04 GMT
server: Akamai Image Manager
etag: 1b43cb7670a8875a2593a5a0cc3df73a-bb0a7a64db37da7fe4b81526730eac50-150
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5173970
access-control-allow-headers: x-newsapi-api-key
content-length: 3713
expires: Sat, 13 Feb 2021 18:33:30 GMT

GET
H2 200 5ed57548f2344f4466197f4c73c1fcd6
content.api.news/v3/images/bin/ 4 KB
4 KB 83ms
83ms Image
image/jpeg 95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/5ed57548f2344f4466197f4c73c1fcd6?width=150
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-184-145.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 8126d782271c43730cac45b2885c0aaaf13b2c37be7eecb615ab5a0f78200fd8

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: 5ed57548f2344f4466197f4c73c1fcd6
date: Tue, 15 Dec 2020 21:20:40 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: c239d84fcb874b8989fd16a4864bbf5e-5ed57548f2344f4466197f4c73c1fcd6-150
x-serial: 702
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5047134
last-modified: Tue, 15 Dec 2020 03:11:05 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 4021
expires: Fri, 12 Feb 2021 07:19:34 GMT

GET
H2 200 1867e75d1b5be9892366dbe31bd4f9a6
content.api.news/v3/images/bin/ 4 KB
5 KB 72ms
71ms Image
image/jpeg 95.101.184.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/1867e75d1b5be9892366dbe31bd4f9a6?width=150
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.184.145 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-184-145.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 7ead2ffbd903e0c7811f7451009ace1f6e4ab05855aea1a0fe9f861e0c4df992

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

edge-cache-tag: 1867e75d1b5be9892366dbe31bd4f9a6
date: Tue, 15 Dec 2020 21:20:40 GMT
last-modified: Tue, 15 Dec 2020 06:44:12 GMT
server: Akamai Image Manager
etag: 00a56ac878ff75ee1456f72508f44b1f-1867e75d1b5be9892366dbe31bd4f9a6-150
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5131403
access-control-allow-headers: x-newsapi-api-key
content-length: 4421
expires: Sat, 13 Feb 2021 06:44:03 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 21:20:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Tue, 15 Dec 2020 21:20:40 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame C16A 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.heraldsun.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.heraldsun.com.au/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Tue, 15 Dec 2020 20:20:03 GMT
expires: Wed, 15 Dec 2021 20:20:03 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3637
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 171ms
171ms Image
image/gif 3.82.234.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=924621a6-4f22-aa95-b834-d2282b8c2f02&tv={c:x06X1A,pingTime:-10,time:1644,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.4.114v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200222002220222202,sd:MTcuNC4xMTR2MTIwMHx8MTYwMHx8MXx8MXx8MjR8fDEyMDB8fDB8fDB8fDF8fGxhbmRzY2FwZS1wcmltYXJ5fHwyNHx8NC8zfHw0LzN8fDB8fDE2MDA-,no:MTcuNC4xMTR2TW96aWxsYXx8TmV0c2NhcGV8fG58fDE2fHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTYwfHxNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODMuMC40MTAzLjYxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,asp:1608067239517||1861b7c3aab49ee9b1f9938a12155419||71ff54ebddb1e090fbf173d96e2342c8||9bb44a55014af6db27e20d2ea191981d||239193e599a84c0ec88e936b32b07cfb||a21975783012193c171996fbf70e559e||948946e32f7d8a99d73f405296079002||4ac3dcfd17396a005cf7a2f17c798603||1576000828,sca:{spg:6d463f8f-e5e6-cad3-c77e-30ef100f878f}}
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.82.234.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:40 GMT
x-server-name: dt58.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 171ms
170ms Image
image/gif 3.82.234.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=4a7c89c4-ac75-d9ea-f441-a3af87b7f68c&tv={c:x06X2K,time:1790,type:e,env:{nr_p:1,nr_publ1:1,nr_grpm1:1},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:1790,n:0,pp:0,pm:0},slEvents:[{sl:o,t:531,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[1273~0],as:[1273~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:461,fm:sjhcfOs+11|12|13|14|15|16*.10507|161|17.10507|171|18.10507|181|19.10507|191|1a.10507|1a1|1a2|1b|1c|1d|1e|1f|1g|1h|1i111|1j111|1k|1l|1m|1n,idMap:16*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.82.234.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:40 GMT
x-server-name: dt15.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 196ms
163ms Image
image/gif 3.82.234.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=4a7c89c4-ac75-d9ea-f441-a3af87b7f68c&tv={c:x06X3R,pingTime:-10,time:1859,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.4.114v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200222002220222202,sd:MTcuNC4xMTR2MTIwMHx8MTYwMHx8MXx8MXx8MjR8fDEyMDB8fDB8fDB8fDF8fGxhbmRzY2FwZS1wcmltYXJ5fHwyNHx8NC8zfHw0LzN8fDB8fDE2MDA-,no:MTcuNC4xMTR2TW96aWxsYXx8TmV0c2NhcGV8fG58fDE2fHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTYwfHxNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODMuMC40MTAzLjYxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,asp:1608067239517||1861b7c3aab49ee9b1f9938a12155419||71ff54ebddb1e090fbf173d96e2342c8||9bb44a55014af6db27e20d2ea191981d||239193e599a84c0ec88e936b32b07cfb||a21975783012193c171996fbf70e559e||948946e32f7d8a99d73f405296079002||4ac3dcfd17396a005cf7a2f17c798603||1576000828,sca:{spg:6d463f8f-e5e6-cad3-c77e-30ef100f878f}}
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.82.234.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:40 GMT
x-server-name: dt39.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 194ms
167ms Image
image/gif 3.82.234.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=50d0ef92-4046-488d-50d6-e88114222e78&tv={c:x06X4a,pingTime:-10,time:1812,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.4.114v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200222002220222202,sd:MTcuNC4xMTR2MTIwMHx8MTYwMHx8MXx8MXx8MjR8fDEyMDB8fDB8fDB8fDF8fGxhbmRzY2FwZS1wcmltYXJ5fHwyNHx8NC8zfHw0LzN8fDB8fDE2MDA-,no:MTcuNC4xMTR2TW96aWxsYXx8TmV0c2NhcGV8fG58fDE2fHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTYwfHxNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODMuMC40MTAzLjYxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,asp:1608067239517||1861b7c3aab49ee9b1f9938a12155419||71ff54ebddb1e090fbf173d96e2342c8||9bb44a55014af6db27e20d2ea191981d||239193e599a84c0ec88e936b32b07cfb||a21975783012193c171996fbf70e559e||948946e32f7d8a99d73f405296079002||4ac3dcfd17396a005cf7a2f17c798603||1576000828,sca:{spg:6d463f8f-e5e6-cad3-c77e-30ef100f878f}}
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.82.234.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:40 GMT
x-server-name: dt40.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 179ms
164ms Image
image/gif 3.82.234.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=924621a6-4f22-aa95-b834-d2282b8c2f02&tv={c:x06X4o,time:1818,type:e,env:{nr_p:1,nr_publ1:1,nr_grpm1:1},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:1818,n:0,pp:0,pm:0},slEvents:[{sl:o,t:599,wc:0.0.1600.1200,ac:1273.484.1.1,am:i,cc:1273.484.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[1234~0],as:[1234~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:458,fm:sjhcfPE+11|12|13|14|15|161|162|17*.10507|171|181|182|19.10507|191|192|1a1|1a2|1b|1c|1d|1e|1f|1g|1h|1i111|1j111|1k|1l|1m|1n,idMap:17*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.82.234.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:40 GMT
x-server-name: dt37.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 gn
secure-dcr.imrworldwide.com/cgi-bin/ 44 B
529 B 102ms
0ms Image
image/gif 34.250.98.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_b04_homepage_S&asn=homepage&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&devmodel=&manuf=&sysname=&sysversion=&sessionId=obdtxq9vkjapo3wskj1pnqrvehljw1608067237&prv=1&c6=vc,b04&ca=NA&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&c32=segA,NA&c33=segB,NA&c34=segC,DSK-OTT-WinPhn-OtherBrowser&c15=apn,heraldsun&sup=0&segment2=&segment1=&forward=1&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,kwoxuxxueqd9w2n15rlucaocsw6yy1608067202&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16080672378481341&c30=bldv,6.0.0.563&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&devtypid=&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1608067237781&c3=st,c&c64=starttm,1608067240&adid=1608067237781&c58=isLive,false&c59=sesid,&c61=createtm,1608067239&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&c66=mediaurl,&c62=sendTime,1608067239&rnd=789618
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.98.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:40 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
111 B 84ms
16ms Image
image/gif 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020120801&jk=3242496275534416&bg=!hYalhqbNAAUbEDgJG1glQ9ySvh_Q4wIAAAJNUgAAAGFoAQcKAKhUS8IvyDafB1CnMa0BmZvtVXbeAND3PEjnem4dhtY_E9aHbYHzcGVwBizhUpNvhlFBX3y9O6qNc3FXKNL-ibar22aeb6lbl9CuACdpI2MqTd7ip0GKOPel5UzNGsymT50xCvNxbTPHxwWiY8OMBeHwPwEWXAjIUqUV5XI5qmiyltwv16a63zNN9Hnmb8zmSe-Ej1rjqGUsGSl4jQvXiwYMeyv7GSixZNaZAb0rwELkXsCK-Pq519cqkeCBfntVKItEWMJ98eUsm16RC6NJGVdbnl-89YiUo_dTicfIiAxniUIYI6rF-MMQ4UzsB2PqDtnoxOYE7fqUBMzy68AxLsAjSinz7IatKPaOuZPS6Jce47RJ-NG47L3KGnoFULBbItFv1L1mRyTPJB0wTVWPx1RTEZnsSbAlI0TMtbhka84d8_JYYZg5bVP9K4fYySQDEjjsejO3aQdju6Udmn7DYQsc2ChTuTszMX1b7hwTkwnsC4eMqfMF8Ax_z2k4FC5NE1OsGM18yiHon7ksCF4dC38AUD7xx5l6UP2jOS2P54XHw4oFLCCCgnPE593PWSYvXoQvD9P2iieNFfst-UbAvdg2rkmo1eDe40f_J97EMIx-quFWsuj_RCiDGtu4VI13nB1jZIwJmizWf1xNKzzVEFkwnYIyBkBJFxzxJPQyXJQhTCc9EgW0RZ9CrxFM3F7vvG-r7KW78PcqGHyhxEJtTzvfh2eUKyUUfecvR4MEkLeDEcAmahfDi-Ju3wvDTd29GO8qQMwwjUB3LcJF6L-UZ2NawzseTVHn92WoCtwuelgdDYCGnyZ13ZeC

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 187ms
187ms Image
image/gif 3.82.234.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=4a7c89c4-ac75-d9ea-f441-a3af87b7f68c&tv={c:x06Y4N,time:5761,type:e,env:{nr_p:5},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:5761,n:0,pp:0,pm:0},slEvents:[{sl:o,t:531,wc:0.0.1600.1200,ac:800.81.1.1,am:i,cc:800.81.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[5243~0],as:[5243~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:230,fm:sjhcfOs+11|12|13|14|15|16*.10507|161|17.10507|171|18.10507|181|19.10507|191|1a.10507|1a1|1a2|1b|1c|1d|1e|1f|1g|1h|1i111|1j111|1k|1l|1m|1n,idMap:16*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.82.234.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:44 GMT
x-server-name: dt57.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 185ms
185ms Image
image/gif 3.82.234.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=924621a6-4f22-aa95-b834-d2282b8c2f02&tv={c:x06Y6n,time:5785,type:e,env:{nr_p:5},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:5785,n:0,pp:0,pm:0},slEvents:[{sl:o,t:599,wc:0.0.1600.1200,ac:1273.484.1.1,am:i,cc:1273.484.1.1,piv:0,obst:0,th:0,reas:r,bkn:{piv:[5201~0],as:[5201~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:199,fm:sjhcfPE+11|12|13|14|15|161|162|17*.10507|171|181|182|19.10507|191|192|1a1|1a2|1b|1c|1d|1e|1f|1g|1h|1i111|1j111|1k|1l|1m|1n,idMap:17*,rmeas:1,rend:0,renddet:IMG.us}&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.82.234.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com.au/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Dec 2020 21:20:44 GMT
x-server-name: dt36.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: heraldsun.digitaleditions.com.au
URL: http://heraldsun.digitaleditions.com.au/

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NTJiZDY4NTYyMTVmODBlOTZlMTNkNDg0MGQxNTMyZjU&google_redir=https://id5-sync.com/c/464/398/1/7.gif?puid=NTJiZDY4NTYyMTVmODBlOTZlMTNkNDg0MGQxNTMyZjU&gdpr=1&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

287 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.demdex.net/	1970-01-19 19:00:19	Name: demdex Value: 50096280279805635112254100952025242537
.doubleclick.net/	1970-01-19 14:41:08	Name: test_cookie Value: CheckForPermission
.heraldsun.com.au/	1969-12-31 23:59:59	Name: s_ppv Value: hs%257Chome%257Chomepage%257Chomepage%2C13%2C13%2C1200
.demdex.net/	1970-01-19 19:00:19	Name: dextp Value: 144233-1-1608067239422\|144234-1-1608067239522\|144235-1-1608067239623\|144236-1-1608067239725\|144237-1-1608067239830\|147592-1-1608067239931\|461447-1-1608067240032
.heraldsun.com.au/	1969-12-31 23:59:59	Name: tp Value: 9427

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.taboola.com/libtrc/impl.20201123-29-RELEASE.js(Line 3) Message: Exit TRCRBox.loadScriptCallback(retry=0): no items in response - thumbnails-midrail-native
console-api	log	URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js(Line 3) Message: vidora-client 1.3.3 68d5ea1ec45c96bafd89f1a57b8aa2345fbf87f3
console-api	log	URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js(Line 1) Message: %c Vidora API finished initializing! background: #222; color: #b9da52
console-api	log	URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js(Line 18) Message: UTRACK loaded (from tealium)
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.4.114.js(Line 32) Message: a: 0.001953125 ms

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8228261.fls.doubleclick.net
acdn.adnxs.com
ad.doubleclick.net
adservice.google.com
adservice.google.pl
analytics.twitter.com
assets.vidora.com
au-gmtdmp.mookie1.com
au.tags.newscgp.com
bh.contextweb.com
bs.serving-sys.com
bttrack.com
c6fd3997f31eb85b60cae11bd13a084f.safeframe.googlesyndication.com
cdn-gl.imrworldwide.com
cdn.adsafeprotected.com
cdn.speedcurve.com
cdn.taboola.com
cds.taboola.com
ce.lijit.com
cm.everesttech.net
cm.g.doubleclick.net
content.api.news
dis.criteo.com
dpm.demdex.net
dsp.adkernel.com
dt.adsafeprotected.com
e1.emxdgt.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
heraldsun.digitaleditions.com.au
ib.adnxs.com
in.hotjar.com
insight.adsrvr.org
js.adsrvr.org
login.newscorpaustralia.com
match.adsrvr.org
match.taboola.com
metrics.heraldsun.com.au
mhr.talk.news.com.au
news-networkeditorial.s3-ap-southeast-2.amazonaws.com
newscorpau.demdex.net
origin.go.heraldsun.com.au
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.adsafeprotected.com
pixel.rubiconproject.com
px.ads.linkedin.com
resourcesssl.newscdn.com.au
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
s.c.appier.net
s1.rui.au.reastatic.net
s3-ap-southeast-2.amazonaws.com
sb.scorecardresearch.com
script.hotjar.com
seccdn-gl.imrworldwide.com
secure-dcr.imrworldwide.com
secure-ds.serving-sys.com
secure-gl.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
snap.licdn.com
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
static.hotjar.com
sync-t1.taboola.com
sync.taboola.com
t.co
tags.news.com.au
tags.tiqcdn.com
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
ts2020-indies-client.web.app
uconnect.tealiumiq.com
use.fontawesome.com
vars.hotjar.com
widget.perfectmarket.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.heraldsun.com.au
www.heraldsun.news.com.au
www.news.com.au
www.storygize.net
x.bidswitch.net
cm.g.doubleclick.net
heraldsun.digitaleditions.com.au
104.108.60.35
104.244.42.131
104.244.42.69
104.86.50.246
13.225.80.36
13.226.146.155
13.226.155.27
13.226.155.71
141.226.224.32
141.226.228.48
151.101.1.195
151.101.114.217
151.101.12.157
151.101.13.108
151.101.13.181
151.101.13.44
172.104.70.67
172.217.21.226
172.217.22.98
174.137.133.49
178.250.2.151
18.185.197.81
18.195.155.181
18.200.151.216
185.33.220.243
185.33.221.52
185.64.189.110
185.86.138.114
192.132.33.46
198.148.27.139
2.16.186.40
216.58.206.2
216.58.208.38
23.111.9.35
23.210.249.82
23.37.53.17
23.37.61.47
2600:9000:206f:8e00:1e:c291:240:93a1
2600:9000:206f:fe00:4:77d:a0c0:93a1
2600:9000:2070:9600:18:1fcd:34e:d2a1
2600:9000:2104:8c00:2:42d9:3100:93a1
2600:9000:2156:c600:1e:a43d:b640:93a1
2600:9000:2182:5400:2:42d9:3100:93a1
2600:9000:2182:de00:8:48e:53c0:93a1
2a00:1450:4001:806::2003
2a00:1450:4001:808::2002
2a00:1450:4001:808::2008
2a00:1450:4001:814::2004
2a00:1450:4001:815::2002
2a00:1450:4001:817::2002
2a00:1450:4001:817::2003
2a00:1450:4001:81d::2001
2a00:1450:4001:81e::2002
2a00:1450:4001:81f::2001
2a00:1450:4001:824::2004
2a00:1450:4001:825::2001
2a02:26f0:10c:582::25ea
2a04:fa87:fffd::c000:42d0
2a05:f500:10:101::b93f:9105
3.232.164.179
3.82.234.236
34.250.153.194
34.250.98.73
35.158.80.187
35.161.43.127
35.181.18.61
35.227.202.26
52.18.163.167
52.212.154.51
52.215.225.80
52.28.21.247
52.95.132.175
52.95.134.190
54.72.52.19
65.9.73.103
65.9.73.65
69.173.144.139
72.251.249.9
80.252.91.53
95.101.184.145
95.101.184.236
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
02f6334ab84d1d5aa554abe6d5f688814588478bfd9d0698f6ff414d6ff6831a
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06e9f93163cce0aa6698b5dbdd52d0ea860a91aa75e80d724051e67e6f0304f3
07a3eb8be1687dc1ee377d85bffd51891d0fd539258b63ab4031b012bd77f5fc
07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c
08052c2c99dd94a7e638999360264f21fd6ea6c6e7f0c9fbaf55e11cd4fe314f
08d947fb68ecdb4afd04c4f6a981249860bb7bf35fde3869331d972e8f88ad87
09494b789c55d639e0aabeffc59433963f0e8e766baba0fea88eae8a63c40ccd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1136fd8d6ff6f21847aab9abfab903a5a0e2f26a6f621f34af563def44ceb81c
120be8f5d061203ea26fd4bd2043201d6f06a7fce30cd7104e01c5dfafb48cd7
12a174500222f25e802175d5cf739d6ed5aeb7ad9812cbfe18b97992d6692a89
13044530d2afa52a6f7ba93c29935d571f52303b9aafc7e902e5e9eb02cd8801
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971
27ad1c0be127da20f7b68c8e868d9a1fa6ade3308786d297a24a5651faa32a38
2a87453753b5611e7806718ec99a837dc8068d9eb20b4b6b3bb0d38ee2bd84d4
2d881ee706b68b79e1678b0fb5806efe57a8e8c39e08b379de568883f531d4fb
338ad442ce49a764c366579658c0abb342c8192513168eb0aab49ffd111b4b43
3422a566d3586aa83e09fd661635fe9ebcf90f0f4824fdf3d42d6698662cbfcb
34d7e05910aac6f533cb31a9dffc4e37213c93c3b90a545b4f3bcedea3e6d03c
37839f90f9c430af4b063874e26d8986b8ceb01ebcdad7eedb4977c833116693
386895aeac76b1c5ff9b99ceaf1129828535748e9dd0ff241e8f595ca13b6afb
3883ff2a5b46193da5464f5ae5fb94169d1361cfecedbd187439d459dc669f31
38bba6edf1f5150a76307f4bb0c67a75615c074786885feaf18513d10687aef0
3e677b85798968d94a8f04feccca7425c25941437e56e639ebe2e3cae2e74438
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
4210fb41aeba98fcaeb3030322721a465d3abe3ea79004ca8dacac852034f1f8
43ec631c14060e4d10a7fc3b6b96296f20e718d65fb51558370d41eda08a3ddc
4524d395f87e795e7d6fbba4267ca327eac663122e1c614e45617a1234009ac1
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
53c25ccb7181178c52c32fdf5e58a55d730bbfe8e45db600886adfb33d88411b
54138d578ed166d5381db70b3dd14a16830233553b6e4213402bae2fdb0564b4
560ff2564fbf2bef305cf0e9533c4db2671c96297d978fd31ac0310727fe455f
5b6656e316c03a551cbdeb95f1aed0acdffeb7b3ce743144573475dd3b8133fe
5e7b471a7b5dcd0107a7a7d6e057c7a6377f258a3bf28087ce83711e0ae4826a
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f02981bfcab6807a15ddfea1babc7cee05cd0f1f59abe712928de44fb6c1f0d
5ffc51cd531890768c5cc411b81d0bcc046de7d931f761a514f5d7f1a6722fbe
6046d093577dcb97486df8d383ce88f3240ec1cedf6bc53b4f12918538f96c8f
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd
631c6a3617e2f5860eaa62155f5200b6ca156c00438445f9862089ef785e4542
63d4509f461e8ee5c5fcce96dc9779253a018831a40bf1dc9b00df295d6d18bb
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf
69db8b2a48ae184507608101447b27c415dadec9f5c7265aec3c2633da5c6128
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
71c7cd191835f93c320a2008401a7972c6cfc96a04493fa92bc7d3e38d39b717
721b69cf4eaf120fb92adabdc6af644503bcba4065fbc9cd979d15096203439e
74581c25d8ec67de271196c8c78cc1c07989a5354f59b558412d908e006865c8
74b106bec8554071adaa52883f42f98b13eae0abeedb2154c8e198c70ba3cc3b
74c56dc51ea7565e74edad1a94047924a3816e1c7d57ca913326e428af3a2f7d
75481bc06d1b02e50fd1cc921a7838e3af6caa9b8c0745b50182ebf29f195e20
76a6767075fabbdca037a1dfa10819be849f21ed515071060b415a3f7c2a9a3d
77499e5217c4a813a51171d8278e1d08c2dd95033ec67453ca335ade890f68ce
78613a4243b992126f3f92da6fc039d533f3d4086eb2114731439b869ee4a4ae
7aa0de94f2a1424b10a2a72a14372c7ebd96a41a96cc86aff80bdd7e1f2a3782
7bcdcdbbd7da2c5f0fc20f50bde5abf65a0a1e5dcad641cf6dbfe126c1165015
7c619acb8aa74f04562b8dc4f67beff03f3e2e4bdaf893928cb45e3670106683
7da63b34013a7fbd5a9ff09603aa3f65bc3973af65809af1aefa903b0f053a19
7ead2ffbd903e0c7811f7451009ace1f6e4ab05855aea1a0fe9f861e0c4df992
80271a549051571c7a4445319b2e80dffad178da496b0261995fcc65f302ada8
8126d782271c43730cac45b2885c0aaaf13b2c37be7eecb615ab5a0f78200fd8
83745d91266512d4c6766c97ebedb0a01c044da97cce822ff4af6eb3a3123312
8600099f7e30b15cb09a2746c608dec0944c9a031c8b4794010ab943f2a98522
89379e975030240d9d4d5e5666d022cd01831d1f4564d12f0f5816493d9958ad
8c31f9e2aaf06e9bdda11852b2d11beb5771940fed486a7f1b2bee524012ec76
91998f86762c6801e681955069145c72b2ab0be30fa2808dd67ff49271ffde9e
954fe4f813483cd1833340c794820cb6aaec7e4fbf0ca2e37518e4564d3156a7
96d51e92e35beac4aa4bdca197244259a8a54b6f9a0eb5b3ccdaae6581e02150
9a5f00ee81f6427dc14d6a0d7398b6abc2dcf6a0a068944335f210e4cf81c4d8
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a5637934865d2aa41b2cb550b37d4f57070028d026edcc4891dd0b52e4685ae5
a690a0a04e0fefb9ca61628155a1237fe872e42a4379712d925e591676639fe8
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3
ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96
b078acca5079cc43614182feddcc9f3a3d5c733eb382d596f1cfcb7eaa82f326
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2cb57515497d75f4345929ae896c87c21f27d609aed94fb83f857e5b96f9835
b64279cca594fa5aeb52f9ba145035087b1dbb124d2f2774254248d660611e13
b68a2637743b659ee6d04965584400700ed916101df89640b3d0eee12de19013
b748ce6a5a5ea9c905bca2845dab6456c5232bead14b02fca00864562e98bfda
b764af95d9d52c77cae46fd77f6cff6380e1c56e2a72aad477cffa48417586e1
bcbae4ba04442de51d06061a1a40872e3d7af82d29090aa9ca2d72fbdbeb9c96
befd4d99b6cb8649f107a5cd1fec1055d228bdc1c001493676bb87249e9b1040
c1c9310eb6a56101c2133db372cfbe9cefb5ff6b90a02ded916984c975b813b2
c2477ed756baa8ccd67d158dfc84cc650f319865488ce1cd8793f26627df5a7f
c672e2f76cecdd1ef21f9b2ebf7f3e5fb9c2841726d009a48c5042745efc43fe
c67a13c0499ae7c614c66c292f61c1e281912de73957ce1fad9c01f8cbf3ea0c
c6b30be9e2ecab19294bbf313c1b95df4ef35c8299bbabfd6e4ec67d95a12376
cd9fd2cb6860a06d442abc01bd18adc9f0e43bbe0df67dbdf0602fb474153c74
cef718a0e010f9a07acbb967c0bf49ff1cb115a08eacd40e5bffcaab5ebb729c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d1a3bc73f51534788911fbc36f882cf5e8981830226e3b98d088519b9024aadc
d1bcc188f481bacf1d9ab4df424b1e041f10f45c85183d38bd2c079f0566dbda
d28df234c3130a0193a3829b04ba67cc51e31b8c140ae001da1424a213cce163
d3fb766c42c1d029941445a2b55369f4c38cd35385ddfcde70d25f71f41937af
d42605a78277db9f4d4b35ac625ec962a9698bd859d5341aa995ab195aa54d27
d52721391e7ab772c196cdc3bb6d1827c71fb732c235062227bfabbdc39febb4
d597e1ebd656c61acad302535e78fbda4fbede72285d83250961f468b380f11b
d5ba954163b526260314b95b75779981e8bc6645c4b3a7bd40cede3ba2799c80
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e04775740ec8b9db7622970f707a9bf458ebb5385fc1d6a414312447f8e71ab7
e1ec254792b6fe5cb168d2ce9cb1e35d15311d3b357b305a95cbfb12552477d0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40a530937915910eda0bf03ac9db7e3f49784866e9a8c26b9975b666404387e
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596
e9cf43afad0cd90d17eb4e1dd9fbd5e8bd2cf07ace134853680e06dcc1ef5ef1
eace52f4c9236e397bb51f4f1809bb353828e48b137a87c93832c59a1e5614e7
ebaf330ad588600b4b748410b4f77f3cd9c4abc18e3a240156bc6ac9814cf896
ebbccb935eee18dbf94446cdb6d002dc9c47fcf1e6d7dc4b821ae9f560abe015
eccd35a63a7b80bbfd3a64bb7be75b327bf9292b7c603c8d31c0247962223819
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef024a5f6a6afe4d445fd60002ff33e71b80ca52cbaab97153e31ab62b40d379
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5fa8602198232e4f3704cf1dc886cb295af0f9906b0c9d63777b5f49852b84
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093
f1fa80b61bdb9a26b58efaa1f7f141c8b77a201a06ead0535ba06fd683f757f8
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
f487dd5f3296946a50218dc22720a9ed1b777b3e1f793c9f8d434cf4ba27764a
f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d
f6f9b28ce46bc46d6dc12b7a3e09437e46b159144cf7ea835cfd4702cad05ad8
f75772cc182eeecd95e8887564f7d5b21bbd6c035b3d664ece5a6893071db987
f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2
f9d5825f45f54728f0f11e972c478ec25c78590c495921dadee0038fb5512cb9
fa3748e2366d5ba5f4a7b6c8154809725b6bfb7843743837384c70f060b33503

www.heraldsun.com.au Open in urlscan Pro 95.101.184.145 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

274 Requests

99 %HTTPS

27 %IPv6

55 Domains

90 Subdomains

74 IPs

9 Countries

5482 kBTransfer

8740 kBSize

5 Cookies

55 Outgoing links

Page URL History

Redirected requests

274 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.heraldsun.com.au Open in urlscan Pro
95.101.184.145 Public Scan

Screenshot
Live screenshot

Full Image

274
Requests

99 %
HTTPS

27 %
IPv6

55
Domains

90
Subdomains

74
IPs

9
Countries

5482 kB
Transfer

8740 kB
Size

5
Cookies

274 HTTP transactions
5 data transactions